Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Haproxy Layer6 Issues - Intermittent Logging

    Cache/Proxy
    help haproxy ssl letsencrypt
    1
    1
    118
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vMAC
      last edited by vMAC

      I've been working on getting Haproxy to work for the last three weeks. I have filled a couple guides on YouTube that walk through the process, unfortunately something seems to be broken with my setup that isn't allowing it to work. Another issue is that I can't consistently get haproxy to even log what the issue is so I can chase down what is wrong. I've applied a patch to fix that issue, but still only get logs if I restart haproxy and it's only one line.

      Below is my config

      # Automaticaly generated, don’t edit manually.

# Generated on: 2024-06-26 20:08
Global
	Maxconn			1000
	Log			/var/run/log	local0	debug
	Stats socket /tmp/haproxy.socket level admin  expose-fd listeners
	Uid			80
	Gid			80
	Nbthread			1
	Hard-stop-after		15m
	Chroot				/tmp/haproxy_chroot
	Daemon
	Ssl-default-bind-ciphersuites	TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
	Ssl-default-server-ciphersuites	TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
	Ssl-default-bind-options	ssl-min-ver TLSv1.3 no-tls-tickets
	Ssl-default-server-options	ssl-min-ver TLSv1.3 no-tls-tickets
	Server-state-file /tmp/haproxy_server_state

Listen HAProxyLocalStats
	Bind 127.0.0.1:10 name localstats
	Mode http
	Stats enable
	Stats admin if TRUE
	Stats show-legends
	Stats uri /haproxy/haproxy_stats.php?haproxystats=1
	Timeout client 5000
	Timeout connect 5000
	Timeout server 5000

Frontend Proxy
	Bind			192.168.1.1:443 name 192.168.1.1:443   ssl crt-list /var/etc/haproxy/Proxy.crt_list  
	Mode			http
	Log			global
	Option			http-keep-alive
	Timeout client		30000
	Acl			zm	var(txn.txnhost) -m str -I zm.domain.com
	Acl			aclcrt_Proxy	var(txn.txnhost) -m reg -I ^([^\.]*)\.domain\.com([0-9]){1,5})?$
	http-request set-var(txn.txnhost) hdr(host)
	use_backend zoneminder_ipvANY  if  zm aclcrt_Proxy

backend zoneminder_ipvANY
	mode			http
	id			100
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	load-server-state-from-file	global
	option			ssl-hello-chk
	server			zm 192.168.1.15:443 id 101 ssl check inter 1000  verify none

      Any direction would be appreciated.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post