§2024-06-04
in order to do https://munetaka.me:45101 --> http://hc4noble.yushei.com.tw:45101
1.0. modify /etc/haproxy/haproxy.conf as
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
# ubuntu uses /etc/haproxy/errors/ directories
# the followings are for ubuntu
errorfile 400 /usr/share/haproxy/examples/errorfiles/400.http
errorfile 403 /usr/share/haproxy/examples/errorfiles/403.http
errorfile 408 /usr/share/haproxy/examples/errorfiles/408.http
errorfile 500 /usr/share/haproxy/examples/errorfiles/500.http
errorfile 502 /usr/share/haproxy/examples/errorfiles/502.http
errorfile 503 /usr/share/haproxy/examples/errorfiles/503.http
errorfile 504 /usr/share/haproxy/examples/errorfiles/504.http
frontend https_front
bind *:443 ssl crt /etc/letsencrypt/live/munetaka.me/haproxy.pem
default_backend local_nginx
frontend nextcloud_front
bind *:45101 ssl crt /etc/letsencrypt/live/munetaka.me/haproxy.pem
default_backend nextcloud_backend
backend local_nginx
option ssl-hello-chk
server nginx_server 127.0.0.1:8080 ssl verify none
backend nextcloud_backend
option httpchk
server nextcloud_server hc4noble.yushei.net:45101 check
- check
[root@pi2NginxMuNeTaka ~]# haproxy -c -V -f /etc/haproxy/haproxy.cfg
Configuration file is valid
# systemctl restart haproxy
- verify with browser,
Ask chatGPT,
I have a running nextCloud at http://hc4noble.yushei.net:45101/. and
my /etc/haproxy/haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
# ubuntu uses /etc/haproxy/errors/ directories
# the followings are for ubuntu
errorfile 400 /usr/share/haproxy/examples/errorfiles/400.http
errorfile 403 /usr/share/haproxy/examples/errorfiles/403.http
# HAProxy does not inherently generate 404 errors but can relay them from backend servers to clients.
# errorfile 404 /usr/share/haproxy/examples/errorfiles/404.http
errorfile 408 /usr/share/haproxy/examples/errorfiles/408.http
errorfile 500 /usr/share/haproxy/examples/errorfiles/500.http
errorfile 502 /usr/share/haproxy/examples/errorfiles/502.http
errorfile 503 /usr/share/haproxy/examples/errorfiles/503.http
errorfile 504 /usr/share/haproxy/examples/errorfiles/504.http
frontend https_front
# bind *:443 ssl crt /etc/letsencrypt/live/munetaka.me/fullchain.pem key /etc/letsencrypt/live/munetaka.me/privkey.pem
bind *:443 ssl crt /etc/letsencrypt/live/munetaka.me/haproxy.pem
default_backend local_nginx
backend local_nginx
option ssl-hello-chk
server nginx_server 127.0.0.1:8080 ssl verify none
How to make it so that https://munetaka.me:45101 will use backend server http://hc4noble.yushei.net:45101/.
- backup hc4noble.yushei.net nectCloud config files
# cp -v /var/snap/nextcloud/current/nextcloud/config/config.php /var/snap/nextcloud/current/nextcloud/config/config.php.2024-06-05
3.01. edit /var/snap/nextcloud/current/nextcloud/config/config.php as,
<?php
$CONFIG = array (
'apps_paths' =>
array (
0 =>
array (
'path' => '/snap/nextcloud/current/htdocs/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/snap/nextcloud/current/nextcloud/extra-apps',
'url' => '/extra-apps',
'writable' => true,
),
),
'supportedDatabases' =>
array (
0 => 'mysql',
),
'memcache.locking' => '\\OC\\Memcache\\Redis',
'memcache.local' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/tmp/sockets/redis.sock',
'port' => 0,
),
'log_type' => 'file',
'logfile' => '/var/snap/nextcloud/current/logs/nextcloud.log',
'logfilemode' => 416,
'instanceid' => 'ocktmzjp78j5',
'passwordsalt' => '2ZfHuWqwZy+zZKp0pII7pgdqON3Oh+',
'secret' => '5lgkZeOmtIJHkZqIlAdjcSvR+1DC35TGGTo+AsT+lWvb5Ee+',
'trusted_domains' =>
array (
0 => '192.168.48.239', // hc4Nobel.yushei.net
1 => 'munetaka.me:45101',
2 => 'hc4Noble.yushei.net:45101',
),
0 =>
array (
'trusted_proxies' =>
array (
0 => 'munetaka.me',
),
'overwriteprotocol' => 'https',
'overwrite.cli.url' => 'https://munetaka.me:45101',
),
'datadirectory' => '/var/snap/nextcloud/common/nextcloud/data',
'dbtype' => 'mysql',
'version' => '28.0.6.1',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:/tmp/sockets/mysql.sock',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => 'kG0vW58f9kql1zJURcCGZ4XVQitMeIYWBoktQOOcbIZVt3EOvjb8fm6lyUo3JRjt',
'installed' => true,
'allow_local_remote_servers' => true,
'maintenance' => false,
'mail_smtpmode' => 'smtp',
'mail_smtpsecure' => 'ssl',
'mail_sendmailmode' => 'smtp',
'loglevel' => 2,
'maintenance_window_start' => 1,
);
3.02. snap restart
snap list
Name Version Rev Tracking Publisher Notes
core18 20240416 2826 latest/stable canonical✓ base
nextcloud 28.0.6snap1 42571 latest/stable nextcloud✓ -
snapd 2.63 21761 latest/stable canonical✓ snapd
root@hc4Noble:/home/alexlai# snap restart nextcloud
2024-06-05T07:17:13+08:00 INFO Waiting for "snap.nextcloud.apache.service" to stop.
2024-06-05T07:17:14+08:00 INFO Waiting for "snap.nextcloud.mysql.service" to stop.
Restarted.