I’ have two nodes with roundcube mail server and postfix. the goal i wish to recive is to be able to balance users to use serwer1 or server2 if logging users are big. the problem i have is that , I cant authenticate to any of servers when haproxy is on. the ssession is terminated and node ares switched. how to fix that ?
haproxy config:
global
maxconn 300
daemon
defaults
mode http
timeout connect 50s
timeout client 50s
timeout server 50s
frontend http
bind *:443 ssl crt /etc/ssl/certs/final_efektum.crt
mode http
reqadd X-Forwarded-Proto:\ https
default_backend servers
backend servers
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
balance roundrobin
option httpclose
balance roundrobin
cookie SERVERID insert indirect nocache
cookie JSESSIONID prefix nocache
option forwardfor
reqadd X-Forwarded-Proto:\ http
server poczta2 127.0.0.1:85 check cookie poczta2 maxconn 1
server digitalocean 165.22.68.126:85 check cookie digitalocean maxconn 1
frontend ldap
mode tcp
log global
bind :389
description LDAP Service
option tcplog
option logasap
option socket-stats
option tcpka
timeout client 5s
default_backend ad_server
backend ad_server
server ad 10.172.90.3:389 check fall 1 rise 1 inter 2s
mode tcp
balance source
timeout server 2s
timeout connect 1s
option tcpka
option tcp-check
tcp-check connect port 389
tcp-check send-binary 300c0201 # LDAP bind request "<ROOT>" simple
tcp-check send-binary 01 # message ID
tcp-check send-binary 6007 # protocol Op
tcp-check send-binary 0201 # bind request
tcp-check send-binary 03 # LDAP v3
tcp-check send-binary 04008000 # name, simple authentication
tcp-check expect binary 0a0100 # bind response + result code: success
tcp-check send-binary 30050201034200 # unbind request
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello,
I’ve had a similar issue recently. I believe that without an SSL certificate HAProxy is not being able to connect to the backend of Roundcube.
You could try adding a valid SSL certificate and see if this solves the problem.
Hope that this helps! Regards, Bobby
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.