16
Web Proxy Filtering and Caching / HAProxy - ERROR: ACL data not found
« on: December 05, 2023, 09:23:35 pm »
Hello,
I am seeing these errors in my haproxy.conf file and wondering if it's related to an issue I'm having with haproxy.
They're within the #logging options secition of one of my Front Ends.
# ERROR: ACL data not found (3b074c79-c094-4ee9-ba9e-5f5axxxxb2f2)
# ACL INVALID: (3b074c79-c094-4ee9-ba9e-5f5axxxxb2f2)
Firstly, I'm not even sure they're real errors as they are commented out in the conf file??
I have three sites I host for personal use:
Proxmox Cluster - Internal only
Apache Guacamole - External
Home Assistant - External
I access the External sites via Cloudflare proxy using their Strict Full and Origin cert applied to haproxy.
There is a single Public Service for these sites that uses the Cloudflare origin certificate.
I access the internal site directly via a VIP associated to haproxy.
There is a second public service for this site that OPNsense uses letsencrypt to obtain a cert for.
This setup works great but after each restart of OPNsense, the haproxy service fails to start.
It's related to the Cloudflare public service.
I have to log into Cloudflare and disable the DNS proxy for each CNAME associated to these sites.
Then wait a minute or two and restart the haproxy service.
Then enable the Cloudflare proxy for these CNAME's again.
Once done everything works great, but is annoying
Thanks for any advice on this.
I am seeing these errors in my haproxy.conf file and wondering if it's related to an issue I'm having with haproxy.
They're within the #logging options secition of one of my Front Ends.
# ERROR: ACL data not found (3b074c79-c094-4ee9-ba9e-5f5axxxxb2f2)
# ACL INVALID: (3b074c79-c094-4ee9-ba9e-5f5axxxxb2f2)
Firstly, I'm not even sure they're real errors as they are commented out in the conf file??
I have three sites I host for personal use:
Proxmox Cluster - Internal only
Apache Guacamole - External
Home Assistant - External
I access the External sites via Cloudflare proxy using their Strict Full and Origin cert applied to haproxy.
There is a single Public Service for these sites that uses the Cloudflare origin certificate.
I access the internal site directly via a VIP associated to haproxy.
There is a second public service for this site that OPNsense uses letsencrypt to obtain a cert for.
This setup works great but after each restart of OPNsense, the haproxy service fails to start.
It's related to the Cloudflare public service.
I have to log into Cloudflare and disable the DNS proxy for each CNAME associated to these sites.
Then wait a minute or two and restart the haproxy service.
Then enable the Cloudflare proxy for these CNAME's again.
Once done everything works great, but is annoying
Thanks for any advice on this.