Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfsense haproxy multi services

    Scheduled Pinned Locked Moved Cache/Proxy
    6 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pitou
      last edited by

      Hi, I would like to use haproxy as a reverse proxy for my nas synology applications.
      To start haproxy is installed via package on pfsense. I have a let's encrypt certificate installed.

      A long time ago I had installed haproxy directly in a synology nas that I was able to configure to have example mydomain.net/radarr, mydomain.net/sonarr, mydomain.net/transsimission and mydomain.net/dsm working without any problem...

      I want to reproduce the same operation with the trio pfsense + let's encrypt + haproxy. I would like to use my hostname ex: servertintin.net/dsm pointing to 192.168.x.99:5000 (the dsm interface) then servertintin.net/sonarr pointing to 192.168.x.99:8310 (the sonarr application) .
      I can only get the dsm interface with servertintin.net.
      servertintin.net/sonarr for example gives me sorry, the page you are looking for is not found. I would also like with the same hostname servertintin.net/jeedom access to the interface of jeedom, 192.168.x:88:80
      I have a 503 error page. Basically I would like to associate the application names to the port number through a single hostname.Is it possible to do that?

      Thank you in advance for taking the time to help me.

      kiokomanK 1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8 @pitou
        last edited by kiokoman

        @pitou
        yes it's possible, maybe show with a screenshot your configuration
        but basically you create a backend with name dsm - address+port 192.168.x.99 5000
        shared frontend with name dsm condition path start with /dsm
        use backend dsm - acl dsm
        repeat for the other path

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        P 2 Replies Last reply Reply Quote 0
        • P
          pitou @kiokoman
          last edited by pitou

          @kiokoman Thank your for you help,
          okay All right, I'm trying to keep it simple
          I access the nas (DSM) interface with darkserver20.ddns.net which points to 192.168.x.101:5000, but adding darkserver20.ddns.net/radarr which points to 192.168.x.101:8310

          I have a blank page with the loading for the dsm interface and
          a blank page with the sorry message, the page you are looking for is not found or a completely blank page for darkserver20.ddns.net/radarr

          Here is screenshot of frontend and backend and .Frontend2.png Frontend1.png Frontend.png Frontend3.png

          backend1.png backend.png backend2.png

          kiokomanK 1 Reply Last reply Reply Quote 0
          • kiokomanK
            kiokoman LAYER 8 @pitou
            last edited by kiokoman

            @pitou
            try to create a different backend, one for port 5000 and one for port 8310
            also try with "Path start with:" instead of "Path ends with:"
            you need to find something else for the first acl, that acl will always match. maybe you can omit acl and use it as default backend if nothing else match

            ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
            Please do not use chat/PM to ask for help
            we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
            Don't forget to Upvote with the 👍 button for any post you find to be helpful.

            1 Reply Last reply Reply Quote 0
            • P
              pitou @kiokoman
              last edited by

              @kiokoman okay i got dsm interface working great with a separate backend but, I cant reach the darkserver20.ddns/radarr still the same error.

              kiokomanK 1 Reply Last reply Reply Quote 0
              • kiokomanK
                kiokoman LAYER 8 @pitou
                last edited by kiokoman

                @pitou
                because it's still redirecting to port 5000 instead of 8310
                if your backend is still Host "Matches: darkserver20.ddns.net" it will always match and be used first i suppose
                or there is something else wrong with the acl not matching for some reason I don't see, maybe post a new screenshot without cutting it

                ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                Please do not use chat/PM to ask for help
                we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.