HAProxy, LetsEncrypt, Docker Containers

Kalifornia909 · March 13, 2022, 11:57am

I have a raspberrypi running mulitple docker containers as servers (nextcloud,unify,mediawiki). I followed the walk through videos setting things up. When I run the openssl s_client command from the HAProxy side I get the letsencrypt cert. However when I try to navigate to the non-standard ports i have set up for these docker containers nothing resovles unless I input the listening port. For example, I have mediawiki on 28080. I have the backend set up to use that port and the front end with the ACL to use that backend.

I can navigate to the DNS address and connect to the website if I specify the port number. This does not go through HA proxy. Is there anything different when trying to do this and interacting with docker containers? Any help is appreciated.

LTS_Tom · March 13, 2022, 2:11pm

The HAProxy setup is the same for docker containers. Check that DNS is going to HAProxy and that the rules in HAProxy respond with the proper backend.

Kalifornia909 · March 19, 2022, 4:10am

so i am using the pfsense resovler as dns and I am able to ping it using the domain name. Ive double and tripple checked my front end and back end. I am so lost on what Im doing wrong.

LTS_Tom · March 19, 2022, 9:56am

What IP are you getting when you ping the domain name?

Kalifornia909 · March 26, 2022, 11:47pm

I am getting the host address. I am using pfSense for the DNS resolver. That makes me even more confused since its all pfSense (DNS and HAproxy). I was able to successfully get the pfSense admin website to use the SSL cert, so I know the cert is fine. It has to be something in the HAProxy Im missing. I did watch your video and check my ACLs but I dont get any better results.

Kalifornia909 · March 27, 2022, 11:02am

I changed the DNS resolver to the Gateway IP for that VLAN and things started working. Well except for nextcloud’s docker image but 99.9% successful with all my other containers. Thanks for taking the time to help @LTS_Tom

Kalifornia909 · March 28, 2022, 5:33am

@LTS_Tom if you can spare any more time can you point me in the right direction for the openvpn client to use which front end. Thank you again.

LTS_Tom · March 28, 2022, 9:17am

I have a video on HAProxy troubleshooting here

reymond070605 · March 28, 2022, 11:17am

Thanks for this info, this help me fix my issue on HAProxy as well. Thank you so much for sharing.