On Wed, Oct 7, 2015 at 7:06 AM, Susheel Jalali <[email protected]> wrote:
> Dear HAProxy Developers, > > After incorporating insights from Bryan Talbot and articles from Baptiste > Assman on HAProxy Web site, we have been able to get the basic > configuration of HAProxy going. Now we are adding configuration to access > specific products in our LAN. > > We would like to access Product1 via URL: > https://coscend.com:14443/Product1/ > > Output URL from the Product1 server should be: > https://coscend.com:14443/Product1/signin?xyz > > What we are getting: https://Internal_IP:14443/Product1/signin?xyz > > The server presents the right page, but with internal IP address of the > server. Hence, the product can only be accessed from internal LAN, not > from WAN. What are we missing? > > Below is the configuration deployed. > > global > > […] > > default > > […] > > > > frontend webapps-frontend > > bind *:80 name http > > bind *:443 name https ssl crt /path/to/server.pem > > > > log global > > option forwardfor > > option httplog clf > > > > reqadd X-Forwarded-Proto:\ https if { ssl_fc } > > reqadd X-Forwarded-Proto:\ http if !{ ssl_fc } > > #http-request add-header X-Forwarded-Proto:\ https if { ssl_fc } # > Don't know how to use it instead of reqadd > > #http-request add-header X-Forwarded-Proto:\ http if !{ ssl_fc } # > Don't know how to use it instead of reqadd > > > > acl host_https req.hdr(Host) coscend.com:14443 # 14443 is due to > port forwarding deployment > > acl path_subdomain_p1 path_beg -i /Product1 > > > > use_backend subdomain_p1-backend if host_https path_subdomain_p1 > > > > backend subdomain_p1-backend > > http-request set-header Host <internal_IPxx.yy.zz.ww:portpppp> > > reqirep ^([^\ ]*)\ /Product1/?([^\ ]*)\ (.*)$ \1\ /Product1\2\ \3 > > > > acl hdr_location res.hdr(Location) -m found > > #http-response replace-header Host (.*) %%HP if hdr_location # This > is not working > > rspirep ^(Location:)\ (https?://([^/]*))/(.*)$ \1\ > http://\3/Product1/\4 if hdr_location > What happens if you move these two from the backend into the frontend section (I believe that's where they belong): acl hdr_location res.hdr(Location) -m found rspirep ^(Location:)\ (https?://([^/]*))/(.*)$ \1\ http://\3/Product1/\4 if hdr_location Also in the rspirep you are rewriting https to http but you say the response you are seeing is still with https: https://Internal_IP:14443/Product1/signin?xyz which most probably means that condition is not working for sure. In case you are serving a single domain maybe simplifying this to begin with may help: rspirep ^(Location:)\ https?://[^/]*/(.*)$ \1\ http://coscend.com/Product1/\2 <http://%5C3/Product1/%5C4> if hdr_location Also any messages during haproxy startup or in the haproxy log indicating possible issues? Something along the lines of "this and this statement will never match due to bla bla". > > > server Product1.VM0 <internal_IPxx.yy.zz.ww:portpppp> cookie c check > > > > Thank you. > > -- > > Sincerely, > > Susheel Jalali > > Coscend Communications Solutions > > Elite Premio Complex Suite 200, Pune 411045 Maharashtra India > [email protected] > > Web site: www.Coscend.com > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Terms_and_Conditions.html > > -- Igor Cicimov | DevOps p. +61 (0) 433 078 728 e. [email protected] <http://encompasscorporation.com/> w*.* encompasscorporation.com a. Level 4, 65 York Street, Sydney 2000
