HAProxy + Nextcloud + Microsoft office online server

JetSingl · May 2, 2024, 12:35pm

Good afternoon! Please help me with the problem in configuring the next cloud Bundle connection => haproxy => office online server

More details are used:

nextcloud01 server in docker is located behind traefik2 and receives a sert+private certificate.key nextcloud01.test.lab:443

nextcloud02 server in docker is located behind traefik2 and receives a sert+private certificate.key nextcloud02.test.lab:443

HAProxy
Haproxy.conf

global
  log /dev/log local0 debug
  chroot /var/lib/haproxy
  maxconn 200000
  nbthread 2
  user haproxy
  group haproxy
  daemon
  stats socket /run/haproxy/admin.sock mode 660 level admin

#  ca-base /etc/ssl/
#  crt-base /etc/ssl/

  ssl-default-bind-ciphers ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS:!AESCCM
  ssl-default-bind-options ssl-min-ver SSLv3 ssl-max-ver TLSv1.2
  ssl-server-verify none

  tune.ssl.default-dh-param 4096
  tune.ssl.cachesize 3200k
  tune.bufsize 32768

defaults
	log	global
	mode	http
	option    httplog
	option    dontlognull
	timeout	client      180s
	timeout connect     5s
	timeout server      180s

frontend sni
	bind *:443 ssl crt /etc/ssl/je.pem
	mode http
	option httplog
	option http-server-close
	option forwardfor
	acl url_discovery path /.well-known/caldav /.well-known/carddav
	http-request redirect location /remote.php/dav/ code 301 if url_discovery
	acl acl_nx ssl_fc_sni test-nextcloud.test.lab
	acl acl_nxoos ssl_fc_sni nxoos.test.lab
	use_backend nx if acl_nx
	use_backend nxoos if acl_nxoos
	default_backend nx

backend nx
	mode http
	cookie be_test-nextcloud.test.lab insert indirect nocache
	balance roundrobin
	option http-server-close
	option forwardfor
	server nx01 192.168.150.193:443 ssl check verify none cookie nx01
#	server nx01 192.168.150.193:443 ssl check cookie nx01 sni req.hdr(Host) check-sni test-nextcloud.test.lab
	server nx02 192.168.150.194:443 ssl check verify none cookie nx02
#	server nx02 192.168.150.194:443 ssl check cookie nx02 sni req.hdr(Host) check-sni test-nextcloud.test.lab

backend nxoos
	mode http
	server nxoos01 192.168.150.201:443 ssl check verify none

Individually, the servers are connected and working correctly.
nextcloud01.test.lab => naxos.test.lab
nextcloud02.test.lab => nxoos.test.lab
test-nextcloud.test.lab is not working => nxoos.test.lab

Cisco30 · May 2, 2024, 1:12pm

hi, you should post here instead https://discourse.haproxy.org/

JetSingl · May 3, 2024, 6:03am

Thank you very much for the advice! I’ll write now.

JetSingl · May 13, 2024, 6:44am

UP! Please, help me…