I thought I had my configuration mostly working, but now I’m having issues. I’m running haproxy 1.8.9 on CentOS 7.5.
- server4 is NextCloud on CentOS 7.5. It was working and then stopped with no config file changes. I think it broke after updates were applied on both servers. I am able to access the NextCloud web interface from inside the network.
- I have not been able to get my Windows 2012 R2 Essentials web page (server1) to forward through HA Proxy. It is accessible locally.
- server2 and server3 are accessible from the web, but when I tried to renew a LetsEncrypt cert it wouldn’t work through haproxy. I had to give the server direct access to the web.
How do I fix these issues? My config is a follows:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode tcp
option tcplog
option dontlognull
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
frontend https
bind *:443
mode tcp
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
use_backend server1 if { req_ssl_sni -i subdomain1.domain1.com }
use_backend server2 if { req_ssl_sni -i subdomain2.domain2.net }
use_backend server3 if { req_ssl_sni -i subdomain2.domain3.com }
use_backend server4 if { req_ssl_sni -i subdomain3.domain2.net }
backend server1
mode tcp
option ssl-hello-chk
server server1 192.168.10.31:443 check
backend server2
mode tcp
option ssl-hello-chk
server server2 10.0.40.3:443 check
backend server3
mode tcp
option ssl-hello-chk
server server3 10.0.40.4:443 check
backend server4
mode tcp
option ssl-hello-chk
server server4 10.0.40.6:443 check
frontend http-in
bind *:80
mode http
use_backend server1_http if { hdr(host) -i subdomain1.domain1.com }
use_backend server2_http if { hdr(host) -i subdomain2.domain2.net }
use_backend server3_http if { hdr(host) -i subdomain2.domain3.com }
use_backend server4_http if { hdr(host) -i subdomain3.domain2.net }
backend server1_http
mode http
server server1 192.168.10.31:80 check
backend server2_http
mode http
server server2 10.0.40.3:80 check
backend server3_http
mode http
server server3 10.0.40.4:80 check
backend server4_http
mode http
server server4 10.0.40.6:80 check