I am somewhat frustrated with putthing a software called ELOG behind HAProxy. I am running tons of services behind HAProxy in a Docker Swarm and everything works flawlessly but ELOG does not want to.
First: I have a working Docker image and the ELOG software is working properly when I run it as a standalone container or in a swarm. The problems arise when I put it behind HAProxy.
I currently have a live instance running using ELOG 3.1.4-3 (latest version at the moment) where one can see that creating a post causes a “Invalid Content-Length in header”
https://elog.test.km3net.de/demo/
I also contacted the ELOG forums, first last year with my first attempt running EOG 3.1.3 behind HAProxy, which always resulted in an infinte redirect-loop right after the user authentication. With an empty password file, it worked. We however need accounts…
I assume now that the problem lies in the ELOG software. It might be some wrongly implemented RFCs (see Invalid Content-Length) or some other bug. However, I did not get anything helpful out of the dev or the ELOG community so I thought I try to contact HAProxy experts, maybe there is a way to solve or debug this issue from this side.
Anyways, long story short, my configuration of HAProxy looks like this:
frontend default
bind *:80
bind *:443 ssl crt /etc/ssl/private/ # strict-sni
# default_backend no-match
http-request set-header X-Forwarded-For %[src]
http-request redirect scheme https code 301 unless { ssl_fc }
# this is experimental, to see if ELOG needs it => makes no difference
# http-request set-header X-Forwarded-Proto https if { ssl_fc }
#http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
reqadd X-Forwarded-Proto:\ https
option http-server-close
option forwardfor
option httpclose
# tons of acls and backends here, left out for clarity
acl ACL_elog.km3net.de hdr(host) -i elog.test.km3net.de elog.km3net.de
use_backend be_elog.km3net.de if ACL_elog.km3net.de
backend be_elog.km3net.de
mode http
server-template km3net-elog- 1 km3net-elog_elog:8080 check resolvers docker init-addr libc,none
and the only log entry in HAProxy I get when I hit “submit” on the web page is:
haproxy-service_haproxy.1.we522bmf647t@ecap-s029 | <150>Jan 25 14:38:41 haproxy[398]: 10.0.0.2:50792 [25/Jan/2023:14:38:41.332] default~ be_elog.km3net.de/km3net-elog-1 0/0/1/1/2 404 732 - - ---- 1/1/0/0/0 0/0 "POST /demo/ HTTP/1.1"
So there is some “404” for POST request, which I don’t know where it comes from.
By any chance, does anyone has a clue what I could do to get more information out of this?