HaProxy Internet HTTP + Graylog

RedBlood9 · March 29, 2018, 2:01pm

Hi to All,
I’m trying to export my webgui on internet with Haproxy.
I’ve read the doc, and set up the setted up the HaProxy.
Here’s my Config:

backend http_graylog
balance roundrobin
http-request set-header X-Graylog-Server-URL https://mygraylog.public.url
server server1 server1:9000 check port 12900 inter 1000 fall 2
server server2 server2:9000 check port 12900 inter 1000 fall 2
server server3 server3:9000 check port 12900 inter 1000 fall 2
server server4 server4:9000 check port 12900 inter 1000 fall 2
server server5 server5:9000 check port 12900 inter 1000 fall 2

frontend graylog
bind 0.0.0.0:443 ssl crt /my/personal/cert.pem
rspadd Strict-Transport-Security:\ max-age=15768000
option forwardfor
http-request add-header X-Forwarded-Host %[req.hdr(host)]
http-request add-header X-Forwarded-Server %[req.hdr(host)]
http-request add-header X-Forwarded-Port %[dst_port]
acl graylog_policy hdr_dom(host) -i mygraylog.public.url
option http-server-close
option forwardfor
option forwardfor except 127.0.0.1
reqadd X-Forwarded-Proto:\ https
use_backend http_graylog if graylog_policy

But When I load my https://mygraylog.public.url i receive the fllowing error from graylog when try to login

Error - the server returned: 404 - cannot POST https://mygraylog.public.url/system/sessions (404)

But if in Haproxy I put the following string:

http-request set-header X-Graylog-Server-URL https://mygraylog.public.url/api

instead of

http-request set-header X-Graylog-Server-URL https://mygraylog.public.url

Then I receice this error:

cannot GET https://mygraylog.public.url/api/ (404)

How can I resolv this error?
Thanks
Red

jochen · March 29, 2018, 3:07pm

You can find a working configuration for HAProxy in the official Graylog documentation at http://docs.graylog.org/en/2.4/pages/configuration/web_interface.html#haproxy-1-6

The example assumes that the Graylog REST API and the web interface are running on the same port, see rest_listen_uri and web_listen_uri.

RedBlood9 · March 29, 2018, 3:18pm

There’s a way to setup it with the two port different from each other?
It’s a system in production from lots of time,
and doing a structural modify like this can be such difficult.

jochen · March 29, 2018, 3:41pm

You can find an example for that in the (old) documentation at http://docs.graylog.org/en/2.1/pages/configuration/web_interface.html#haproxy-1-6.

RedBlood9 · April 4, 2018, 10:35am

Hi jochen,
Thank you for your help. I’ve Resolved the problem and now it works correctly.
Just a precision: I’ve take part of configuration from the doc 2.0, and not 2.1 because the last one is the same as 2.2

Thanks
Red

system · April 18, 2018, 10:42am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Haproxy - to graylog port stream Graylog Central (peer support)	8	1760	January 28, 2021
Graylog webinterface through haproxy load balancer Graylog Central (peer support)	1	1031	March 20, 2020
How to get graylog running behind a proxy? Graylog Central (peer support)	4	780	July 9, 2018
Problem with use of TLS and Haproxy Graylog Central (peer support)	8	2788	May 2, 2019
Graylog Cluster behind HAproxy on HTTPS Graylog Central (peer support)	8	6662	February 6, 2018

HaProxy Internet HTTP + Graylog

Related Topics