## Automatically generated configuration.# Do not edit this file manually.#global uid 80 gid 80 chroot /var/haproxy daemon stats socket /var/run/haproxy.socket group proxy mode 775 level admin nbthread 4 hard-stop-after 60s no strict-limits maxconn 10000 tune.ssl.default-dh-param 4096 spread-checks 2 tune.bufsize 16384 tune.lua.maxmem 0 log 0.0.0.0 local0 lua-prepend-path /tmp/haproxy/lua/?.luadefaults log global option redispatch -1 maxconn 5000 timeout client 30s timeout connect 30s timeout server 30s retries 3 default-server init-addr last,libc default-server maxconn 5000# autogenerated entries for ACLs# autogenerated entries for config in backends/frontends# autogenerated entries for stats# Frontend: SNI_frontend ()frontend SNI_frontend bind 0.0.0.0:443 name 0.0.0.0:443 mode tcp # logging options option log-separate-errors option tcplog # ACL: TCP_SSL_condition acl acl_644c56b6785678.47181279 req.ssl_hello_type 1 # ACL: TCP_server1_condition acl acl_644c5700ee7657.09485748 req.ssl_sni -m sub -i domain1.com # ACL: TCP_server2_condition acl acl_644c5719768e71.87060950 req.ssl_sni -m sub -i domain2.com # ACTION: TCP_RequestInspectDelay_rule # NOTE: actions with no ACLs/conditions will always match tcp-request inspect-delay 5s # ACTION: TCP_RequestContentAccept_rule tcp-request content accept if acl_644c56b6785678.47181279 # ACTION: TCP_SERVER1_rule use_backend TCP_SERVER1_backend if acl_644c5700ee7657.09485748 # ACTION: TCP_SERVER2_rule use_backend TCP_SERVER2_backend if acl_644c5719768e71.87060950# Frontend: HTTP_frontend ()frontend HTTP_frontend bind 0.0.0.0:80 name 0.0.0.0:80 mode tcp # logging options option tcplog # ACL: http_server1_condition acl acl_6457247ca14984.71641345 hdr_sub(host) -i domain1.com # ACL: http_server2_condition acl acl_64572496aeac32.73416688 hdr_sub(host) -i domain2.com # ACTION: http_server1_rule use_backend TCP_SERVER1_backend if acl_6457247ca14984.71641345 # ACTION: http_server2_rule use_backend TCP_SERVER2_backend if acl_64572496aeac32.73416688# Backend: TCP_SERVER1_backend ()backend TCP_SERVER1_backend # health checking is DISABLED mode tcp balance source # stickiness stick-table type ip size 50k expire 30m stick on src server server1_server 192.168.1.234 # Backend: TCP_SERVER2_backend ()backend TCP_SERVER2_backend # health checking is DISABLED mode tcp balance source # stickiness stick-table type ip size 50k expire 30m stick on src server server2_server 192.168.1.217 # Backend (DISABLED): TCP_SERVER3_backend ()# statistics are DISABLED
frontend Web_Server_SSL http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" bind 192.168.1.1:5581 name 192.168.1.1:5581 ssl alpn h2 crt-list /tmp/haproxy/ssl/57cb08105a3629.39396088.certlist mode http option http-keep-alive default_backend Apache_Server_Maggie option forwardfor
Ah thanks for the response. So you think it's the listen address as 0.0.0.0 ? That would make sense as I am having a hard time finding any other reason. Do you think if I use a Virtual IP interface and listen to that, would that work?