Intro
I recently acquired a second domain for one of my projects and wanted to set this up behind the HAProxy instance in my firewall. The problem was that I was already serving my primary domain with it, so I was looking to serve my secondary one as well. It was not as straightforward as I thought but after a bit of Googling and some trial and error, I could proxy multiple domains sharing the same public IP. Here’s how I did it!
Create a shared frontend
In the HAProxy Frontend settings, create a new front end with the name shared_frontend; status Active; external address to WAN address, port to 443, and tick SSL Offloading. The type should be http / https (offloading). It should look as follows:
Scroll down to the SSL Offloading section and select your default certificate. Include SNI filters like “*.mydomain.com !mydomain2.com” to apply the correct certificate for each domain. In the Additional certificates setting, add your secondary domain certificate. Make sure that the Add ACL option is checked for both of them. It should look like:
All other settings can be left as defaults.
Create your secondary frontends
Create two frontends for each domain and attach the corresponding ACLs and Actions. Click Shared Frontend and set the Primary frontend to the shared_frontend created in the previous step. This looks like:
Note that you will not set your certificate here, as that will be handled by the shared_frontend.
All done!
After applying all settings and restarting HAProxy, both domains should be handled under the same public IP. Your Frontend page will look like like the cover image in this post. Happy homelabbing!