Ombi + Haproxy stuck on loading
-
Odd for sure - but I am unable to duplicate this problem.. Have you tried with haproxy and not doing ssl offload? Does that work?
-
Not sure exactly how to test that. But just unchecking the box for ssl offloading and typing http in front of my current domain name doesn't work at all.
-
Well you should prob do a sniff and see what is going on.. Sniff on your server and pfsense.
-
What application and base URL do you have on ombi?
Also are you basically doing this? I have tried the ACL in the single front end and as a separate one like this guide shows with no change.
https://blog.devita.co/pfsense-to-proxy-traffic-for-websites-using-pfsense/ -
Hey @johnpoz
I don't have exact same situation but a very similar one... I have a setup of 2 physical servers (Test and Prod). Along with this, I have a high spec laptop which has got VMWare in it where I run 4 different servers (Win, Ubuntu & Kali) but at any given point of time, I connect a maximum of 2 such VMs. So in a worst-case scenario, I can have 2 physical servers and 2 VMs connected on 4 different backends.
And this has been working perfectly fine for the last 3-4 months... I am pretty sure that I have not made any changes (I did not even upgrade to 2.4.5_1) but for some reason, I keep getting 503 error and I can literally see my backend going down and coming up and this has become so frequent that it is now getting painful.
Along with this my traffic graph is also looking very weird... there is a lot more colours on the dashboard than what I have ever seen or would like to see. PFA few screenshots at different time, do you think it is dodgy or is it only me who is panicking? (Opt port is Server, LAN is connected with home/office devices).
Having said that, the only 2 changed that I have done in recent past are (I don't think anyone of them has got any relation to regular 503 error):
1.> I have enabled scheduled backup which happens late night2.> I port forwarded port 22 and after 2 weeks few of my automated mail did not come... after investigation, I found out that there were 1000s of DoS and bots trying to access my SSH and Postfix server and my mail log file which should be less than 50 Kb was more than 100 MB... so I disabled the natting, cleared log and after 24 hours... things have got better.
So finally, as per your suggestion above, I have changed the health check of my backend from HTTP to None and then Basic...
But won't you consider it as a compromise? "HTTP" gives you a standard health check, "Basic" is almost nothing and "None" is like I am closing my eyes because I don't care. So a real solution should actually work with HTTP. Right now we are only putting a workaround. Isn't it?
I am monitoring the server now and if I see any changes (+ve or -ve), I will update you accordingly.
Many Thanks,
Rav -
How you monitor your backend is up to you.. I have zero use for monitoring this specific backend.. Zero.. Why should I send packets to it every X seconds be it ping, http get or whatever..
If you want to monitor it, http works just fine.. I personally don't have need for monitoring this system.. Do you monitor that your dishwasher is off or on? ;)
The system runs with my nas, which is always ON.. And if not would know it for sure.. My plex is monitored - and would know within 5 minutes if off.. This sub system that runs as a docker, have zero need to monitor ;)
No its not a compromise - its a choice..
-
Logic... ehh?
I did not know the details, so I asked and now that you have explained me what it is for, I am tempted to agree with you... it is not a compromise, it is a choice. Good one Sir Johnpoz.
Any insight on my why my traffic shape is so weird? Do you see anything fishy there or is it standard stuff? I read somewhere mirror image is not a good sign - is that true? Should I be worried?
Many Thanks,
Rav -
@rekd0514 said in Ombi + Haproxy stuck on loading:
What application and base URL do you have on ombi?
Also are you basically doing this? I have tried the ACL in the single front end and as a separate one like this guide shows with no change.
https://blog.devita.co/pfsense-to-proxy-traffic-for-websites-using-pfsense/Sorry, can you answer my question? You seem to be very professional!
How to Connect Ombi with Radarr?? -
@valentinius You just use the IP and port of the device you are running Radarr on and the API key from Radarr is put into Ombi as well.
-
Not sure if I did anything, but this randomly started working for me again. Only thing I can think of that changed is Transparent ClientIP is turned off now.
