Migrating IIS Reverse Proxy to HA Proxy
-
I am currently using IIS with some inbound reverse proxy rules to do ssl offloading and forward traffic to my internal mastodon server. I'd like to relieve IIS of this responsibility and move this to pfSense with HAProxy.
I currently have 3 backends setup for the three different ports mastodon uses:
My challenge is handing the frontend. I don't see a clean (and easy) way of doing this in HAProxy. Here is what I currently have in IIS:
<rewrite> <rules> <rule name="Reverse Proxy Inbound Static Content" enabled="true" stopProcessing="true"> <match url="(.*)" /> <conditions logicalGrouping="MatchAny" trackAllCaptures="true"> <add input="{R:0}" pattern="^(500.html|sw.js|robots.txt|manifest.json|browserconfig.xml|mask-icon.svg)$" /> <add input="{R:0}" pattern="^((assets|avatars|emoji|headers|packs|sounds|system)/.*)" /> <add input="{R:0}" pattern="^(.*\.(png|ico)$)" /> </conditions> <action type="Rewrite" url="http://tatooine:8082/{R:1}" appendQueryString="true" logRewrittenUrl="true" /> </rule> <rule name="Reverse Proxy Inbound Web Socket" enabled="true" stopProcessing="true"> <match url="(.*)" /> <conditions logicalGrouping="MatchAny"> <add input="{R:0}" pattern="^(api/v1/streaming/.*)" /> </conditions> <action type="Rewrite" url="http://tatooine:4000/{R:1}" appendQueryString="true" logRewrittenUrl="true" /> </rule> <rule name="Reverse Proxy Inbound Default Rule" enabled="true" stopProcessing="true"> <match url="(.*)" /> <conditions logicalGrouping="MatchAny"> </conditions> <action type="Rewrite" url="http://tatooine:3000/{R:1}" appendQueryString="true" logRewrittenUrl="true" /> </rule> </rules> </rewrite>Is there a straightforward way to this in an HAproxy front end without having a mess of ACLs with action combinations?