Hi All,
Im new(ish) to OPNSense and im trying to configure HAProxy, im trying to setup a few websites mail.example.com and vpn.example.com to redirect to different internal servers.
I have configured everything and there are no syntax errors but when i try to start the service i get:
Nov 15 08:34:54 OPNsense configd.py: [638c0187-9480-4a2a-a42c-76ea2d790fce] returned exit status 1
Nov 15 08:34:54 OPNsense root: /usr/local/etc/rc.d/haproxy: WARNING: failed to start haproxy
Nov 15 08:34:53 OPNsense configd.py: [638c0187-9480-4a2a-a42c-76ea2d790fce] starting haproxy
Hi CianH,
some questions:
* What version of OPNsense are you using? (see Dashboard)
* What version of the HAProxy plugin is this? (see System->Firmware->Updates->Plugins)
* Could you please paste the contents of /usr/local/etc/haproxy.conf?
I must admit that the initial setup of HAProxy can be confusing/frustrating at times. I promise to write some documentation if we find the issue in your configuration (or in the HAProxy plugin). :)
Regards
- Frank
Just a note: a potential trap these days seems to be to use 16.7 and install the plugin without upgrading to 16.7.x the plugins actually belong to. I'm not entirely sure how to enforce this yet... always make sure to report problems with the latest version of opnsense and the plugin (currently 16.7.7 and 1.6).
Cheers,
Franco
* What version of OPNsense are you using? = OPNsense 16.7.7-amd64
* What version of the HAProxy plugin is this? = 1.6
* Could you please paste the contents of /usr/local/etc/haproxy.conf?
global
# NOTE: Could be a security issue, but required for some feature.
uid 80
gid 80
chroot /var/haproxy
daemon
stats socket /var/run/haproxy.socket level admin
nbproc 1
tune.ssl.default-dh-param 1024
spread-checks 0
tune.chksize 16384
tune.bufsize 16384
tune.lua.maxmem 0
log /var/run/log local0 info
defaults
log global
option redispatch -1
timeout client 30s
timeout connect 30s
timeout server 30s
retries 3
# Frontend: OpenVPN ()
frontend OpenVPN
bind vpn.example.com:80 name vpn.example.com:80
mode http
option http-keep-alive
default_backend OpenVPN
# tuning options
timeout client 30s
# logging options
option httplog
# Backend: OpenVPN ()
backend OpenVPN
# health checking is DISABLED
mode http
balance source
# tuning options
timeout connect 30s
timeout server 30s
server OpenVPN 10.0.0.18:80
# statistics are DISABLED
Hope this helps
Cian
Quote from: CianH on November 15, 2016, 08:17:54 PM
frontend OpenVPN
bind vpn.example.com:80 name vpn.example.com:80
mode http
option http-keep-alive
default_backend OpenVPN
# tuning options
timeout client 30s
# logging options
option httplog
I've tested your HAProxy configuration (just replaced the hostname in the "bind" parameter) and it works for me. (The hostname must resolve or HAProxy will fail to start.)
Is this a fresh install or did you upgrade from a previous release? I've seen broken packages in very rare cases, maybe you could try to reinstall the haproxy package and retry to start haproxy:
root@opnsense:~ # pkg install -yf haproxy
root@opnsense:~ # service haproxy restartAnother guess: maybe the internal plugin setup went wrong? Could you please paste the output of the following command?
root@opnsense:~ # ls -lR /var/haproxy/One last suggestion: try to start haproxy manually to get some debug output by using the command below.
root@opnsense:~ # haproxy -d -f /usr/local/etc/haproxy.conf Thanks.
Regards
- Frank