Squid as HAProxy backend

Hi Everybody,

Recently I needed to setup a Squid (forward) proxy so I can access some resources that I can’t access directly from my home / work IP. I deployed Squid in a container on my VPS, setup authentication and I added it into Firefox and everything works great. I can access the resources.

The only problem is that the default port 3128 will not be accessible from some Wi-Fi that I often connect from since these network have firewalled outbound connections to a very limited range like 80, 443…

I already have HAProxy running in another container that listens on 80 and 443, terminates SSL and sends traffic based on domain names (hdr(host) -i ...) to different containers that run different websites and therefore I cannot use ports 80/443 for the Squid proxy.

I was thinking, can anyone please tell me is it possible to use Squid as a backend when using mode http? I’m sure I can use it with mode tcp but I need to use mode http for everything else to work.

I tried to add Squid as a backend like I would do with any other website without SSL termination:

...
acl serv-squidproxy hdr(host) -i subdomain.mydomain.com
...
use_backend   myhttp-serv-squidproxy if serv-squidproxy
...
backend myhttp-serv-squidproxy
        mode http
		# squidproxy is in /etc/hosts
        server squidproxy squidproxy:3128

But when I try to run curl from a different server:

curl --proxy 'subdomain.mydomain.com:80' --proxy-user 'user123:password123' 'http://www.google.com/'

I get

<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>

Which mean it does not work (it would work just fine if squidproxy was a container with Nginx).

Could you please tell me, is it possible to make this work?

Thank you.

Kind regards,

Ben H.