HAProxy community

Dynamic server name and header

I’m looking for the equivalent of this code block below for requests to www.example.com and example.com. Can I do string concatenation like this?

http-response set-header X-Target  example.com
server web-servers  site.example.com:80 check

This is what I want to try. I just want to know if I’m crazy.

http-response set-header X-Target  %[req.hdr(Host)]
server web-servers  site.%[req.hdr(Host),regsub(^www.,,)]:80 check

HA-Proxy version 1.8.12-8a200c7 2018/06/27

I’m getting this error when I try haproxy -c -f haproxy.test

[root@pm-prod-haproxy05 haproxy]# haproxy -c -f haproxy.test
[ALERT] 259/180932 (16116) : parsing [haproxy.test:40]: ‘http-response set-header’: sample fetch <req.hdr(Host)> may not be reliably used here because it needs ‘HTTP request headers’ which is not available here.
[ALERT] 259/180932 (16116) : Error(s) found in configuration file : haproxy.test
[root@pm-prod-haproxy05 haproxy]#

Please just explain what you are actually trying to do in the first place.

Got it, you want to the destination server to be based on the Host header.

This is not advisable; haproxy is a reverse proxy/load balancer, not a forwarding proxy like squid.

However you may be able to achieve some of this with the http-request do-resolve directive, but YMMV.

I have SSL on a HA Proxy server and they’re all named with the domain and www.domain names. The servers behind have the name site.domain so it wouldn’t be a wide open proxy and only work for sites that have site. before the domain name. I’ve had to copy and paste the same chunk of code for every domain to make it work and I was just hoping I could make it happen a bit more dynamically.

I reviewed the code for this but I don’t see how I could do string concatenation.

 http-request do-resolve(txn.myip,mydns,ipv4) hdr(Host),lower

This is my configuration and I was really hoping to simply it.

global
    log         127.0.0.1 local2 debug
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy_privsep
    group       haproxy_privsep
    daemon
    stats 	socket 	/var/lib/haproxy/stats
    tune.ssl.default-dh-param 1024

defaults
    mode                    http
    option                  httplog
    log                     global
    option                  dontlognull
    option                  http-server-close
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

frontend frontend-http-https

    bind 162.250.54.32:80
    bind 162.250.54.32:443 ssl crt /etc/haproxy/ssl

    acl example1 hdr(host) -i example1.com
    acl example1 hdr(host) -i www.example1.com
    acl example2 hdr(host) -i example2.com
    acl example2 hdr(host) -i www.example2.com
    acl example3 hdr(host) -i example3.com
    acl example3 hdr(host) -i www.example3.com
    acl example4 hdr(host) -i example4.com
    acl example4 hdr(host) -i www.example4.com
    acl example5 hdr(host) -i example5.com
    acl example5 hdr(host) -i www.example5.com
    acl example6 hdr(host) -i example6.com
    acl example6 hdr(host) -i www.example6.com
    acl example7 hdr(host) -i example7.com
    acl example7 hdr(host) -i www.example7.com
    acl example8 hdr(host) -i example8.com
    acl example8 hdr(host) -i www.example8.com
    acl example9 hdr(host) -i click.creditfundly.com
    acl example10 hdr(host) -i example10.com
    acl example10 hdr(host) -i www.example10.com
    acl example11 hdr(host) -i example11.biz
    acl example11 hdr(host) -i www.example11.biz
    acl example12 hdr(host) -i example12.com
    acl example12 hdr(host) -i www.example12.com
    acl woobasics hdr(host) -i woobasics.com
    acl woobasics hdr(host) -i www.woobasics.com
    acl example13 hdr(host) -i example13.com
    acl example13 hdr(host) -i www.example13.com
    acl example14 hdr(host) -i example14.com
    acl example14 hdr(host) -i www.example14.com
    acl example15 hdr(host) -i example15.com
    acl example15 hdr(host) -i www.example15.com
    acl example16 hdr(host) -i example16.com
    acl example16 hdr(host) -i www.example16.com
    acl example17 hdr(host) -i example17.com
    acl example17 hdr(host) -i www.example17.com
    acl example18 hdr(host) -i example18.com
    acl example18 hdr(host) -i www.example18.com
    acl example19 hdr(host) -i example19.com
    acl example19 hdr(host) -i www.example19.com
    acl example20 hdr(host) -i example20.com
    acl example20 hdr(host) -i www.example20.com
    acl example21 hdr(host) -i example21.com
    acl example21 hdr(host) -i www.example21.com
    acl example22 hdr(host) -i example22.com
    acl example22 hdr(host) -i www.example22.com
    acl example23 hdr(host) -i example23.com
    acl example23 hdr(host) -i www.example23.com
    acl example24 hdr(host) -i example24.com
    acl example24 hdr(host) -i www.example24.com
    acl example25 hdr(host) -i example25.com
    acl example25 hdr(host) -i www.example25.com
    acl example26 hdr(host) -i example26.com
    acl example26 hdr(host) -i www.example26.com
    acl example27 hdr(host) -i example27.com
    acl example27 hdr(host) -i www.example27.com
    acl example28 hdr(host) -i example28.net
    acl example28 hdr(host) -i www.example28.net
    acl example29 hdr(host) -i example29.com
    acl example29 hdr(host) -i www.example29.com
    acl example30 hdr(host) -i example30.com
    acl example30 hdr(host) -i www.example30.com
    acl example31 hdr(host) -i example31.net
    acl example31 hdr(host) -i www.example31.net
    acl example32 hdr(host) -i example32.com
    acl example32 hdr(host) -i www.example32.com
    acl management path_beg -i /rd

    # check for management first and then the domains next
    use_backend backend-management if management
    use_backend backend-example1 if example1
    use_backend backend-example2 if example2
    use_backend backend-management if example9
    use_backend backend-example4 if example4
    use_backend backend-example5 if example5
    use_backend backend-lighthouse if lighthouse
    use_backend backend-example3 if example3
    use_backend backend-example6 if example6
    use_backend backend-example7 if example7
    use_backend backend-example8 if example8
    use_backend backend-example10 if example10
    use_backend backend-example11 if example11
    use_backend backend-example12 if example12
    use_backend backend-woobasics if woobasics
    use_backend backend-example13 if example13
    use_backend backend-example14 if example14
    use_backend backend-example15 if example15
    use_backend backend-example16 if example16
    use_backend backend-example17 if example17
    use_backend backend-example18 if example18
    use_backend backend-example19 if example19
    use_backend backend-example20 if example20
    use_backend backend-example21 if example21
    use_backend backend-example22 if example22
    use_backend backend-example23 if example23
    use_backend backend-example24 if example24
    use_backend backend-example25 if example25
    use_backend backend-example26 if example26
    use_backend backend-example27 if example27
    use_backend backend-example28 if example28
    use_backend backend-example29 if example29
    use_backend backend-example30 if example30
    use_backend backend-example31 if example31
    use_backend backend-example32 if example32


backend backend-example1
    option forwardfor
    redirect scheme https if !{ ssl_fc }
    http-response set-header X-Management tainted
    http-response set-header X-Target example1
    server web-vds site.example1.com:80 check

backend backend-example2
    option forwardfor
    redirect scheme https if !{ ssl_fc }
    http-response set-header X-Management tainted
    http-response set-header X-Target example2
    server web-gra site.example2.com:80 check

backend backend-example3
    option forwardfor
    redirect scheme https if !{ ssl_fc }
    http-response set-header X-Management tainted
    http-response set-header X-Target example32
    server web-esh site.example32.com:80 check

backend backend-example4
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example3
    redirect scheme https if !{ ssl_fc }
    server web-lcf site.example3.com:80 check

backend backend-example5
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example5
    server web-osad site.example5.com:80 check

backend backend-example6
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example6
    redirect scheme https if !{ ssl_fc }
    server web-gkq site.example6.com:80 check

backend backend-example7
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example7
    redirect scheme https if !{ ssl_fc }
    server web-gdq site.example7.com:80 check

backend backend-example8
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example8
    redirect scheme https if !{ ssl_fc }
    server web-geq site.example8.com:80 check

backend backend-example10
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example10
    redirect scheme https if !{ ssl_fc }
    server web-cmp site.example10.com:80 check

backend backend-example11
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example11
    redirect scheme https if !{ ssl_fc }
    server web-iny site.example11.biz:80 check

backend backend-example12
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example12
    redirect scheme https if !{ ssl_fc }
    server web-csp site.example12.com:80 check

backend backend-example13
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example13
    redirect scheme https if !{ ssl_fc }
    server web-rfs site.example13.com:80 check

backend backend-example14
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example14
    redirect scheme https if !{ ssl_fc }
    server web-rln site.example14.com:80 check

backend backend-example15
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example15
    redirect scheme https if !{ ssl_fc }
    server web-nlr site.example15.com:80 check

backend backend-example16
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example16
    redirect scheme https if !{ ssl_fc }
    server web-loa site.example16.com:80 check

backend backend-example17
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example17
    redirect scheme https if !{ ssl_fc }
    server web-cbk site.example17.com:80 check

backend backend-example18
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example18
    redirect scheme https if !{ ssl_fc }
    server web-alt site.example18.com:80 check

backend backend-example19
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example19
    redirect scheme https if !{ ssl_fc }
    server web-alt site.example19.com:80 check

backend backend-example20
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example20
    redirect scheme https if !{ ssl_fc }
    server web-cps site.example20.com:80 check

backend backend-example21
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example21
    redirect scheme https if !{ ssl_fc }
    server web-epf site.example21.com:80 check

backend backend-example22
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example22
    redirect scheme https if !{ ssl_fc }
    server web-dxs site.example22.com:80 check

backend backend-example23
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example23
    redirect scheme https if !{ ssl_fc }
    server web-asd site.example23.com:80 check

backend backend-example24
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example24
    redirect scheme https if !{ ssl_fc }
    server web-esl site.example24.com:80 check

backend backend-example25
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example25
    redirect scheme https if !{ ssl_fc }
    server web-hdt site.example25.com:80 check

backend backend-example26
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example26
    redirect scheme https if !{ ssl_fc }
    server web-slw site.example26.com:80 check

backend backend-example27
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example27
    redirect scheme https if !{ ssl_fc }
    server web-efh site.example27.com:80 check

backend backend-example28
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example28
    redirect scheme https if !{ ssl_fc }
    server web-efh site.example28.net:80 check

backend backend-example29
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example29
    redirect scheme https if !{ ssl_fc }
    server web-fmdp site.example29.com:80 check

backend backend-example30
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example30
    redirect scheme https if !{ ssl_fc }
    server web-fmdps site.example30.com:80 check

backend backend-example31
    option forwardfor
    http-response set-header X-Management tainted
    http-response set-header X-Target example31
    redirect scheme https if !{ ssl_fc }
    server web-nsps site.example31.net:80 check

backend backend-management
    option forwardfor
    http-response set-header X-Management management
    http-request set-uri %[url,regsub(^/rd,/,)]
    server web-hp www.example32.com:80 check