On Thu, Jul 13, 2023 at 10:48:41AM -0600, Shawn Heisey wrote: > On 7/12/23 04:13, Remi Tricot-Le Breton wrote: > > On 11/07/2023 22:22, Shawn Heisey wrote: > >> On 7/11/23 01:30, Remi Tricot-Le Breton wrote: > >> That directive didn't work in "global" but it was accepted when I > >> moved it to "defaults". But it didn't change the behavior. IPv6 is > >> completely disabled on the server. > > > > Didn't work as in an error was raised ? I have a local configuration > > file with this option in the global section and it seems to work fine. > > It failed the config check that is done by the systemd service before > restarting. It seems to indicate I am missing additional config that it > needs. > > elyograg@bilbo:~$ sudo haproxy -dD -c -f /etc/haproxy/haproxy.cfg > [NOTICE] (521767) : haproxy version is 2.8.1 > [NOTICE] (521767) : path to executable is /usr/local/sbin/haproxy > [ALERT] (521767) : config : Proxy '<OCSP-UPDATE>': Can't find > resolvers section 'default' for do-resolve action. > [ALERT] (521767) : config : Proxy '<HTTPCLIENT>': Can't find > resolvers section 'default' for do-resolve action. > [DIAG] (521767) : config : Generating a random cluster secret. You > should define your own one in the configuration to ensure consistency > after reload/restart or across your whole cluster. > [ALERT] (521767) : config : Fatal errors found in configuration. >
Hm we should probably improve the errors here, it seems to happen because you set an httpclient option in your global section but your /etc/resolv.conf wasn't available. I'll definitively try to improve this. > > You can use the "httpclient" CLI command this way: > > echo "expert-mode on; httpclient GET > > http://r3.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgOq9K0xVAXkgj8X4cNGeMutQw%3D%3D" > > | socat <your_stat_sock> - > > I get an error from that, and it makes no sense to me. > > ---- > elyograg@bilbo:~$ echo "expert-mode on; httpclient GET > http://r3.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgOq9K0xVAXkgj8X4cNGeMutQw%3D%3D" > > | sudo socat /etc/haproxy/stats.socket - > Permission denied > > This command is restricted to expert mode only. > ---- > It happens because you don't have the right level on your stats socket, expert-mode needs an admin level. -- William Lallemand