The local port is added during a move (302)

Help!
1

Introduction

I recently installed and configured HaProxy with a NGinx server, but I have a problem, when my NGinx server moves the user (302), in the new location, it adds the local port.

Here’s a demonstration example :

If we take a folder tree like this

$ tree public_html
public_html
├── toto
│   └── index.html
├── index.html

When the user makes the following query, we’ll get this result :

$ curl -iL exemple.com/toto
HTTP/1.1 302 Found
content-length: 0
location: https://exemple.com/toto
cache-control: no-cache

HTTP/2 301 
server: nginx/1.26.1
date: Wed, 26 Jun 2024 06:18:40 GMT
content-type: text/html
content-length: 169
location: http://exemple.com:3333/toto/
strict-transport-security: max-age=16000000; includeSubDomains; preload;

curl: (7) Failed to connect to exemple.com port 3333 after 10 ms: Couldn't connect to server

My configuration

HaProxy.cfg :

$ cat /etc/haproxy/haproxy.cfg
global
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     2048
    user        haproxy
    group       haproxy
    daemon

    stats socket /var/lib/haproxy/stats

    ssl-default-bind-options ssl-min-ver TLSv1.2

    ssl-default-bind-ciphers PROFILE=SYSTEM
    ssl-default-server-ciphers PROFILE=SYSTEM

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000


frontend exemple.com
    mode http
    bind :80
    bind :443 ssl crt /etc/haproxy/certs/exemple.com.pem
    http-request redirect scheme https unless { ssl_fc }
    http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"

    default_backend back_exemple.com

backend back_exemple.com
    balance roundrobin
    server server1 127.0.0.80:3333 check

exemple.conf :

$ cat /etc/nginx/conf.d/exemple.com.conf
server {
	listen 127.0.0.80:3333;
	root /var/www/exemple.com/public_html;
	index index.php index.html;

	access_log /var/log/nginx/example.com.access.log;
    	error_log /var/log/nginx/example.com.error.log;

    	location ~ \.php$ {
        	try_files $uri = 404;
        	fastcgi_pass unix:/run/php-fpm/www.sock;
        	fastcgi_index   index.php;
        	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        	include fastcgi_params;
    	}
}

Conclusion

I suspect that I must have missed a step in the HaProxy configuration, but I can’t find on the internet how to correct this, I don’t know if you could help me?

2

Looks like nginx added that, so perhaps you should adjust your nginx configuration to prevent it from forcing absolute uri on redirects.

Try this in the server block of your nginx config:

absolute_redirect off;
1 Like
3

Thank you very much, it works!