Saturday, 19 May 2012

Fixing HAProxy configuration in pfSense

Some time ago I was experimenting with pfSense and HAProxy to deploy both as firewall and load balancer for one of the websites I was working on at the time. The key incentive was that pfSense is great BSD based firewall distribution with amazing features offered out of the box, and if that was not enough, you can install additional packages to add features you need.

One of those packages is HAProxy (proxy/load balancer) and both work together very nicely but...

Problem

I have installed pfSense with HAProxy several times, more than several in fact... and every time I did it, the configuration file generated using HAProxy web configurator (integrated with pfSense interface) was broken. First row in the table showing defined backends was empty -  the configuration file itself had just variables but no values. The second entry was just fine... Obviously HAProxy refused to start.

Quick fix

Just so I remember next time what I did. Get shell on pfSense console or install file manager package and edit /usr/local/pkg/haproxy.inc to add the line highlighted below:


Not a rocket science, just shift() the first (empty) backend definition and let the script do the rest.

Note

Manually fixing config file is pointless because new config is generated every time HAProxy (re)starts and the code above is used to generate it.