Need help adapting HA Proxy config to pfSense package

shadeless

Hi all,

I' m trying to adapt a sample ha proxy config which is text based to the web-based config on the pfSense package.

frontend https
  bind :::443 v4v6 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1
  http-request set-header X-Forwarded-Proto https if { ssl_fc }
  http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
  http-request set-header X-Forwarded-For %[src]

  # Matrix client traffic
  acl matrix-host hdr(host) -i matrix.example.com matrix.example.com:443
  acl matrix-path path_beg /_matrix
  acl matrix-path path_beg /_synapse/client

  use_backend matrix if matrix-host matrix-path

frontend matrix-federation
  bind :::8448 v4v6 ssl crt /etc/ssl/haproxy/synapse.pem alpn h2,http/1.1
  http-request set-header X-Forwarded-Proto https if { ssl_fc }
  http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
  http-request set-header X-Forwarded-For %[src]

  default_backend matrix

backend matrix
  server matrix 127.0.0.1:8008

I think i got the backend config and the ACL part of the frontend config correct

But I have no idea how i should configure this part:

http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
http-request set-header X-Forwarded-For %[src]

Do i have to do something in the "Actions" part as well, or can i paste the config somewhere directly?

Any help would be greatly appreciated!

Thanks

shadeless

Ok for anyone who may need this in the future:

It's as simple as pasting that config portion into the "Advanced pass through" box

Tested and verified by writing a webserver to debug the headers.