old. Other EOL versions are not bold, so that's inconsistent.
Enjoy your vacation!
Best regards
Tim Düsterhus
to ensure the Docker
users get the best possible version of HAProxy 2.0.
See my comment on the PR for further reference:
https://github.com/docker-library/haproxy/pull/232#issuecomment-2127829165
Best regards
Tim Düsterhus
[1]
https://github.com/docker-library/haproxy/pull/231#issuecomment-2126
, that's
why the code looks like it does.
Best regards
Tim Düsterhus
Hi
On 4/19/24 21:07, Willy Tarreau wrote:
it! I'll have a look on Monday, I'm really done for this week, need to
Monday is gone. So here's a friendly reminder :-)
Best regards
Tim Düsterhus
the situation no worse.
Best regards
Tim Düsterhus
release date) and 3.0 (incorrect release
date and incorrect EOL date). I believe they were correct before,
possibly they got broken due to some automation that didn't expect the 3
at the start of the version?
Best regards
Tim Düsterhus
is probably relevant here, unless it's
already on your radar:
https://github.com/haproxy/haproxy/issues/969
I wanted to bump it anyway in the context of CVE-2023-44487, but so far
didn't get around to reading all the related HAProxy discussion in its
entirety, yet :-)
Best regards
Tim
with the
automated update script in the past. So you likely want to unify this
one way or another.
Best regards
Tim Düsterhus
rmilux.org/msg42026.html
Best regards
Tim Düsterhus
Peter,
On 8/21/23 17:36, Tim Düsterhus wrote:
Petter,
Please apologize the typo here. It should read "Peter", of course.
Best regards
Tim Düsterhus
], thus a
new version of xxhash.h could probably be bundled (Ccing Willy).
Best regards
Tim Düsterhus
[1]
https://github.com/Cyan4973/xxHash/blame/e31acd5786bdfc7a7e1add726f532a368f18d018/xxhash.h#L5113
Hi
On 8/7/23 16:34, Aurelien DARRAGON wrote:
Oops indeed, wasn't aware of it, thank you Tim!
I don't think this is applied yet, so Cc-ing Willy.
Best regards
Tim Düsterhus
that
the site is not updated yet.
Best regards
Tim Düsterhus
PS: Will a 2.8.1 appear soon? I'm a little annoyed by the Lua bug I
fixed :-)
ot;
https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events
that are an "official" feature of web browsers / the JavaScript API
would be in violation of the HTTP semantics.
Best regards
Tim Düsterhus
Hi
On 6/13/23 15:18, Tim Düsterhus, WoltLab GmbH wrote:
please find the patch attached.
This email address is not subscribed to the list, please keep it in Cc
when replying.
Ping :-) There's also a second patch email I sent around the same time
where I'm not sending a second ping to reduce
Hi
please find the patch attached.
This email address is not subscribed to the list, please keep it in Cc
when replying.
Best regards
Tim Düsterhus
Developer WoltLab GmbH
--
WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam
Tel.: +49 331 96784338
duester...@woltlab.com
www.woltlab.com
Hi
please find two patches attached.
This email address is not subscribed to the list, please keep it in Cc
when replying.
Best regards
Tim Düsterhus
Developer WoltLab GmbH
--
WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam
Tel.: +49 331 96784338
duester...@woltlab.com
www.woltlab.com
: It's 2 years until the EOL of 2.2 now. Should it also
be marked as "critical fixes only"? See:
https://www.mail-archive.com/haproxy@formilux.org/msg41672.html
Best regards
Tim Düsterhus
documentation
patches when they are only for spelling fixes. However as this one is
directly to correct a referenced keyword we may choose to backport it.
Thanks for the clarification :-)
Best regards
Tim Düsterhus
ommit (2.8 and possible 2.7).
Best regards
Tim Düsterhus
ing a test for that, but didn't
have the time to think about how to properly test this. The CLI-based
test is also much cleaner than any Lua-based test I would likely have
created.
Best regards
Tim Düsterhus
Willy,
On 5/31/23 17:14, Willy Tarreau wrote:
HAProxy 2.8.0 was released on 2023/05/31. It added 27 new commits
after version 2.8-dev13.
Congratulations! Enjoy the release party :-)
Best regards
Tim Düsterhus
PS: Wouldn't be a "Tim email" without some minor nit. Just FYI: I mad
ig.
iif(bool,str,str): str
is reasonably similar to the config, but not identical
bool,iif(str,str): str
which I didn't mention before might possibly be the best choice?
Best regards
Tim Düsterhus
iif(str,str): str <= bool
is better, because the colon is followed by the output type, but the
order of "reading" is a little funky with the actual input on the very
right side.
Another option might be listing the "implicit" parameter as a real
parameter:
iif(bool,str,str): str
Best regards
Tim Düsterhus
What I would find clear:
bool => iif(str,str) => str
or
bool | iif(str,str) => str
or perhaps
iif(str,str): str <= bool
Best regards
Tim Düsterhus
version from
Debian Bullseye: https://packages.debian.org/bullseye/haproxy
If you're using Debian indeed, then I recommend using the repository at
haproxy.debian.net:
https://haproxy.debian.net/
Best regards
Tim Düsterhus
late on their migration
to a newer branch.
The table on HAProxy.org is not yet updated :-)
Best regards
Tim Düsterhus
the output of "haproxy -v" is because I forgot to do it when releasing,
but in my mind it's dead already. Thus it's likely to be the last 2.5,
I'm seeing you backported some additional patches, so here's a reminder
to update the output of haproxy -v.
Best regards
Tim Düsterhus
?
Wanted to bump this thread to make sure it is resolved one way or
another before the release.
Best regards
Tim Düsterhus
Developer WoltLab GmbH
--
WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam
Tel.: +49 331 96784338
duester...@woltlab.com
www.woltlab.com
Managing director:
Marcel Werk
Hi
On 4/14/23 18:42, William Dauchy wrote:
Thank you for your patch.
Do you think you could come back with a patch which is only modifying
the section you want? It seems you did a change on the full file
instead which makes the review quite hard.
It appears they changed the line endings of
Willy,
On 3/18/23 15:55, Willy Tarreau wrote:
Ah indeed, sorry for the misunderstanding, I'll do it.
I believe this did not yet happen.
Best regards
Tim Düsterhus
, we don't track it
in monitoring.
Best regards
Tim Düsterhus
Developer WoltLab GmbH
--
WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam
Tel.: +49 331 96784338
duester...@woltlab.com
www.woltlab.com
Managing director:
Marcel Werk
AG Potsdam HRB 26795 P
might've missed this patch.
Best regards
Tim Düsterhus
Hi
please find the patch attached.
This email address is not subscribed to the list, please keep it in Cc
when replying.
Best regards
Tim Düsterhus
Developer WoltLab GmbH
--
WoltLab GmbH
Nedlitzer Str. 27B
14469 Potsdam
Tel.: +49 331 96784338
duester...@woltlab.com
www.woltlab.com
Hi!
It appears that the GitHub Mirror is broken, likely due to the SSH host
key change on GitHub's end:
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
Best regards
Tim Düsterhus
Willy,
On 3/18/23 05:53, Willy Tarreau wrote:
Now applied, thank you Marcos!
It appears there was a misunderstanding: '2.2' is not referring to the
branch, but the section number on the manual. The commit needs to be
applied to haproxy-dev and then backported.
Best regards
Tim Düsterhus
Hi
On 2/14/23 17:52, Tim Düsterhus wrote:
Check with 'zless /usr/share/doc/haproxy/changelog.Debian.gz' to be
sure, but this should be the correct version. The 2 after the hyphen
indicates that this the "second version of 2.4.12" or in other words:
2.4.12 + just the security fix
ill likely come later.
Best regards
Tim Düsterhus
been part of the config when the coredump was
created.
Coredumps should never be posted in public for this reason!
Best regards
Tim Düsterhus
the amount of copy-pasting.
This is awesome and such an elegant solution, I've always been annoyed
needing to copy the default log lines just to add %ID at the end :-)
Best regards
Tim Düsterhus
appear as EOL once regenerated.
You forgot to update the background color on the home page to red :-)
PR for Docker is here:
https://github.com/docker-library/haproxy/pull/201
Best regards
Tim Düsterhus
/docker-library/haproxy/tree/master/1.8
Best regards
Tim Düsterhus
of
the organization or not.
But as Ilya already confirmed, any "plaintext" secrets that appear in
the logs are redacted. Of course this does not protect against base64
encoded tokens appearing in the logs, e.g. when using HTTP "Basic"
authentication.
Best regards
Tim Düsterhus
For the GITHUB_TOKEN we're using now, the limit is at 1000r/h:
https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#requests-from-github-actions
Best regards
Tim Düsterhus
timing, I was on my Christmas vacation :-)
I've just read through this entire thread: The solution William found is
the correct one and the one I would've suggested, had I seen this earlier.
Best regards
Tim Düsterhus
' or just attaching the patch as a regular attachment.
Both should be equally simple for Willy to apply.
Best regards
Tim Düsterhus
Willy,
On 12/9/22 16:28, Christopher Faulet wrote:
HAProxy 1.8.31 was released on 2022/12/09. It added 83 new commits
after version 1.8.30.
It appears releases.json didn't update automatically for 1.8:
https://www.haproxy.org/download/1.8/src/releases.json
Best regards
Tim Düsterhus
ions are available and
add them to matrix.py" and this should be fine, all SSL versions will
then be updated every 6 months and can also be updated on demand for
important releases. It's similar to how I simply rerun the Coccinelle
patches from time to time to fix whatever crept in since the last release.
Best regards
Tim Düsterhus
Willy,
On 12/1/22 17:29, Willy Tarreau wrote:
I knew you would be the first one reporting some misses despite my
great care for not triggering your radar ;-)
Yeah, and I would've been very sad if I had nothing to report, I'm not
yet ready to retire :-p
Best regards
Tim Düsterhus
lso I just noticed that the EOL column is inconsistently formatted, if
all LTS versions should be bold (which it looks like) then 2.6 needs to
be bold.
Best regards
Tim Düsterhus
or "no option
http-keepalive") did for 1.1.
I know the HTTP/2 spec provides GOAWAY Frames for this
and haproxy already sends those on shutdown [1].
Is there a way to manually trigger these?
I believe this feature request of mine matches what you are searching for:
https://github.com
David,
On 11/7/22 09:00, David CARLIER wrote:
Thanks here a corrected version.
It looks like you accidentally attached the same patch as before.
Best regards
Tim Düsterhus
/mux_h1.c#L2172
Best regards
Tim Düsterhus
I've sent a PR:
https://github.com/docker-library/docs/pull/2219
Best regards
Tim Düsterhus
from the upstream.
I consider the behavior of the version number generation to be the
correct one. Your working copy should always be updated from the
official upstream.
Best regards
Tim Düsterhus
Thanks. I've filed a feature request at:
https://github.com/haproxy/haproxy/issues/1874
Best regards
Tim Düsterhus
, then the existing mechanisms should already do the
right thing.
Best regards
Tim Düsterhus
load on our backends or resolvers.
Best regards
Tim Düsterhus
need to connect to a backend (server)
again. Thus it should not be necessary to waste CPU on DNS lookups and
health checks for a stopping worker.
Am I missing something here?
Best regards
Tim Düsterhus
/ fixing the message yourself. Seeing that you took the
effort of writing this long reply, I probably should've just ignored the
patch entirely, because it ultimately wasted time for everyone involved.
Best regards
Tim Düsterhus
Willy,
On 8/29/22 09:23, PR Bot wrote:
Author: cui fliter
Number of patches: 1
This is an automated relay of the Github pull request:
fix some typos
Patch title(s):
fix some typos
Link:
https://github.com/haproxy/haproxy/pull/1843
Edit locally:
wget
), but
the TOC was not updated accordingly. Please check the attached patch to fix
this.
This appears to be introduced in
e68e7e8426dc0297a757327e342dd5a212a5f2d9 and was likely backported.
Best regards
Tim Düsterhus
Willy,
On 9/8/22 19:04, Илья Шипицин wrote:
as we install freebsd binary packages, we need to bump image from time to
time
to match prebuilt packages.
The patch LGTM and should unbreak CI. Please take it.
Best regards
Tim Düsterhus
Tim Düsterhus
not affiliated with HAProxy
Technologies-the-company and thus I won't be able to help you any further.
Best regards
Tim Düsterhus
st regards
Tim Düsterhus
readable if the line isn't that long.
Best regards
Tim Düsterhus
nce himself when applying the patch if he doesn't like that
sentence.
Best regards
Tim Düsterhus
p haproxy
$ cat /etc/haproxy/haproxy.cfg |grep tcp-
> $
Best regards
Tim Düsterhus
various 'List-*' headers in the signature which it
should not do.
As this list does not modify the subject or body, any existing
signatures should remain valid (with the caveat of added list-* headers).
Best regards
Tim Düsterhus
/haproxy/commit/4652e975be3db3a69221e68a103dae4e5891313b
and
https://github.com/docker-library/official-images/commit/6e4e18abb18742dda9fe3bbea9366557f640ae1d
Best regards
Tim Düsterhus
Hi
On 7/2/22 08:03, Илья Шипицин wrote:
let us run asan for gcc as well.
This patch appears reasonable to me.
Best regards
Tim Düsterhus
. what you have attempted),
but likely the `strcmp` converter does what you need.
Best regards
Tim Düsterhus
asynchronous TLS
I/O operations if asynchronous capable SSL engines are used. The current
--
2.25.1
Best regards
Tim Düsterhus
urlp above (which is part of the 2/2 patch).
Best regards
Tim Düsterhus
with the URI normalization feature, as
the encoding of a parameter name is not a 1:1 relationship.
Best regards
Tim Düsterhus
u
Cheers!
Many thanks to everyone involved in the new greatest release!
As usual, HAProxy-2.7-dev0 was just created.
Enough of being partypooper Tim. Enjoy your release party!
Best regards
Tim Düsterhus
Best regards
Tim Düsterhus
aproxy/commit/5f4ddb54b05ae0355b1f64c22263a6bc381410df
I keep track of that and send patches as appropriate.
Best regards
Tim Düsterhus
e selection is
available in the dropdown of the close button.
As of now this feature does little more than using a slightly different
icon + color for the closed issue, but I think it would be useful
selecting the correct variant going forward, in case GitHub extends this
feature in the f
tives" in so far, as `-cc` currently
does not yet use deinit_and_exit, but only exit. So there's a huge
number of live allocations we can already clean.
Currently a deinit only happens for:
- haproxy -vv
- haproxy -c (if the check is successful, i.e. exit 0).
- SIGUSR1
Best regards
Tim Düsterhus
, but Willy might
have some.
Reviewed-by: Tim Duesterhus
Best regards
Tim Düsterhus
to take better care.
As Willy already said: Don't worry about your first attempt not being
perfect. Your patch is definitely already looking great (especially
since you followed the advice in CONTRIBUTING regarding the commit
message and not using pull requests):
Best regards
Tim Düsterhus
factoring it to use the 'ist' API).
Best regards
Tim Düsterhus
dataplane-api, ingress
controller and such things already offer a valid response, I don't know
for sure if they can be considered as drop-in replacement nor if they
support everything, and this will have to be studied as well before
starting to scare users!
Best regards
Tim Düsterhus
V DNS records or more?
Best regards
Tim Düsterhus
presented a solution for real-time monitoring of a stick table on
HAProxyConf 2021:
https://github.com/WoltLab/node-haproxy-peers
https://www.haproxy.com/user-spotlight-series/using-haproxy-peers-for-real-time-quota-tracking/
Best regards
Tim Düsterhus
h" is preferred over using "url", because clients may send a full URL as
is normally done with proxies. The only real use is to match "*" which does
not match in "path", and for which there is already a predefined ACL.
Best regards
Tim Düsterhus
to be fixed.
Perfect, I agree here. QUICTLS caching is useful and VTest caching is
obsolete with the single-job restart.
Best regards
Tim Düsterhus
Willy,
On 3/11/22 22:46, Tim Duesterhus wrote:
Introduced in:
0657b9338 MINOR: stream: add "last_rule_file" and "last_rule_line" samples
I believe you missed this one.
Best regards
Tim Düsterhus
Willy,
On 3/8/22 20:43, Tim Düsterhus wrote:
Yes my point was about VTest. However you made me think about a very good
reason for caching haproxy builds as well :-) Very commonly, some VTest
randomly fails. Timing etc are involved. And at the moment, it's impossible
to restart the tests
find
accesses of '.ptr' for an ist is going to turn up all kinds of unrelated
stuff.
Best regards
Tim Düsterhus
need some handholding to get me started.
Best regards
Tim Düsterhus
regards
Tim Düsterhus
William,
On 3/8/22 21:30, Tim Düsterhus wrote:
- The action is also easily reusable by other projects. For testing my
Adding to that: It's also easily reusable by the other workflows. We
currently have the separate musl.yml workflow that does this:
https://github.com/haproxy/haproxy/blob
. For testing my
haproxy-auth-request repository I could remove the VTest installation
logic from action-install-haproxy and simply use the existing action.
This might also come in handy to test
https://github.com/haproxytech/haproxy-lua-oauth and other official
extensions.
Best regards
Tim
oth you as
the developers and me as one of the CI experts happy :-) My concerns
were primarily with regard the number of additional steps in William's
proposal, not the caching of VTest per se.
Best regards
Tim Düsterhus
regards
Tim Düsterhus
Willy,
On 3/8/22 16:24, Willy Tarreau wrote:
Hi Tim,
On Tue, Mar 08, 2022 at 04:17:00PM +0100, Tim Düsterhus wrote:
William
On 3/8/22 16:06, William Lallemand wrote:
Also, I'm wondering if we could also cache the build of HAProxy, you
could think that weird, but in fact it will help
.
That on the other hand makes sense to me. It just changes the order of
the steps and thus brings a benefit without adding complexity.
Best regards
Tim Düsterhus
1 - 100 of 855 matches
Mail list logo