Owncloud through Haproxy makes upload not possible

Wed, 18 Nov 2015 03:46:42 -0800 

Hi,

I've got a home server with 1 public IP, on which I host a couple of my
websites. Each of them is in a separate jail. Haproxy listens on the
outgoing IP and directs the traffic to the appropriate jail. Each of my
websites works fast. However, if uploading files in Owncloud goes VERY
slow and in the end I get a Bad Gateway error if the file is larger than
~100KB. Smaller files go through, but slowly. If I make the Owncloud
jail listen on the external IP and connect directly to it, there's no
problem, so it must be something about Haproxy configuration.

My operating system is FreeBSD 10.2-RELEASE-p7/amd64. Each jail is at
the same version. Haproxy is at 1.6.2 version. I'm not sure if that
matters, but I use Lighttpd 1.4.37 as a WWW server.

Below is my haproxy.conf:
global
        ssl-default-bind-options no-sslv3 no-tls-tickets force-tlsv12
        ssl-default-bind-ciphers AES256+EECDH:AES256+EDH
        tune.ssl.default-dh-param 4096
        log /var/run/log local0 notice
        maxconn 4096
        user daemon
        group daemon
        daemon

defaults
        mode    http
        option  httplog
        option  dontlognull
        option  forwardfor
        option  http-server-close
        option  httpclose
        option  tcplog
        option  dontlog-normal


frontend http-in
        bind 192.168.11.3:80
 reqadd X-Forwarded-Proto:\ http
        redirect scheme https code 301 if !{ ssl_fc }

frontend https-in
        option httplog
        option forwardfor
        option http-server-close
        option httpclose
        rspadd Strict-Transport-Security:\ max-age=31536000;\
includeSubdomains;\ preload
        rspadd Public-Key-Pins:\
pin-sha256="1Pw5h93NOsPw6j/vaTYl5VvW9cmtuZXtNP3cVz10hKo=";\
max-age=15768000;\ includeSubDomains
        bind 192.168.11.3:443 ssl crt /usr/local/etc/haproxy.pem ciphers
AES256+EECDH:AES256+EDH force-tlsv12 no-sslv3
        acl host_phpsysinfo hdr_dom(host) -i phpsysinfo.anongoth.pl
        acl host_owncloud hdr_dom(host) -i owncloud.anongoth.pl
        acl host_roundcube hdr_dom(host) -i roundcube.anongoth.pl
        acl host_10amd64 hdr_dom(host) -i 10amd64.anongoth.pl
        acl host_10armv6 hdr_dom(host) -i 10armv6.anongoth.pl

        ## figure out which one to use
        use_backend phpsysinfo if host_phpsysinfo
        use_backend owncloud if host_owncloud
        use_backend roundcube if host_roundcube
        use_backend 10amd64 if host_10amd64
        use_backend 10armv6 if host_10armv6

backend 10amd64
        server node1 192.168.11.3:81 cookie A check

backend 10armv6
        server node1 192.168.11.3:81 cookie A check

backend phpsysinfo
        server node1 192.168.11.3:81 cookie A check

backend owncloud
        server node1 192.168.11.14:80 cookie A check

backend roundcube
        server node1 192.168.11.16:80 cookie A check

Reply via email to