Home CentOS Routing Domain Name in Haproxy

Routing Domain Name in Haproxy

I hope you are following the below guide. Now suppose you want to route domain name to open specific backend that have your configuration file.

How to route domain name

Find

frontend https
   mode http
   bind *:443 ssl crt /etc/letsencrypt/live/web.bullten.work/web.bullten.work.pem crt /etc/letsencrypt/live/haproxy1.bullten.work/haproxy1.bullten.work.pem alpn h2,http/1.1


   option forwardfor

    http-request track-sc0 src table per_ip_rates
    http-request deny deny_status 429 if { sc_http_req_rate(0) gt 100 }


    acl from_cf    src -f /etc/haproxy/cloudflare_ips.lst
    http-request set-src req.hdr(CF-Connecting-IP) if from_cf

   default_backend app-main

Now at the end add

    acl host_bacon hdr(host) -i haproxy1.bullten.work

    use_backend bacon_cluster if host_bacon

So it will look like. Replace haproxy1.bullten.work with your domain name

frontend https
   mode http
   bind *:443 ssl crt /etc/letsencrypt/live/web.bullten.work/web.bullten.work.pem alpn h2,http/1.1


   option forwardfor

    http-request track-sc0 src table per_ip_rates
    http-request deny deny_status 429 if { sc_http_req_rate(0) gt 100 }


    acl from_cf    src -f /etc/haproxy/cloudflare_ips.lst
    http-request set-src req.hdr(CF-Connecting-IP) if from_cf


    acl host_bacon hdr(host) -i haproxy1.bullten.work
    use_backend bacon_cluster if host_bacon


   default_backend app-main

Now create a backend bacon_cluster

backend bacon_cluster
    mode http
    balance roundrobin                                     #Balance algorithm
    option httpchk HEAD / HTTP/1.1\r\nHost:\ localhost    #Check the server application is up and healty - 200 status code
    timeout queue 10s
    server nginx1 192.168.1.1:443 check  ssl verify none weight 3      #Nginx1

This will tell to haproxy to point to bacon_cluster when domain entered is haproxy1.bullten.work

Now just setup SSL. Replace haproxy1.bullten.work with your domain name.

frontend https
   mode http
   bind *:443 ssl crt /etc/letsencrypt/live/web.bullten.work/web.bullten.work.pem crt /etc/letsencrypt/live/haproxy1.bullten.work/haproxy1.bullten.work.pem alpn h2,http/1.1


   option forwardfor

    http-request track-sc0 src table per_ip_rates
    http-request deny deny_status 429 if { sc_http_req_rate(0) gt 100 }


    acl from_cf    src -f /etc/haproxy/cloudflare_ips.lst
    http-request set-src req.hdr(CF-Connecting-IP) if from_cf


    acl host_bacon hdr(host) -i haproxy1.bullten.work
    use_backend bacon_cluster if host_bacon


   default_backend app-main

Must Read

Routing Domain Name in Haproxy

I hope you are following the below guide. Now suppose you want to route domain name to open specific backend that have...

Enable Logging in Haproxy

HAProxy can emit log message for processing by a syslog server. This is compatible with familiar syslog tools like Rsyslog, as well...

Getting real IP in Nginx when behind cloudflare Haproxy

Create a file named cloudflare_ips.ls and in that add all the cloudflare IP's vi /etc/haproxy/cloudflare_ips.ls 173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 104.16.0.0/12 172.64.0.0/13 131.0.72.0/22 2400:cb00::/32 2606:4700::/32 2803:f800::/32 2405:b500::/32 2405:8100::/32 2a06:98c0::/29 2c0f:f248::/32

Getting Real IP in HaproxyNginx configuration

Well its a little configuration can get real to nginx when haproxy is set as reverse proxy. Follow this...

Haproxy as Single Point to Failure Node With Glusterfs and MariaDB Maxscale Cluster

HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It...