I am trying to achieve this:
http://front-end --> http://back-end/app-1
http://front-end/app-2 --> http://back-end/app-2-another-path
So that requests will be handled this way:
http://front-end/do-this --> http://back-end/app-1/do-this
http://front-end/app-2/do-that --> http://back-end/app-2-another-path/do-that
How can I do this? Thank you.
You can achieve this "http://front-end/app-2/do-that --> http://back-end/app-2-another-path/do-that" with the following configuration:
frontend http
#match url ending with /xxxxx/do-that
acl do-that path_end -i /app-2/do-that
use_backend server1 if do-that
backend server1
reqirep ^([^\ :]*)\ /app-2/(.*) \1\ /app-2-another-path/\2
server server 168.192.X.X
Here is more information on reqirep.
Related
My configuration is as follows, currently the web site works fine, I also have a public ip with an ssl certificate, it doesn't work,It is routed to the web site when requested, is there any way to fix it? Thanks
acl is_a01 ssl_fc_sni -i test.xyz
acl is_a02 ssl_fc_sni -i 12.13.14.16
use_backend n1 if is_a01
use_backend n2 if is_a02
default_backend web
There is a quite good description on this blog post Enhanced SSL Load Balancing with Server Name Indication (SNI) TLS Extension.
In the documentation is this the keyword you are searching for req.ssl_sni
Here is a untested snipplet from your question
# Wait for a client hello for at most 5 seconds
tcp-request inspect-delay 5s
# optionaly check if it's ssl_hello_type 1
tcp-request content accept if { req.ssl_hello_type 1 }
# The test values (test.xyz,12.13.14.16) *MUST*
# be in the certificate
acl is_a01 req.ssl_sni -i test.xyz
acl is_a02 req.ssl_sni -i 12.13.14.16
use_backend n1 if is_a01
use_backend n2 if is_a02
default_backend web
I have a xml file under https://example.com/assets/content/foo.xml but I want it to access it as https://example.com/foo.xml. So outcome will be, the browser URL SHOULD BE = https://example.com/foo.xml but I will get the file context from https://example.com/assets/content/foo.xml location. How to set it in haproxy ?
I tried many solutions but none of them worked. here is what I tried and this would be completely wrong.
acl SEO_XML path_beg -i /foo.xml
http-request set-header X-Location-Path %[capture.req.uri] if SEO_XML
http-request replace-header X-Location-Path /foo.xml /assets/content/foo.xml if SEO_XML
http-request redirect location %[hdr(X-Location-Path)] if SEO_XML
use_backend shiba_dev_https if SEO_XML
I have also tried other solutions as follows :
reqrep ^([^\ :]*)\ /foo.xml/(.*) \1\ /assets/content/foo.xml/\2
http-request set-header Host example.com
http-request replace-path /foo.xml(.*) /assets/content/foo.xml\1
None of this worked as I have no clue how to do it. Any ideas pls ?
Haproxy Version = 1.8
Try this:
reqirep ^([^\ :]*)\ /foo.xml\ (.*) \1\ /assets/content/foo.xml\ \2 if { path_beg /foo.xml }
Using haproxy 2.0.13-2
Having an issue with ACL's and redirect
I want to ACL on stuff.xyz.com/mycrap.aspx and redirect that to junk.abc.com
As a test I have an
ACL acl_stuff hdr(host) -i stuff.xyz.com/junk.aspx
use_backend be_stuff if acl_stuff
backend be_stuff
stats enable
option forwardfor
http-response add-header X-Backend ohs1docker01
server ohs1docker01 ohs1docker01.def.com:80 check
However even the ACL with the backend isnt working. I hit that page and I get a 404 which leads me to believe the ACL is not getting hit so the traffic is not getting to the backend.
Im hoping someone can give me some direction on this
Looks like you want to use http-response redirect
http-response redirect code 301 location https://www.junk.abc.com if { hdr_beg(host) -i stuff.xyz.com }
The acl acl_stuff hdr(host) -i stuff.xyz.com/junk.aspx can't match because there is a mix of host and path.
To match host and path try this.
acl match_path path_beg /junk.aspx
acl match_host hdr_beg(host) -i stuff.xyz.com
http-response redirect code 301 location https://www.junk.abc.com if match_host match_path
Im trying to direct the following URL https://register.company.xzy to https://register.company.xzy/register/supplier?code=
My haproxy config has acls in it for some existing subdomains and has been working well but i cant see to get this to work:
frontend https
bind 10.10.2.150:443 ssl crt /etc/apache2/ssl/star.company.xyz.pem
mode http
option httpclose
option forwardfor
reqadd X-Forwarded-Proto:\ https
acl www.company.xyz hdr(host) -i www.company.xyz
acl portal.company.xyz hdr(host) -i portal.company.xyz
acl live.company.xyz hdr(host) -i live.company.xyz
acl register.company.xyz hdr(host) -i register.company.xyz
use_backend website_live_servers if www.company.xyz
use_backend website_live_servers if portal.company.xyz
use_backend application_live_servers if live.company.xyz
use_backend register_live_servers if register.company.xyz
backend application_live_servers
mode http
cookie SERVERID insert indirect nocache
server server1 server1.company.xyz:80 check cookie $1
backend register_live_servers
mode http
cookie SERVERID insert indirect nocache
server server2 server2.company.xyz:80 check cookie $1
backend website_live_servers
mode http
cookie SERVERID insert indirect nocache
server server3 server3.company.xyz:80 check cookie $1
server server3 server3.company.xyz:80 check cookie $2
Any ideas or guidance?
Well what you need is to rewrite URL
http-request set-path <fmt> [<condition>]
http-request set-query <fmt> [<condition>]
OR rewrite complete URI
http-request set-uri <fmt> [<condition>]
rewriting url path
I'm using HAProxy version 1.6.
How would I modify the config to redirect requests from:
localhost:8081/myapp
to:
localhost:8111/myapp
Thanks!
frontend weblb
bind *:8081
acl if is_seller url_beg /myapp
use_backend sellerserver if is_seller
backend sellerserver
balance source
server web1 127.0.0.1:8111 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3
You could try using replace-value on the Host header:
http-request replace-value Host localhost:8081 localhost:8111
Which is nice because it also supports regexes:
http-request replace-value Host (.*):8081 \1:8111
something like :
listen weblb xxx.xxx.xxx.xxx:8081
balance leastconn
mode http
server web1 127.0.0.1:8111