This is what I do.
Either use a combined "listen" or a separate "frontend" and "backend".
frontend main
bind 0.0.0.0:80
option forwardfor except 127.0.0.0/8
option httplog
http-request redirect scheme https code 301 if !{ ssl_fc }
frontend main_ssl
# Bind SSL port with PFS-enabling cipher suite
bind :443 ssl crt /etc/CONFIG/haproxy/certs/cert.pem
option forwardfor except 127.0.0.0/8
option httplog
http-request set-header X-Forwarded-Proto https if { ssl_fc }
acl xx hdr_beg(host) -i xx.
use_backend ssl_backend-xx if xx
backend ssl_backend-xx
balance roundrobin
option httpchk GET /xx/about.txt
errorfile 503 /etc/CONFIG/haproxy/errors/xx/503sorry.http
http-check disable-on-404
http-request allow if { src -f /etc/CONFIG/haproxy/xx-whitelist.lst } || {
ssl_c_used }
http-request deny
cookie SRV insert indirect nocache httponly secure
acl path_root path /
redirect location /xx/ if path_root
# include ssl_servers-xx declarations
server name1 10.x.y.1:9001 check
server name2 10.x.y.2:9001 check
where "xx" is the application name.
In this case, HAProxy is listening on 80 and 443,
redirecting traffic to 443 and terminating the SSL -
talking to the app on port 9001.
From: VAUDOUX Arnaud <[email protected]>
Sent: Tuesday, December 11, 2018 11:00 AM
To: [email protected]
Subject: Redirect Syntax
Hi,
I would like to set up Haproxy in front of lot of app servers.
My application URLs don't really have standards (thanks to the multiplication
of devs).
I can have some :
-
http://<servername>:<port>/<application>/<http://%3cservername%3e:%3cport%3e/%3capplication%3e/>
- http://<servername>:<port>/<http://%3cservername%3e:%3cport%3e/>
-
http://<servername>/<application>/<http://%3cservername%3e/%3capplication%3e/>
And I would like to have something like
- https://<application>.<domaine<https://%3capplication%3e.%3cdomaine>>
Can you help me please ?
This communication is the intellectual property of HPC SA a company of OTCex
Group, a French Investment Services provider regulated by the ACPR and AMF
(registration number 11478). This communication (including, but not limited to
market prices/levels and market commentary) (the "Information") is intended for
information purposes only and is not, and should not be construed as, an offer,
bid, recommendation or solicitation in relation to any financial instrument or
investment or to participate in any particular trading strategy. The
Information is not to be relied upon and is not warranted, including, but not
limited to, as to completeness, timeliness or accuracy and is subject to change
without notice. Any opinion contained in this communication are those of the
author and are not given or endorsed by OTCex Group or its management unless
otherwise stated in writing. We may use the Information internally before
distributing to external recipients. We may have a position in, interest, make
or offer to make a sale/ purchase or have advised on any of the instruments
mentioned, or their underlying assets. You should take your own professional
advice on issues relating to the information contained in the Information. This
communication is confidential, may be legally privileged and is intended only
for the person or entity to which it is addressed. Access to the Information by
anyone other than the intended recipient is unauthorized and any disclosure,
copying, dissemination or redistribution is prohibited. If you are not the
intended recipient, please destroy it. No liability is accepted.
