Map wildcard domain to backend via map

Help!
1

Hello,

In my current setup I have a backends.map file mapping fqdn to backend name:

backends.map file:
somehost.somedomain.com back-someservice

Frontend use_backend line:
use_backend %[req.hdr(host),lower,map_dom(/etc/haproxy/backends.map)]

Now I’d like to map a wildcard domain to a backend such that:

hosta.somedomain.com -> back-servicea
hostb.somedomain.com -> back-servicea
hostc.somedomain.com -> back-servicea

I don’t want to specify each line individually, I’d rather use a regex or wildcard to do this. For example:

backends.map file:
*.somedomain.com back-servicea

Tried doing this with the way I have the current use_backend line setup and that does not seem to work. Anyone know how this can be accomplished?

Thanks,
Paul

2

You should be able to do this with map_reg (regex) or any of the other map_ methods, like map_end or map_sub, whatever works best for you:

3

Iam trying to get something similar to work, I would also like to map wildcard

frontend somewildcard_sub.mydomain.com to somewildcard_sub_myservice backend
without repeating all those frontends to backends mappings.

4

If I were to use map_reg then I’d have to have all regexes in the backends.map file, and I don’t want to do that. I ended up creating an acl, then putting a use_backend entry if before the use_backend on the map, like this:

acl is_statsurl hdr(host) -m end stats.domain.com
use_backend back-stats if is_statsurl
use_backend %[req.hdr(host),lower,map_dom(/etc/haproxy/backends.map)]

that way all *.stats.domain.com requests are routed to the stats backend, while others route via the map.

5

having difficulty getting mapping to work in my setup. As its currently defined i have a frontend redirect from http (html mode) to https (tcp mode), with the default_backend set in https (in tcp mode) as i do all ssl termination on the backend servers where i host a multisite cert *.stage.mydomain.com

current working
frontend localhost_http
bind *:80
mode http
option forwardfor except 127.0.0.0/8
option http-buffer-request
maxconn 100000
redirect scheme https

frontend localhost_https
bind *:443 name https
mode tcp
option tcplog
tcp-request inspect-delay 2s
default_backend mybackend1

backend mybackend1
mode tcp
balance roundrobin
option tcp-check
option tcp-smart-connect
server app1.mydomain.com xxx.xxx.xx.x:443 send-proxy check maxconn 100
server app2.mydomain.com xxx.xxx.xx.x:443 send-proxy check maxconn 100

Im trying to add domain mapping to allow multiple backends by making the following changes to my frontend while still allowing the multi-site cert and domains to be served to mybackend1

changed for mapping
frontend localhost_https

#default_backend mybackend1
use_backend %[req.hdr(host),lower,map_dom(/etc/haproxy/maps/hosts.map,mybackend1)]

backend mybackend1

backend mybackend2

contents of hosts.map:
#domainname backendname
*.stage.mydomain.com mybackend1
api.mydomain.com mybackend2

however when i make the change above suddenly i am getting termination errors on all my domains and none will resolve.

What am I missing?

6

Unfortunatly this does not seem to work on pfSense with HA package… :frowning: