jbrahy
September 18, 2019, 12:56am
1
I’m looking for the equivalent of this code block below for requests to www.example.com and example.com . Can I do string concatenation like this?
http-response set-header X-Target example.com
server web-servers site.example.com:80 check
This is what I want to try. I just want to know if I’m crazy.
http-response set-header X-Target %[req.hdr(Host)]
server web-servers site.%[req.hdr(Host),regsub(^www.,,)]:80 check
HA-Proxy version 1.8.12-8a200c7 2018/06/27
I’m getting this error when I try haproxy -c -f haproxy.test
[root@pm-prod-haproxy05 haproxy]# haproxy -c -f haproxy.test
Please just explain what you are actually trying to do in the first place.
Got it, you want to the destination server to be based on the Host header.
This is not advisable; haproxy is a reverse proxy/load balancer, not a forwarding proxy like squid.
However you may be able to achieve some of this with the http-request do-resolve directive, but YMMV.
jbrahy
September 19, 2019, 11:53pm
4
I have SSL on a HA Proxy server and they’re all named with the domain and www.domain names. The servers behind have the name site.domain so it wouldn’t be a wide open proxy and only work for sites that have site. before the domain name. I’ve had to copy and paste the same chunk of code for every domain to make it work and I was just hoping I could make it happen a bit more dynamically.
I reviewed the code for this but I don’t see how I could do string concatenation.
http-request do-resolve(txn.myip,mydns,ipv4) hdr(Host),lower
This is my configuration and I was really hoping to simply it.
global
log 127.0.0.1 local2 debug
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy_privsep
group haproxy_privsep
daemon
stats socket /var/lib/haproxy/stats
tune.ssl.default-dh-param 1024
defaults
mode http
option httplog
log global
option dontlognull
option http-server-close
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend frontend-http-https
bind 162.250.54.32:80
bind 162.250.54.32:443 ssl crt /etc/haproxy/ssl
acl example1 hdr(host) -i example1.com
acl example1 hdr(host) -i www.example1.com
acl example2 hdr(host) -i example2.com
acl example2 hdr(host) -i www.example2.com
acl example3 hdr(host) -i example3.com
acl example3 hdr(host) -i www.example3.com
acl example4 hdr(host) -i example4.com
acl example4 hdr(host) -i www.example4.com
acl example5 hdr(host) -i example5.com
acl example5 hdr(host) -i www.example5.com
acl example6 hdr(host) -i example6.com
acl example6 hdr(host) -i www.example6.com
acl example7 hdr(host) -i example7.com
acl example7 hdr(host) -i www.example7.com
acl example8 hdr(host) -i example8.com
acl example8 hdr(host) -i www.example8.com
acl example9 hdr(host) -i click.creditfundly.com
acl example10 hdr(host) -i example10.com
acl example10 hdr(host) -i www.example10.com
acl example11 hdr(host) -i example11.biz
acl example11 hdr(host) -i www.example11.biz
acl example12 hdr(host) -i example12.com
acl example12 hdr(host) -i www.example12.com
acl woobasics hdr(host) -i woobasics.com
acl woobasics hdr(host) -i www.woobasics.com
acl example13 hdr(host) -i example13.com
acl example13 hdr(host) -i www.example13.com
acl example14 hdr(host) -i example14.com
acl example14 hdr(host) -i www.example14.com
acl example15 hdr(host) -i example15.com
acl example15 hdr(host) -i www.example15.com
acl example16 hdr(host) -i example16.com
acl example16 hdr(host) -i www.example16.com
acl example17 hdr(host) -i example17.com
acl example17 hdr(host) -i www.example17.com
acl example18 hdr(host) -i example18.com
acl example18 hdr(host) -i www.example18.com
acl example19 hdr(host) -i example19.com
acl example19 hdr(host) -i www.example19.com
acl example20 hdr(host) -i example20.com
acl example20 hdr(host) -i www.example20.com
acl example21 hdr(host) -i example21.com
acl example21 hdr(host) -i www.example21.com
acl example22 hdr(host) -i example22.com
acl example22 hdr(host) -i www.example22.com
acl example23 hdr(host) -i example23.com
acl example23 hdr(host) -i www.example23.com
acl example24 hdr(host) -i example24.com
acl example24 hdr(host) -i www.example24.com
acl example25 hdr(host) -i example25.com
acl example25 hdr(host) -i www.example25.com
acl example26 hdr(host) -i example26.com
acl example26 hdr(host) -i www.example26.com
acl example27 hdr(host) -i example27.com
acl example27 hdr(host) -i www.example27.com
acl example28 hdr(host) -i example28.net
acl example28 hdr(host) -i www.example28.net
acl example29 hdr(host) -i example29.com
acl example29 hdr(host) -i www.example29.com
acl example30 hdr(host) -i example30.com
acl example30 hdr(host) -i www.example30.com
acl example31 hdr(host) -i example31.net
acl example31 hdr(host) -i www.example31.net
acl example32 hdr(host) -i example32.com
acl example32 hdr(host) -i www.example32.com
acl management path_beg -i /rd
# check for management first and then the domains next
use_backend backend-management if management
use_backend backend-example1 if example1
use_backend backend-example2 if example2
use_backend backend-management if example9
use_backend backend-example4 if example4
use_backend backend-example5 if example5
use_backend backend-lighthouse if lighthouse
use_backend backend-example3 if example3
use_backend backend-example6 if example6
use_backend backend-example7 if example7
use_backend backend-example8 if example8
use_backend backend-example10 if example10
use_backend backend-example11 if example11
use_backend backend-example12 if example12
use_backend backend-woobasics if woobasics
use_backend backend-example13 if example13
use_backend backend-example14 if example14
use_backend backend-example15 if example15
use_backend backend-example16 if example16
use_backend backend-example17 if example17
use_backend backend-example18 if example18
use_backend backend-example19 if example19
use_backend backend-example20 if example20
use_backend backend-example21 if example21
use_backend backend-example22 if example22
use_backend backend-example23 if example23
use_backend backend-example24 if example24
use_backend backend-example25 if example25
use_backend backend-example26 if example26
use_backend backend-example27 if example27
use_backend backend-example28 if example28
use_backend backend-example29 if example29
use_backend backend-example30 if example30
use_backend backend-example31 if example31
use_backend backend-example32 if example32
backend backend-example1
option forwardfor
redirect scheme https if !{ ssl_fc }
http-response set-header X-Management tainted
http-response set-header X-Target example1
server web-vds site.example1.com:80 check
backend backend-example2
option forwardfor
redirect scheme https if !{ ssl_fc }
http-response set-header X-Management tainted
http-response set-header X-Target example2
server web-gra site.example2.com:80 check
backend backend-example3
option forwardfor
redirect scheme https if !{ ssl_fc }
http-response set-header X-Management tainted
http-response set-header X-Target example32
server web-esh site.example32.com:80 check
backend backend-example4
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example3
redirect scheme https if !{ ssl_fc }
server web-lcf site.example3.com:80 check
backend backend-example5
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example5
server web-osad site.example5.com:80 check
backend backend-example6
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example6
redirect scheme https if !{ ssl_fc }
server web-gkq site.example6.com:80 check
backend backend-example7
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example7
redirect scheme https if !{ ssl_fc }
server web-gdq site.example7.com:80 check
backend backend-example8
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example8
redirect scheme https if !{ ssl_fc }
server web-geq site.example8.com:80 check
backend backend-example10
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example10
redirect scheme https if !{ ssl_fc }
server web-cmp site.example10.com:80 check
backend backend-example11
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example11
redirect scheme https if !{ ssl_fc }
server web-iny site.example11.biz:80 check
backend backend-example12
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example12
redirect scheme https if !{ ssl_fc }
server web-csp site.example12.com:80 check
backend backend-example13
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example13
redirect scheme https if !{ ssl_fc }
server web-rfs site.example13.com:80 check
backend backend-example14
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example14
redirect scheme https if !{ ssl_fc }
server web-rln site.example14.com:80 check
backend backend-example15
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example15
redirect scheme https if !{ ssl_fc }
server web-nlr site.example15.com:80 check
backend backend-example16
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example16
redirect scheme https if !{ ssl_fc }
server web-loa site.example16.com:80 check
backend backend-example17
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example17
redirect scheme https if !{ ssl_fc }
server web-cbk site.example17.com:80 check
backend backend-example18
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example18
redirect scheme https if !{ ssl_fc }
server web-alt site.example18.com:80 check
backend backend-example19
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example19
redirect scheme https if !{ ssl_fc }
server web-alt site.example19.com:80 check
backend backend-example20
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example20
redirect scheme https if !{ ssl_fc }
server web-cps site.example20.com:80 check
backend backend-example21
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example21
redirect scheme https if !{ ssl_fc }
server web-epf site.example21.com:80 check
backend backend-example22
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example22
redirect scheme https if !{ ssl_fc }
server web-dxs site.example22.com:80 check
backend backend-example23
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example23
redirect scheme https if !{ ssl_fc }
server web-asd site.example23.com:80 check
backend backend-example24
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example24
redirect scheme https if !{ ssl_fc }
server web-esl site.example24.com:80 check
backend backend-example25
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example25
redirect scheme https if !{ ssl_fc }
server web-hdt site.example25.com:80 check
backend backend-example26
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example26
redirect scheme https if !{ ssl_fc }
server web-slw site.example26.com:80 check
backend backend-example27
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example27
redirect scheme https if !{ ssl_fc }
server web-efh site.example27.com:80 check
backend backend-example28
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example28
redirect scheme https if !{ ssl_fc }
server web-efh site.example28.net:80 check
backend backend-example29
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example29
redirect scheme https if !{ ssl_fc }
server web-fmdp site.example29.com:80 check
backend backend-example30
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example30
redirect scheme https if !{ ssl_fc }
server web-fmdps site.example30.com:80 check
backend backend-example31
option forwardfor
http-response set-header X-Management tainted
http-response set-header X-Target example31
redirect scheme https if !{ ssl_fc }
server web-nsps site.example31.net:80 check
backend backend-management
option forwardfor
http-response set-header X-Management management
http-request set-uri %[url,regsub(^/rd,/,)]
server web-hp www.example32.com:80 check