I'm trying to match various conditions inside one backend, like this:
acl rule1 hdr_dom(host) -i ext1
acl rule2 utl_beg /img
default_backend back-server-http if rule1 and rule2
but, how can I put this "and" between the two rules?
Yes, this is the solution:
acl rule1 hdr_dom(host) -i www.uno.es hdr_dom(host) -i www.one.com
use_backend uno.com if rule1
You don't need to use the word "and" between the two rules. It's implicit.
Source: http://haproxy.1wt.eu/download/1.5/doc/configuration.txt in Section 7.2
I think the below syntax will do the trick (check this link HAProxy - basic authentication for backend server)
acl rule1 hdr_dom(host) -i ext1
acl rule2 utl_beg /img
default_backend back-server-http if rule1 rule2
Related
I want to add a path to url if only no path defined. E.g.
hostname:8080 -> then add /fe: -> hostname:8080/fe
The answer from https://stackoverflow.com/a/40488319/12501050 does not work:
acl p_root path -i /
http-request set-path /fe if p_root
as it blocks the other requests. E.g.
hostname:8080/fe/getUsers
This part is little tricky to implement, but not that hard to work. Something like this works.
acl p_root path -i /
acl is_domain hdr(host) -i myhostname.io
redirect code 301 location myhostname.io/fe if is_domain p_root
Hope this is helps.
I would like to rewrite path from the domain prefix. With two cases :
https://prefix.domain.com/path -> https://prefix.domain.com/path/#/prefix
https://prefix.domain.com/path1 -> https://prefix.domain.com/path1/#/prefix/home
I try to rewrite the path with this config. But I can not extract prefix from domain in reqirep. I think that reqrep is only for GET /XXXX HTTP/1.1 string, not full URL.
acl match path_end -i /path
acl match1 path_end -i /path1
use_backend traefik_path if match
use_backend traefik_path1 if match1
default_backend traefik_path
backend traefik_path
reqirep ^([^\ ]*\ /)path \1/path/#/??
balance roundrobin
server traefik 127.0.0.1:8000 check
backend traefik_path1
reqirep ^([^\ ]*\ /)path1 \1/path1/#/??/home
balance roundrobin
server traefik 127.0.0.1:8000 check
Hello and thanks ahead of time for the help.
I have a blog on my old site and I'm trying to 301 redirect all of the posts to their new location on my new site using haproxy. For example, I want https://www.oldsite.com/john-blog/blogpost1 to be 301 redirected to https://www.newsite.com/jill-blog/blogpost1.
https://www.oldsite.com/john-blog => https://www.newsite.com/jill-blog
frontend https
option http-server-close
reqadd X-Forwarded-Proto:\ https
acl is_ob path_sub john-blog
redirect location https://www.newsite.com/jill-blog code 301 if is_ob
I've figure out how to forward traffic for /john-blog but haven't been able to figure out how to do the rewrite so that /john-blog/blogpost1 on the old site 301s to /jill-blog/blogpost1 on the new site.
This is what I was able to come up with:
frontend https
option http-server-close
reqadd X-Forwarded-Proto:\ https
acl old_site hdr(host) -i www.oldsite.com
acl john_blog path_beg /john-blog
acl jill_blog path_beg /jill-blog
reqrep ^([^\ ]*\ /)john-blog(.*) \1jill-blog\2 if old_site john_blog
redirect prefix https://www.newsite.com code 301 if old_site jill_blog
The only downside of this config is that it will also redirect https://www.oldsite.com/jill-blog => https://www.newsite.com/jill-blog. If this is an issue I can try and figure something else out.
How is works
I will follow and example for a request to https://www.oldsite.com/john-blog/blogpost1.
In this example acl old_site would be true, acl john_blog would be true and acl jill_blog would be false.
The reqrep line replaces john-blog with jill-blog only if both the old_site and john_blog acls are true, which for this example is the case. After this line the example url would be https://www.oldsite.com/jill-blog/blogpost1.
At this point acl john_blog is now no longer true but acl jill_blog is as the uri now begins with /jill-blog. acl old_site is still true.
The redirect line is in prefix mode where the redirect location is determined by the provided string with the original uri appended. In this example the provided string is https://www.newsite.com and the uri that gets appended is /jill-blog/blogpost1 resulting in a reditect url of https://www.newsite.com/jill-blog/blogpost1.
Hope that helps.
Is it possible to use Squid as reverse proxy with multiple web servers based on a query string that is passed to squid proxy?
This is the example from Squid wiki:
acl foo urlpath_regex ^/foo
cache_peer ip.of.server1 parent 80 0 no-query originserver name=server1
cache_peer_access server1 deny foo
cache_peer ip.of.server2 parent 80 0 no-query originserver name=server2
cache_peer_access server2 allow foo
cache_peer_access server2 deny all
This requires me to setup acls per webserver that I want to have, for example:
acl foo urlpath_regex ^/toserver1
acl foo urlpath_regex ^/toserver2
acl foo urlpath_regex ^/toserver3
etc
I'd like to instead specify the webserver my reverse proxy should forward to using a url parameter. For example:
http://myproxyserver.com/?webserver=server1.com&port=8000
http://myproxyserver.com/?webserver=server2.com&port=8900
etc
Is this possible in Squid?
I have a couple of rules defined in HAPROXY
acl want_server_oa path_dir ServerOA
acl serveroa_avail nbsrv(ServerOA) ge 1
use_backend ServerOA if want_server_oa serveroa_avail
acl is_root hdr_dom(host) -i mydomain.com
use_backend domainRoot if is_root
The first 3 rules were setup to route traffic to a certain subdomain
mydomain.com/ServerOA/
And the next 2 rules to route traffic to just
mydomain.com/
This works as expected. However, if I type in
mydomain.com/anypath/
It gives me a tomcat 404. I suspect the second set of rules match and forward traffic to tomcat which then returns a 404.
Based on the documentation, I did try defining some acls for blocking all other paths which didn't quite work (configuration wasn't accepted when starting haproxy).
block unless METH_GET or METH_POST want_server_oa
block unless METH_GET or METH_POST is_root
Any help would be much appreciated.
You must explicitly define the items you allow to be accessible under the root "mydomain.com/" and subfolders then block all others. (Shouldn't be a lot, right?)
acl want_server_oa path_beg /ServerOA
acl allow_html path_reg -i /.*\.html
acl allow_styles path_reg -i /css/.*\.css
block unless METH_GET want_server_oa or METH_POST want_server_oa or METH_GET allow_html or METH_POST allow_html or METH_GET allow_styles or METH_POST allow_styles
Additional note: You can check if your configuration have any errors by using the haproxy -c command. Like so:
haproxy -f /etc/haproxy/haproxy.cfg -c