I use HAProxy as reverse proxy for serving a couple of hobby projects.
All projects runs in Linux containers.
I choose to terminate the SSL inside the containers.
This is a simplified mockup of the infrastructure.
Is it even possible to forward the real client IP that connects to HAProxy to for example nc.mydomain.tld without terminating the SSL on HAProxy?
I have tried some different changes and A few of these, the SSL handshake fails because the SSL header is wrong size. That somehow indicates that HAProxy does add something to the connect. Is this an indicator that it is my webserver which do not understand the proxy_protocol correctly?