HAProxy as SSL Reverse Proxy Behind Single IP



  • Having troubles with reqirep understanding and implementation.

    For my webroot (my-domain.com) index.html is on a server within a folder named my-domain.com with index.html inside.

    
    reqirep  ^([^\ :]*)\ /(.*) \1\ /my-domain.com/\2
    
    

    This works fine for a simple website, but I have one strange creature that only works by landing in the root folder. I'll try to give brief background. I have a photo website that can be accessed by photo.my-domain.com which redirects to photo.my-domain.com/~user1/photo. Currently, the index.html redirects to only the 1 username, and simply changing it out allows it to work with other users.

    1. Is there an easy way to specify an index.html by a URL in the same root, such as user1.photo.my-domain.com will look at root/index1.html and user2.photo.my-domain.com will look at root/index2.html? I tried this yesterday with the above code and placing the index.html inside root/user1/ (redirecting to */~username/photo), but for some reason the server responds with it's own unavailable page, thus making HAProxy keep the 'Online' status for that server… not exactly what I am going for.

    2. If these redirects remain, that is fine, but a URL rewrite would be awesome. user2.photo.my-domain.com is actually photo.my-domain.com/~User2/photo



  • I was wondering if you can comment on any updates using this.  I have a DSM, photo station, a web server, etc…  Things are working OK but I'd like to do certificate authentication, which led me to looking at getting a wildcard ssl cert, which then made me start wondering about my setup.

    Are things still working for you OK?  If possible, can you post your latest configs so I can use them as an example?

    Thanks!



  • Perhaps YOU can post your latest configs.? Then maybe we can tell what might be wrong.?

    *And anyhow starting a new topic would probably be better than resurrecting a 2 year old topic.



  • @wiz561– I've moved away from Synology due to lack of integration between applications. Nothing against them, I do really like their products out of the box. I've moved to NextCloud, Google Photos, & dedicated web servers for hosting. I still do use HAProxy as discussed in this thread.

    I do believe Synology has since integrated a reverse proxy server right into DSM. You might want to check it out--I have never used it, so I can't officially vouch for it.

    For what it is worth, my latest HAProxy config is shown here: https://forum.pfsense.org/index.php?topic=146701.msg796970#msg796970.


Log in to reply