HaProxy Internet HTTP + Graylog

Hi to All,
I’m trying to export my webgui on internet with Haproxy.
I’ve read the doc, and set up the setted up the HaProxy.
Here’s my Config:

backend http_graylog
balance roundrobin
http-request set-header X-Graylog-Server-URL https://mygraylog.public.url
server server1 server1:9000 check port 12900 inter 1000 fall 2
server server2 server2:9000 check port 12900 inter 1000 fall 2
server server3 server3:9000 check port 12900 inter 1000 fall 2
server server4 server4:9000 check port 12900 inter 1000 fall 2
server server5 server5:9000 check port 12900 inter 1000 fall 2

frontend graylog
bind ssl crt /my/personal/cert.pem
rspadd Strict-Transport-Security:\ max-age=15768000
option forwardfor
http-request add-header X-Forwarded-Host %[req.hdr(host)]
http-request add-header X-Forwarded-Server %[req.hdr(host)]
http-request add-header X-Forwarded-Port %[dst_port]
acl graylog_policy hdr_dom(host) -i mygraylog.public.url
option http-server-close
option forwardfor
option forwardfor except
reqadd X-Forwarded-Proto:\ https
use_backend http_graylog if graylog_policy

But When I load my https://mygraylog.public.url i receive the fllowing error from graylog when try to login

Error - the server returned: 404 - cannot POST https://mygraylog.public.url/system/sessions (404)

But if in Haproxy I put the following string:

http-request set-header X-Graylog-Server-URL https://mygraylog.public.url/api

instead of

http-request set-header X-Graylog-Server-URL https://mygraylog.public.url

Then I receice this error:

cannot GET https://mygraylog.public.url/api/ (404)

How can I resolv this error?

You can find a working configuration for HAProxy in the official Graylog documentation at http://docs.graylog.org/en/2.4/pages/configuration/web_interface.html#haproxy-1-6

The example assumes that the Graylog REST API and the web interface are running on the same port, see rest_listen_uri and web_listen_uri.

There’s a way to setup it with the two port different from each other?
It’s a system in production from lots of time,
and doing a structural modify like this can be such difficult.

You can find an example for that in the (old) documentation at http://docs.graylog.org/en/2.1/pages/configuration/web_interface.html#haproxy-1-6.

Hi jochen,
Thank you for your help. I’ve Resolved the problem and now it works correctly.
Just a precision: I’ve take part of configuration from the doc 2.0, and not 2.1 because the last one is the same as 2.2


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.