i’m using haproxy 1.8.8-1ubuntu0.4. all is working well except (see configuration below) the following
https://foobar-dns.ddns.net which continues to forward to http://foobar-dns.ddns.net/admin versus
http://192.168.5.2/admin which is required … all other entries/back-ends work. what is wrong with my backend for https://foobar-dns.ddns.net … thanks in advance, dan
backend pihole-backend
mode http
server pi-hole 192.168.5.2 no-check
http-request redirect location /admin if { path / }
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
------------------------- full haproxy.cfg
global
maxconn 100
tune.ssl.default-dh-param 2048
defaults
mode http
log global
timeout connect 20s
timeout client 50s
timeout server 50s
timeout tunnel 1h
listen stats
bind 192.168.1.235:9000
mode http
log global
maxconn 10
stats enable
stats hide-version
stats refresh 30s
stats show-node
# stats auth admin:password
stats uri /haproxy?stats
frontend https
bind *:443
mode tcp
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
use_backend openvpn-backend if { req_ssl_sni -i foobar.ddns.net }
default_backend https-back
frontend https-front
bind unix@/var/run/haproxy.sock ssl crt /etc/letsencrypt/live/foobar.ddns.net/haproxy.pem accept-proxy
mode http
use_backend home-assistant-backend if { ssl_fc_sni -i foobar-ha.ddns.net }
use_backend nextcloud-backend if { ssl_fc_sni -i foobar-nc.ddns.net }
use_backend blueiris-backend if { ssl_fc_sni -i foobar-bi.ddns.net }
use_backend pihole-backend if { ssl_fc_sni -i foobar-dns.ddns.net }
use_backend unifi-backend if { ssl_fc_sni -i foobar-unifi.ddns.net }
use_backend unms-backend if { ssl_fc_sni -i foobar-unms.ddns.net }
use_backend haproxy-backend if { ssl_fc_sni -i foobar-haproxy.ddns.net }
default_backend blueiris-backend
frontend http
bind :80
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend letsencrypt-backend if letsencrypt-acl
backend letsencrypt-backend
server letsencrypt 127.0.0.1:8888
backend https-back
mode tcp
server https-front unix@/var/run/haproxy.sock send-proxy-v2
backend openvpn-backend
mode tcp
timeout server 2h
server openvpn 192.168.1.235:444
backend haproxy-backend
mode http
server haproxy 192.168.1.235:9000 no-ssl check
http-request redirect location /haproxy?stats if { path / }
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
backend pihole-backend
mode http
server pi-hole 192.168.5.2 no-check
http-request redirect location /admin if { path / }
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
backend unifi-backend
mode http
server unifi 192.168.1.16:8443 ssl verify none check
http-request redirect location /manage/site/kab9w4dv/dashboard if { path / }
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
backend unms-backend
mode http
server unms 192.168.1.207 ssl verify none
http-request redirect location /dashboard if { path / }
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
backend home-assistant-backend
mode http
server home-assistant 192.168.1.123:8123 check
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
backend nextcloud-backend
mode http
server nextcloud 192.168.1.123:80 check
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
backend blueiris-backend
mode http
server blueiris 192.168.1.36:1050 check
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }