From fedcddc06060cdeb6ec7b7892a72f240e7c3cda9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Thomas?= Date: Thu, 2 Feb 2017 22:42:14 +0100 Subject: [PATCH 1/2] Doc: Fix haproxy documentation (#242) --- documentation/PROXY.md | 36 ++++++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 8 deletions(-) diff --git a/documentation/PROXY.md b/documentation/PROXY.md index 09b8ff02..fb1ff02d 100644 --- a/documentation/PROXY.md +++ b/documentation/PROXY.md @@ -98,19 +98,39 @@ The following configuration works for Apache (without HTTPS): ### HAProxy -The following configuration works for HAProxy (HTTPS only): +The following configuration works for HAProxy (HTTPS with HTTP redirection): ```haproxy frontend https - bind $server_public_ip$:443 ssl crt /etc/haproxy/ssl/$server_ssl_keys$.pem - # Let Libresonic handle all requests under /libresonic - acl url_libresonic path_beg -i /libresonic - use_backend libresonic-backend if url_libresonic + # Make sure that we are in HTTP mode so that we can rewrite headers + mode http - # Change default backend to libresonic backend if you don't have a web backend - default_backend web-backend + # Listen on the HTTPS and HTTP ports + bind :80 + bind :443 ssl crt /etc/haproxy/cert_key.pem + + # Some useful headers + option httpclose + option forwardfor + + # HTTP: Redirect insecure requests to HTTPS + acl http ssl_fc,not + http-request redirect scheme https if http + + # HTTPS: Forward requests to the Libresonic backend + acl is_libresonic path_beg -i /libresonic + use_backend libresonic-backend if is_libresonic backend libresonic-backend - server libresonic 127.0.0.1:4040 check + + # Make sure that we are in HTTP mode so that we can rewrite headers + mode http + + # Rewrite all redirects to use HTTPS, similar to what Nginx does in the + # proxy_redirect directive. + http-response replace-value Location ^http://(.*)$ https://\1 + + # Forward requests to Libresonic running on localhost on port 4040 + server libresonic 127.0.0.1:4040 check ``` From 4efa7ccbf6c24d3a1eedd3ee8d8a5468302e3d27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois-Xavier=20Thomas?= Date: Fri, 3 Feb 2017 00:27:36 +0100 Subject: [PATCH 2/2] Doc: Add warning about HAProxy 1.7 --- documentation/PROXY.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/documentation/PROXY.md b/documentation/PROXY.md index fb1ff02d..1a9cfe56 100644 --- a/documentation/PROXY.md +++ b/documentation/PROXY.md @@ -98,7 +98,8 @@ The following configuration works for Apache (without HTTPS): ### HAProxy -The following configuration works for HAProxy (HTTPS with HTTP redirection): +The following configuration works for HAProxy 1.7 (HTTPS with HTTP +redirection): ```haproxy frontend https @@ -115,8 +116,7 @@ frontend https option forwardfor # HTTP: Redirect insecure requests to HTTPS - acl http ssl_fc,not - http-request redirect scheme https if http + http-request redirect scheme https if !{ ssl_fc } # HTTPS: Forward requests to the Libresonic backend acl is_libresonic path_beg -i /libresonic