plugins
plugins copied to clipboard
opnsense
haproxy Graphical Issues on Proxied Pages
Important notices Before you add a new report, we ask you kindly to acknowledge the following:
- [ x] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
- [ x] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
- [ x] The title contains the plugin to which this issue belongs
Describe the bug On some proxied webpages I'm having issues related to graphics and user interfaces. I have encountered this issue with several websites through haproxy but will focus on Unraid as that is the one with consistent issues I can remember. No graphical issues are showing when just using the webpages IP address.
To Reproduce No specific steps. Issue occurs on every use of haproxy on specific webpages.
Expected behavior Webpages should show all graphical images when loaded.
Screenshots
This is how the webpage should load, and is how it loads when I use the IP address.
Relevant log files
Additional context I recently switched from pfSense to opnSense and was using haproxy on pfSense and did not have this same issue. I have also cleared the cache on my browser and the issue persists. I'm not having this issue using firefox on my phone.
Environment This issues persists on my macbook as well as windows 11 machine both running firefox.
OPNsense 24.1.6-amd64 Intel(R) Pentium(R) CPU J3710 @ 1.60GHz (4 cores, 4 threads)
Please add your HAProxy configuration using the Config Export:
Services: HAProxy: Config Export
Feel free to cloak sensitive information.
frontend FrontendLocal
bind 10.200.0.1:443 name 10.200.0.1:443 ssl alpn h2,http/1.1 crt-list /tmp/haproxy/ssl/662ce9539713c2.62903353.certlist
bind 0.0.0.0:443 name 0.0.0.0:443 ssl alpn h2,http/1.1 crt-list /tmp/haproxy/ssl/662ce9539713c2.62903353.certlist
mode http
option http-keep-alive
...
backend unraidapollo
# health checking is DISABLED
mode http
balance source
# stickiness
stick-table type ip size 50k expire 30m
stick on src
http-reuse safe
server unraidapollo 10.200.20.2:443 ssl alpn h2,http/1.1 verify none
Looks good to me, nothing obviously wrong with this config. Maybe the missing content is related to HSTS headers? I'd suggest to open the browser console (F12) and then load the page. This might reveal why the web page is not loading properly.
Looks like your onto something, and this is certainly getting out of my knowledge area. The browser is throwing some errors related to subdomains and what I assume is some java scripts.
These errors are shown using the proxy, but no just through the IP.
The screenshot shows websocket requests, but they seem to use the wrong hostname (sv1 instead of apollo; unraid is running on apollo, right?). You probably need some address/header rewriting (I use HAProxy mostly as a load balancer and TCP proxy, so I don't have examples at hand).
You've mentioned that this was working on HAProxy on pfSense. Do you have a copy of your haproxy.conf from pfSense? That would make it easier to find the missing pieces.
There may some confusion on the host names. I have two servers, one being apollo and the other being sv1. Both are running through haproxy and have matching issues where some graphical elements are missing.
The domains shown on the error for each is correct on the browser console.
I'll see if I can dig up the pfSense haproxy config.