mirror of
https://blitiri.com.ar/repos/chasquid
synced 2025-12-17 14:37:02 +00:00
e79586a014
This patch implements support for incoming connections wrapped in the HAProxy protocol v1. This is useful when running chasquid behind a HAProxy server, as it needs the original source IP to perform SPF checks. This patch is a reimplementation of one originally provided by Denys Vitali in pull request #15, except the logic for the protocol handling is moved to a new package, and the smtpsrv.Conn handling of the source IP is simplified. It is marked as experimental for now, since we want to give it a bit more exposure just in case the option/api needs adjustment. Thanks a lot to Denys Vitali (@denysvitali in github) for sending the original patch for this, and helping test it!
33 lines
753 B
Markdown
33 lines
753 B
Markdown
|
|
# HAProxy integration
|
|
|
|
As of version 1.6, [chasquid] supports being deployed behind a [HAProxy]
|
|
instance.
|
|
|
|
**This is EXPERIMENTAL for now, and can change in backwards-incompatible
|
|
ways.**
|
|
|
|
|
|
## Configuring HAProxy
|
|
|
|
In the backend server line, set the [send-proxy] parameter to turn on the use
|
|
of the PROXY protocol against chasquid.
|
|
|
|
You need to set this for each of the ports that are forwarded.
|
|
|
|
|
|
## Configuring chasquid
|
|
|
|
Add the following line to `/etc/chasquid/chasquid.conf`:
|
|
|
|
```
|
|
haproxy_incoming: true
|
|
```
|
|
|
|
That turns HAProxy support on for all incoming SMTP connections.
|
|
|
|
|
|
[chasquid]: https://blitiri.com.ar/p/chasquid
|
|
[HAProxy]: https://www.haproxy.org/
|
|
[send-proxy]: http://cbonte.github.io/haproxy-dconv/2.0/configuration.html#5.2-send-proxy
|