Haproxy as frontend


#1

Hello everyone,

I am trying to put HAproxy as frontend SSL terminator for LibreNMS, what would be the config to let HAproxy detect and reverse to backend Nginx server which is handling LibreNMS?
Right now, when i try to access the URL, https://abc.com/librenms, i get 404 error

From nginx log, i show as below:

192.168.1.3 - - [05/Dec/2018:06:10:12 +0000] “GET / HTTP/1.1” 200 396 “-” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36”

Here is my rule:

frontend SSL_default
bind 192.168.1.1:443 ssl crt /etc/ssl/domain.pem
option forwardfor
http-request add-header X-Forwarded-Host %[req.hdr(host)]
http-request add-header X-Forwarded-Server %[req.hdr(host)]
http-request add-header X-Forwarded-Port %[dst_port]

acl acl_detect_librenms path_beg -i /librenms
use_backend backend_librenms if acl_detect_librenms

backend backend_librenms
mode http
server netgraph 192.168.1.2:80 maxconn 20 check

Thank you.


#2

There is a problem when you want to change the url to have a subdirectory on the proxy and not the backend. Right now the only way to fix that is to have a subdirectory on both.

Other option is to use a subdomain and you will have no issues.


#3

thanks @murrant for your comment.

so, could you please specific case about using subdirectory?
Do you mean adding to use /librenms for backend (on librenms server) and HAproxy is also using /librenms in URL https://abc.com/librenms?


#4

yes or just use librenms.abc.com


#5

thanks @murrant
Following this document https://docs.librenms.org/Installation/Installation-Ubuntu-1804-Nginx/#configure-nginx
How could i add /librenms into URL like this https://abc.com/librenms?

Thanks.


#6

i tried to add ,

In config.php
$config[‘base_url’] = ‘/librenms/’;

In .env
APP_URL=http://192.168.1.2/librebms/
APP_TRUSTED_PROXIES=192.168.1.1

Then, try to access the site: https://abc.com/librenms
It shows me page not found.

And then try to access the lirenms server, http://192.168.1.2/librenms
It always force me to login page without adding /librenms, http://192.168.1.2/login

Please advice how to make it works.
Thanks a lot


#7

@murrant
Could you please show me how to make it works? Thanks a lot.


#8

Not sure, I’ve never used a subdir and I don’t know your environment.

Did you try this?

$config[‘base_url’] = ‘http://192.168.1.2/librenms/’;
APP_URL=http://192.168.1.2/librenms/
APP_TRUSTED_PROXIES=192.168.1.1

First try accessing it without the proxy to know if you have it working without a subdir.


#9

thanks @murrant
Yes, i tried your recommend, but it didn’t work.

In addition, i also tried with following options, but not work as well.
$config[‘base_url’] = “/librenms/”
APP_URL=/librenms/
APP_TRUSTED_PROXIES=192.168.1.1

Any other recommend?