Hi all,
We are moving all of our apps to be accessed soley via https, and I am
attempting to force this using haproxy. We have may subdomains and
I was hoping to be able to do this with one acl and a redirect, but
it is looking like I need to put in a redirect per backend.
What works:
frontend main
bind *:80 name http
bind 127.0.0.1:8443 name https # this is where stunnel forwards
acl host_app1 hdr_beg(host) -i app1.example.com
use backend app1 if host_app1
# ...
# more acls and use clauses, one for each app
# ...
acl host_appN hdr_beg(host) -i appN.example.com
use backend appN if host_appN
backend app1
acl secure dst_port eq 8443
server app1 10.10.25.106:80 check
redirect prefix https://app1.example.com if !secure
# ...
# more backends, one for each app
# ...
backend appN
acl secure dst_port eq 8443
server appN 10.10.25.156:80 check
redirect prefix https://appN.example.com if !secure
I was wondering if there is a way to have a simple rule in the frontend
that would do all the redirects for all the backends. Something like:
frontend main
bind *:80 name http
bind 127.0.0.1:843 name https
acl secure dst_port eq 8443
redirect prefix PUT_SOMETHING_HERE_THAT_WORKS_FOR_ALL_SUBDOMAINS if
!secure
backend app1
server app1 10.10.25.106:80 check
# more backends, one for each app
backend appN
server appN 10.10.25.156:80 check
We already have a somewhat large haproxy config, and I can manage a acl +
redirect for each backend, it would just be nice if it could be pulled up
a level.
enjoy,
-jeremy
--
========================================================================
Jeremy Hinegardner [email protected]
