{% extends "base.html" %} {% block content %} {% from 'include/input_macros.html' import input, checkbox, select %} {% set balance_params = dict() %} {% set balance_params = {'roundrobin':'roundrobin','source':'source','leastconn':'leastconn','first':'first', 'rdp-cookie':'rdp-cookie', 'uri':'uri', 'uri whole':'uri whole', 'static-rr': 'static-rr', 'url_param userid':'url_param userid'} %} {% set checks = dict() %} {% set checks = {'':'Choose a custom health check','option tcp-check':'Check a TCP Port', 'option ssl-hello-chk':'Check a SSL Port','option httpchk':'Check a HTTP service', 'option ldap-check':'Check a LDAP service', 'option mysql-check':'Check a MySql Service', 'option pgsql-check':'Check a PgSQL Service', 'option redis-check': 'Check a Redis Service', 'option smtpchk':'Check a SMTP service'} %} {% set observe = {'layer7':'layer7', 'layer4': 'layer4'} %} {% set on_error = {'mark-down':'mark-down', 'fastinter': 'fastinter', 'fail-check':'fail-check', 'sudden-death':'sudden-death'} %} {% set if_values = dict() %} {% set if_values = {'1':'Host name starts with','2':'Host name ends with','3':'Path starts with','4':'Path ends with', '6': 'Src ip'} %}
{% include 'include/add_proxy.html' %}

Add listen

Select a server:
Note: If you re-configure the master server, the slave server will be re-configured automatically
A "listen" section defines a complete proxy with its frontend and backend parts combined in one section. It is generally useful for TCP-only traffic.

All proxy names must be formed from upper and lower case letters, digits, '-' (dash), '_' (underscore) , '.' (dot) and ':' (colon). ACL names are case-sensitive, which means that "www" and "WWW" are two different proxies.

Historically, all proxy names could overlap, it just caused troubles in the logs. Since the introduction of content switching, it is mandatory that two proxies with overlapping capabilities (frontend/backend) have different names. However, it is still permitted that a frontend and a backend share the same name, as this configuration seems to be commonly encountered.
Name: {{ input('name', name='listener', title="Name Listener", placeholder="web_80", required='required') }}
IP and Port: {{ input('ip', placeholder="Any", size='15') }}: {{ input('listen-port', name='port', type="number", title="Port for bind listen", placeholder="8080", size='5', required='required') }}
If the IP-address for the listener is empty, it will listen on all IP addresses.
Start typing IP or press down button. If you are using VRRP, leave the IP field blank. If you assign a VRRP IP, the slave server will not start
Mode: {% set values = dict() %} {% set values = {'http':'http','tcp':'tcp'} %} {{ select('listen-mode-select', name='mode', values=values, selected='http', required='required', class='force_close') }}
Maxconn: {{ input('maxconn', value='2000', type="number", title="Fix the maximum number of concurrent connections on a frontend", size='5', required='required') }}
This value should not exceed the global maxconn. Default global maxconn value: 2000
Balance: {{ select('balance', values=balance_params, selected='roundrobin', required='required', class='force_close') }}
Health check: {{ select('listener_checks', name='health_check', values=checks, selected='', class='force_close') }}
ACL:
Web acceleration(?): {{ checkbox('compression', title='Enable Compression', value='1', desc='Compression') }} {{ checkbox('cache', title='Enable cache', value='2', desc='Cache') }} {{ checkbox('ssl_offloading', title='Enable redirect from HTTP to HTTPS', desc='HTTP->HTTPS') }}
WAF(?): {{ checkbox('slow_atack', title='Slow attack protect', desc='Slow attack') }} {{ checkbox('ddos', title='DDOS attack protect', desc='DDOS') }} {{ checkbox('whitelist_checkbox', title='Add whitelist', desc='Whitelist') }} {{ checkbox('blacklist_checkbox', title='Add blacklist', desc='Blacklist') }} {{ checkbox('waf', title='Web application firewall', desc='WAF', value='1') }} {{ checkbox('antibot', title='Antibot Protection', desc='Antibot', value='1') }}
Options: {{ checkbox('forward_for', title='Option Forward for if none', desc='Forward for') }} {{ checkbox('redispatch', title='Enable Redispatch', desc='Redispatch') }} {% set values = dict() %} {% set values = {'Off':'Off','Server only':'Server only','Force close':'Force close','Pretend keep alive':'Pretend keep alive'} %} {{ select('force_close', values=values, first='Force HTTP close', class='force_close') }} {{ checkbox('cookie', title='Set cookie', desc='Set cookie', value='1') }} {{ checkbox('options-listen-show', title='Set options manually', desc='Set options') }}
Servers: {% include 'include/add_servers.html' %}

{{ checkbox('template-listen', name='template', title='Use server-template instead servers list', value='template', desc='Server-template') }}
Check:
Default params: inter 2000 rise 2 fall 5
{{ checkbox('circuit_breaking_listen', name="circuit_breaking", desc='Circuit Breaking', title='Enable Circuit Breaking', value='1') }}
Add Listen Generate config

Add frontend

Select a server:
Note: If you re-configure the master server, the slave server will be re-configured automatically
A "frontend" section describes a set of listening sockets accepting client connections.

All proxy names must be formed from upper and lower case letters, digits, '-' (dash), '_' (underscore) , '.' (dot) and ':' (colon). ACL names are case-sensitive, which means that "www" and "WWW" are two different proxies.

Historically, all proxy names could overlap, it just caused troubles in the logs. Since the introduction of content switching, it is mandatory that two proxies with overlapping capabilities (frontend/backend) have different names. However, it is still permitted that a frontend and a backend share the same name, as this configuration seems to be commonly encountered.
Name:
IP and Port: :
If the IP-address for the frontend is empty, it will listen on all IP addresses.
Start typing IP or press down button. If you are using VRRP, leave the IP field blank. If you assign a VRRP IP, the slave server will not start
Mode: {% set values = dict() %} {% set values = {'http':'http','tcp':'tcp'} %} {{ select('frontend-mode-select', name='mode', values=values, selected='http', required='required', class='force_close') }}
Maxconn: {{ input('maxconn', value='2000', type="number", title="Fix the maximum number of concurrent connections on a frontend", size='5', required='required') }}
This value should not exceed the global maxconn. Default global maxconn value: 2000
ACL:
Web acceleration(?): {{ checkbox('compression2', name="compression", title='Enable Compression', value='1', desc='Compression') }} {{ checkbox('cache2', name="cache", title='Enable cache', value='2', desc='Cache') }} {{ checkbox('ssl_offloading1', title='Enable redirect from HTTP to HTTPS', desc='HTTP->HTTPS') }}
WAF(?): {{ checkbox('slow_atack1', title='Slow attack protect', desc='Slow attack') }} {{ checkbox('ddos1', title='DDOS attack protect', desc='DDOS') }} {{ checkbox('whitelist_checkbox1', title='Add whitelist', desc='Whitelist') }} {{ checkbox('blacklist_checkbox1', title='Add blacklist', desc='Blacklist') }} {{ checkbox('waf2', name='waf', title='Web application firewall', desc='WAF', value='1') }} {{ checkbox('antibot1', title='Antibot Protection', desc='Antibot', value='1') }}
Options: {{ checkbox('forward_for1', title='Option Forward for if none', desc='Forward for') }} {% set values = dict() %} {% set values = {'Off':'Off','Server only':'Server only','Force close':'Force close','Pretend keep alive':'Pretend keep alive'} %} {{ select('force_close', values=values, first='Force HTTP close', class='force_close') }} {{ checkbox('options-frontend-show', title='Set options manually', desc='Set options') }}
Default backend {{ input('backends', name='backends', placeholder="some_backend", size='30') }}
Note. If you want to use the default backend, backend must exist.
Add Frontend Generate config

Add backend

Select a server:
Note: If you re-configure the master server, the slave server will be re-configured automatically
A "backend" section describes a set of servers to which the proxy will connect to forward incoming connections.

All proxy names must be formed from upper and lower case letters, digits, '-' (dash), '_' (underscore) , '.' (dot) and ':' (colon). ACL names are case-sensitive, which means that "www" and "WWW" are two different proxies.

Historically, all proxy names could overlap, it just caused troubles in the logs. Since the introduction of content switching, it is mandatory that two proxies with overlapping capabilities (frontend/backend) have different names. However, it is still permitted that a frontend and a backend share the same name, as this configuration seems to be commonly encountered.
Name: {{ input('new_backend', title="Name backend", placeholder="web_80", required='required') }}
Mode: {% set values = dict() %} {% set values = {'http':'http','tcp':'tcp'} %} {{ select('backend-mode-select', name='mode', values=values, selected='http', required='required', class='force_close') }}
Balance: {{ select('balance', values=balance_params, selected='roundrobin', required='required', class='force_close') }}
Health check: {{ select('backend_checks', name='health_check', values=checks, selected='', class='force_close') }}
ACL:
Web acceleration(?): {{ checkbox('compression3', name="compression", title='Enable Compression', value='1', desc='Compression') }} {{ checkbox('cache3', name="cache", title='Enable cache', value='2', desc='Cache') }} {{ checkbox('ssl_offloading2', title='Enable SSL Offloading', desc='SSL Offloading') }}
Options: {{ checkbox('forward_for2', title='Option Forward for if none', desc='Forward for') }} {{ checkbox('redispatch2', title='Enable Redispatch', desc='Redispatch') }} {% set values = dict() %} {% set values = {'Off':'Off','Server only':'Server only','Force close':'Force close','Pretend keep alive':'Pretend keep alive'} %} {{ select('force_close', values=values, first='Force HTTP close', class='force_close') }} {{ checkbox('cookie2', title='Set cookie', desc='Set cookie', value='1') }} {{ checkbox('options-backend-show', title='Set options manually', desc='Set options') }}
Servers: {% include 'include/add_servers.html' %}

{{ checkbox('template-backend', name='template', title='Use server-template instead servers list', value='template', desc='Server-template') }}
Check:
Default params: inter 2000 rise 2 fall 5
{{ checkbox('circuit_breaking_backend', name="circuit_breaking", desc='Circuit Breaking', title='Enable Circuit Breaking', value='1') }}
Add Backend Generate config

SSL

View certificates Uploaded certificates
Upload SSL certificates Certificate name Paste the contents of the certificate file
{{ input('ssl_name') }}

Let's Encrypt

Server Domain name E-mail
{{ input('lets_domain', placeholder="example.com") }} {{ input('lets_email') }}
{% for option in options %} {% if option.groups == group or group == '1' %} {% endif %} {% endfor %}
Id Options
{{ option.id }}

+ Add

In this section you can create, edit and delete options with given parameters. And after use them as autocomplete in the "Add" sections
How to use pre-saved option you can see in this video
{% for s in saved_servers %} {% if s.groups == group or group == '1' %} {% endif %} {% endfor %}
Server Description

+ Add

In this section you can create, edit and delete servers. And after use them as autocomplete in the "Add" sections
How to use pre-saved servers you can see in this video

Add Userlist

Select a server:
Note: If you reconfigure Master server, Slave will be re-configured automatically
It is possible to control access to frontend/backend/listen sections or to http stats by allowing only authenticated and authorized users. To do this, it is required to create at least one userlist and to define users.
Userlist name: {{ input('new_userlist', required='required', title="Userlist name", placeholder="basic-auth-list") }}
Groups: {{ input('userlist-group', title="User`s group", placeholder="group_name") }}
It is also possible to attach users to this group by using a comma separated list of names preceded by "users" keyword.
User: {{ input('userlist-user', required='required', title="User name", placeholder="user_name") }} {{ input('userlist-password', required='required', title="User password. By default it insecure-password", placeholder="password") }} {{ input('userlist-user-group', title="User`s group", placeholder="user`s group") }}
It is also possible to attach groups to this user by using a comma separated list of groups.
Add Userlist Generate config

Existing UserList

Select a server:
Note: If you reconfigure Master server, Slave will be re-configured automatically
Show Userlist
In this section you can create userlists. And after use them in the "Add" sections
Read here How to use userlists

Add Peer

Select server:
Note: If you re-configure Master server, Slave will be re-configured automatically
The peers section enables the replication of stick table data between two or more HAProxy instances.
Peers name: {{ input('peers-name', title="Peers name", placeholder="peers name") }}
Peers servers: : :
: :
Add Peer Generate config
Note: If you would like to use HAProxy services as Master-Master cluster you must set local servers hostnames as peers servers names. Otherwise peers will not work
Note: If you would like to use HAProxy services as Master-Slave cluster you must set local server hostname for master server as peer server name. Otherwise peers will not work
Read here How to use peers
{{ input('group', value=group, type='hidden') }}
New blacklist Server for uploading Existing blacklists
Name: {{ input('new_blacklist_name') }} {% for list in black_lists %} {{ list }} {% endfor %}
New whitelist Server for uploading Existing whitelists
Name: {{ input('new_whitelist_name') }} {% for list in white_lists %} {{ list }} {% endfor %}
In this section you can create and edit black and white lists. And after use them in the HAProxy configs or in the "Add proxy" pages. Read how to use it in this article
{% include 'include/del_confirm.html' %}
{% include 'include/del_confirm.html' %} {% endblock %}