Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
[22.1.6] HAProxy, loopback to frontend using unix socket
« previous
next »
Print
Pages: [
1
]
Author
Topic: [22.1.6] HAProxy, loopback to frontend using unix socket (Read 5112 times)
8b4df00d
Newbie
Posts: 4
Karma: 1
[22.1.6] HAProxy, loopback to frontend using unix socket
«
on:
April 19, 2022, 09:43:11 am »
Hello, i have two registered domains (both pointing to one ip address), lets say domain-a and domain-b.
Both domains access via https on the default port 443 and i don't want to change it.
But, to access domain-b i want the users to identify themselves via a client-certificate i handed them out.
Domain-a should be accessable by the public without certificates, but of course via https.
To do this, i created a tcp-frontend that uses a rule to decide which backend should be used (the rule uses sni to identify if the request is coming from domain-a or domain-b).
I also created two other frontends (this time in http-mode). The listening addresses are now unix sockets (unix@sock-a for domain-a and unix@sock-b for domain-b).
Because i created two frontends with unix sockets i can now create real-servers that use those sockets.
The backends (backend-a and backend-b) are linked to the real-servers (sock-a or sock-b) and get requests from the tcp frontend.
My problem is that when im accessing the frontend i get an empty reply (code 52).
Do i miss something when using unix-sockets?
Thanks for any help.
«
Last Edit: April 19, 2022, 09:57:38 am by 8b4df00d
»
Logged
kenblu24
Newbie
Posts: 1
Karma: 0
Re: [22.1.6] HAProxy, loopback to frontend using unix socket
«
Reply #1 on:
August 05, 2022, 08:02:23 pm »
I have the same issue. Did you ever figure it out?
I tried:
In Frontend: tcp, listening on 0.0.0.0:443, with default backend set to...
Backend pool 1: tcp, server is...
Backend server 1: unix@test_1
Frontend: https offloading, listening on unix@test_1, default backend set to...
Backend pool 2: http, server is...
Backend Server 2: 192.168.1.2
No response.
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: [22.1.6] HAProxy, loopback to frontend using unix socket
«
Reply #2 on:
August 12, 2022, 10:15:22 am »
can be related to chroot or permissions.
can you please explain why you need to loop traffic via sockets?
<- hard to switch from nginx
«
Last Edit: August 12, 2022, 05:13:47 pm by Fright
»
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: [22.1.6] HAProxy, loopback to frontend using unix socket
«
Reply #3 on:
August 12, 2022, 05:14:53 pm »
can try
Code:
[Select]
opnsense-patch -c plugins -a kulikov-a 3b3d22d
and re-Apply HAProxy settings? (tested and works on 22.7.1 with 3.10_1 HAProxy plugin ver)
«
Last Edit: August 12, 2022, 05:16:43 pm by Fright
»
Logged
8b4df00d
Newbie
Posts: 4
Karma: 1
Re: [22.1.6] HAProxy, loopback to frontend using unix socket
«
Reply #4 on:
March 01, 2023, 02:41:05 pm »
Hey,
didn't get notified but saw your replies last week and tried this config out today.
Works perfect.
Thank you guys.
Every day i love my opnsense-boxes more and more
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: [22.1.6] HAProxy, loopback to frontend using unix socket
«
Reply #5 on:
March 01, 2023, 04:12:01 pm »
hi!
great! thanks for the feedback)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
[22.1.6] HAProxy, loopback to frontend using unix socket