HAProxy community

Appending a path and redirecting URL

I’m using haproxy 1.8…working well with termination and pass-through…i’m trying to no avail to add additional servers with a path name appended e.g. below is a front-end and back-end that is working … however … i’m using redir which is fine inside the firewall but i want to go through haproxy and be able to access this server outside the firewall (aka unifi-backend) … foobar-unifi.ddns.net is accessible via nslookup using no-ip.com

question: how to i change
server unifi 192.168.1.16:8443 redir https://192.168.1.16:8443/manage/site/kab9w4dv/dashboard check
to allow for access to server through haproxy by accessing https://foobar-unifi.ddns.net? thanks in advance

frontend https-front
        bind unix@/var/run/haproxy.sock ssl crt /etc/letsencrypt/live/foobar.ddns.net/haproxy.pem accept-proxy
        mode http

        use_backend home-assistant-backend if { ssl_fc_sni -i foobar-ha.ddns.net }
        use_backend nextcloud-backend if { ssl_fc_sni -i farbar-nc.ddns.net }
        use_backend blueiris-backend if { ssl_fc_sni -i foobar-bi.ddns.net }
        use_backend pihole-backend if { ssl_fc_sni -i foobar-dns.ddns.net }
        use_backend unifi-backend if { ssl_fc_sni -i foobar-unifi.ddns.net }
        use_backend unms-backend if { ssl_fc_sni -i foobar-unms.ddns.net }
        use_backend haproxy-backend if { ssl_fc_sni -i foobar-haproxy.ddns.net }
        default_backend blueiris-backend

backend unifi-backend
        mode http
        server unifi 192.168.1.16:8443 redir https://192.168.1.16:8443/manage/site/kab9w4dv/dashboard check
        http-request set-header X-Forwarded-Port %[dst_port]
        http-request add-header X-Forwarded-Proto https if { ssl_fc }

Your issue is that the configuration is wrong, first of all.

192.168.1.16:8443 is HTTPS but you did not configure haproxy for it. You have to add the ssl keyword (and the ca with ca-file or disable cert verification with verify none) to that server line. Then remove the redir configuration, which you probably don’t need at all in the first place (it just happend to workaround your primary issue, which is that the unifi-backend is configured wrong).

If you still want to redirect in the backend from / to /manage/site/kab9w4dv/dashboard (which I don’t think you need), then put a redirect in there:

http-request redirect location /manage/site/kab9w4dv/dashboard if { path / }

thanks that worked … dan