Tips for setting up HAProxy on pfsense with Cloudflare

I’m trying to setup HAProxy as a reverse proxy for SSL offloading to access an internal web server.

HAProxy is being run on pfsense (developmental version) and I’m using cloudflare as my DNS Provider.

I have SSL certs for my domain which I’ve installed on pfsense with the ACME plugin.

I’m having difficulty setting up the firewall rules for the reverse proxy.
The reverse proxy is supposed to listen on WAN port 80/443 (80 will redirected to port 443), do the SSL offloading, and the forward the http requests to an internal web server at

Cloudflare complicates things since they are already running a reverse proxy. Does this reverse proxy need access to the HA proxy machine or the actual web server?

I’m really confused and so far no one at cloudflare forums can really help.