Hi everyone,
I have a simple question about conditionals in config file.
In the following snippet, is there a way to write the “http-request set header” logic in a single statement, i mean without using two different frontends?
frontend web-front
bind 10.102.4.253:80
bind 10.102.4.253:443 ssl crt cert.pem alpn h2,http/1.1http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Proto https if { ssl_fc } default_backend web-back
Thanks,
BR
You mean by not using two http-request statements?
In general HAProxy doesn’t have any if then else construct, therefore those to statements are the only way to achieve it.
Now in particular, there are cases where you could use maps as lookup tables, as long as you can list all the possible keys, and if their values are static.
But the bigger question is “why do you need conditionals”? What are you actually trying to achieve?
Thanks for your answer. I’ll look into using a lookup table which seems more elegant to me.
So this setup is used by a number of virtualhost on the backend side. Only some of those virtualhost needs to redirect requests to the CDN address respecting the client protocol (http/https).
I could set an header like “http-request set-header X-SSL %[ssl_fc]” and then use some “complex” logic on Apache to redirect using https only when requested.
You should know that you can declare the same ACL multiple times, and it acts as a sort of OR. Alternatively you can list multiple values to be matched towards, and again they represent an OR.
For example:
acl should-redirect req.hdr(Host) -i whatever.com whatever.net
acl should-redirect req.hdr(Host) -i somethingelse.info
acl should-redirect path -m beg /secure/
http-request redirect scheme https if should-redirect