Hi I am running docker containers on my host fqdn host-192-168-1-100.example.com which i can access using the fqdn where it is running
https://host-192-168-1-100.example.com:8443
http://host-192-168-1-100.example.com:6443 and
https://host-192-168-1-100.example.com:443
I want to use HAproxy with URL-based rewriting like
https://fqdn/node-1/serviceonename
https://fqdn/node-1/servicetwoname
https://fqdn/node-1/servicethreename
I have setup a separate VM for my HAProxy fqdn host-192-168-1-102.example.com and i have used the following haproxy.cfg with which i was able to access service one like this https://fqdn/node-1/serviceonename but service two would give me 401 Unauthorized Authentication Required and service three would gets redirected to the fqdn of the host where the container is running and without the path in the URL.
frontend http_front
bind *:80
redirect scheme https code 301 if !{ ssl_fc }
frontend https_front
bind *:443 ssl crt /etc/ssl/private/haproxy.pem
use_backend serviceone if { path /node-1/serviceone } || { path_beg /node-1/serviceone/ }
use_backend servicetwo if { path /node-1/servicetwo } || { path_beg /node-1/servicetwo/ }
use_backend servicethree if { path /node-1/servicethree } || { path_beg /node-1/servicethree/ }
backend serviceone
http-request replace-path /node-1/serviceone(/)?(.*) /2
server node-1 host-192-168-1-100:8443 check ssl verify none
backend servicetwo
http-request replace-path /node-1/servicetwo(/)?(.*) /2
server node-1 host-192-168-1-100:6443 check ssl verify none
backend servicethree
http-request replace-path /node-1/servicethree(/)?(.*) /2
server node-1 host-192-168-1-100:443 check ssl verify none
In my service three config.php i changed base_url to the haproxy fqdn and it is now accessible on the haproxy fqdn but whatever i enter in the url path it redirects to the default path like i.e url-based path is not working.
I am now using this haproxy.cfg to just keep it to the port numbers for now for testing and with this i am able to access my serviceone like this host-192-168-1-102.example.com/9443/ and servicetwo with http like this host-192-168-1-102.example.com:6443 and service three like this host-192-168-1-102.example.com/443/ but the problem is that if i write anything else host-192-168-1-102.example.com/anything/ it still redirects to service three and without the path /anything/ to /users/login which is the default login page of the service.
frontend http_frontend
bind *:80
bind *:6443
acl is_6443 dst_port 6443
use_backend servicetwo if is_6443
redirect scheme https code 301 if !is_6443 !{ ssl_fc }
frontend https_frontend
bind *:443 ssl crt /etc/ssl/private/haproxy.pem
acl haproxy hdr(host) -i host-192-168-1-102.example.com #haproxy fqdn
acl serviceone path_beg /8443/
acl servicetwo path_beg /6443/
# acl servicethree path_beg /443/
use_backend serviceone if serviceone
use_backend servicetwo if servicetwo
use_backend servicethree if haproxy
default_backend default
backend serviceone
http-request replace-uri ^/8443/(.*) /1
server serviceone_node1 host-192-168-1-100.example.com:8443 check ssl verify none
backend servicetwo
mode http
http-request replace-uri /6443/(.*) /1
server servicetwo_node1 host-192-168-1-100.example.com:6443 check
backend servicethree
http-request replace-uri ^/443/(.*) /1
server servicethree_node1 host-192-168-1-100.example.com:443 check ssl verify none
backend default
http-request deny
If i uncomment this part # acl servicethree path_beg /443/ and change use_backend servicethree if haproxy to use_backend servicethree if misp it is acccessible but with most of the files blocked csp:blocked upon inspecting the network in browser like .js. css and i can see login page but without logos and things
I have been doing this for a few weeks now but i am getting no where Any help would be greatly appreciated.
Alex K is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.