diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile
index 81ea69ec0..e629b6ca0 100644
--- a/net/haproxy/Makefile
+++ b/net/haproxy/Makefile
@@ -1,7 +1,7 @@
PLUGIN_NAME= haproxy
-PLUGIN_VERSION= 4.4
+PLUGIN_VERSION= 4.5
PLUGIN_COMMENT= Reliable, high performance TCP/HTTP load balancer
-PLUGIN_DEPENDS= haproxy28 py${PLUGIN_PYTHON}-haproxy-cli
+PLUGIN_DEPENDS= haproxy py${PLUGIN_PYTHON}-haproxy-cli
PLUGIN_MAINTAINER= opnsense@moov.de
.include "../../Mk/plugins.mk"
diff --git a/net/haproxy/pkg-descr b/net/haproxy/pkg-descr
index f6ed896fa..daac185c3 100644
--- a/net/haproxy/pkg-descr
+++ b/net/haproxy/pkg-descr
@@ -9,6 +9,7 @@ Plugin Changelog
4.5
Changed:
+* upgrade to HAProxy 3.0 release series (#4411)
* migrate cert export to Trust MVC
4.4
diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml
index 7945ded64..e0e5e345d 100644
--- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml
+++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml
@@ -89,7 +89,7 @@
action.http_request_redirecttext
- HAProxy's documentation for further details and examples.]]>
+ HAProxy's documentation for further details and examples.]]>
@@ -128,7 +128,7 @@
action.http_request_add_header_contenttext
- HAProxy's documentation for further details and examples.]]>
+ HAProxy's documentation for further details and examples.]]>
@@ -145,7 +145,7 @@
action.http_request_set_header_contenttext
- HAProxy's documentation for further details and examples.]]>
+ HAProxy's documentation for further details and examples.]]>
@@ -251,7 +251,7 @@
action.http_response_add_header_contenttext
- HAProxy's documentation for further details and examples.]]>
+ HAProxy's documentation for further details and examples.]]>
@@ -268,7 +268,7 @@
action.http_response_set_header_contenttext
- HAProxy's documentation for further details and examples.]]>
+ HAProxy's documentation for further details and examples.]]>
@@ -468,6 +468,6 @@
action.fcgi_set_paramtext
- Custom Log format rules. With this directive, it is possible to overwrite the value of default FastCGI parameters.]]>
+ Custom Log format rules. With this directive, it is possible to overwrite the value of default FastCGI parameters.]]>
diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml
index 8411a6ad9..014b959ae 100644
--- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml
+++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml
@@ -28,7 +28,7 @@
backend.algorithmdropdown
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>Choose a load balancing algorithm.
@@ -42,7 +42,7 @@
backend.proxyProtocoldropdown
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>true
@@ -186,7 +186,7 @@
truetrue
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>backend.forwardFor
@@ -213,7 +213,7 @@
backend.persistence_cookiemodedropdown
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>backend.persistence_cookiename
@@ -235,14 +235,14 @@
backend.stickiness_patterndropdown
- HAProxy documentation for a full description.
NOTE: Consider not using this feature in multi-process mode, it can result in random behaviours.
]]>
+ HAProxy documentation for a full description.
NOTE: Consider not using this feature in multi-process mode, it can result in random behaviours.
]]>Choose a persistence type.backend.stickiness_dataTypesselect_multiple
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>backend.stickiness_expire
diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml
index c02327bce..4ad9d1e94 100644
--- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml
+++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml
@@ -33,7 +33,7 @@
fcgi.path_infotext
- HAProxy's documentation for further details and examples.]]>
+ HAProxy's documentation for further details and examples.]]>fcgi.log_stderr
diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml
index 2268abe72..a826ecfa8 100644
--- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml
+++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml
@@ -350,14 +350,14 @@
frontend.stickiness_patterndropdown
- HAProxy documentation for further information.]]>
+ HAProxy documentation for further information.]]>Choose a stick-table type.frontend.stickiness_dataTypesselect_multiple
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>frontend.stickiness_expire
@@ -384,7 +384,7 @@
frontend.stickiness_counter_keytext
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>true
diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml
index 4955c8519..554246fa4 100644
--- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml
+++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml
@@ -15,6 +15,6 @@
mapfile.contenttextbox
- HAProxy documentation for a full description.]]>
+ HAProxy documentation for a full description.]]>
diff --git a/net/haproxy/src/opnsense/mvc/app/views/OPNsense/HAProxy/index.volt b/net/haproxy/src/opnsense/mvc/app/views/OPNsense/HAProxy/index.volt
index 932c8814f..fd025cacc 100644
--- a/net/haproxy/src/opnsense/mvc/app/views/OPNsense/HAProxy/index.volt
+++ b/net/haproxy/src/opnsense/mvc/app/views/OPNsense/HAProxy/index.volt
@@ -717,7 +717,7 @@ POSSIBILITY OF SUCH DAMAGE.
{{ lang._('Lastly, enable HAProxy using the %sService%s settings page.') | format('', '') }}
{{ lang._('Please be aware that you need to %smanually%s add the required firewall rules for all configured services.') | format('', '') }}
-
{{ lang._('Further information is available in the %sofficial HAProxy documentation%s. Be sure to report bugs and request features on our %sGitHub issue page%s. Code contributions are also very welcome!') | format('', '', '', '') }}
+
{{ lang._('Further information is available in the %sofficial HAProxy documentation%s. Be sure to report bugs and request features on our %sGitHub issue page%s. Code contributions are also very welcome!') | format('', '', '', '') }}
@@ -759,7 +759,7 @@ POSSIBILITY OF SUCH DAMAGE.
{{ lang._('%sConditions:%s HAProxy is capable of extracting data from requests, responses and other connection data and match it against predefined patterns. Use these powerful patterns to compose a condition that may be used in multiple Rules.') | format('', '') }}
{{ lang._('%sRules:%s Perform a large set of actions if one or more %sConditions%s match. These Rules may be used in %sBackend Pools%s as well as %sPublic Services%s.') | format('', '', '', '', '', '', '', '') }}
-
{{ lang._("For more information on HAProxy's %sACL feature%s see the %sofficial documentation%s.") | format('', '', '', '') }}
+
{{ lang._("For more information on HAProxy's %sACL feature%s see the %sofficial documentation%s.") | format('', '', '', '') }}
{{ lang._('Note that it is possible to directly add options to the HAProxy configuration by using the "option pass-through", a setting that is available for several configuration items. It allows you to implement configurations that are currently not officially supported by this plugin. It is strongly discouraged to rely on this feature. Please report missing features on our GitHub page!') | format('', '') }}
@@ -774,7 +774,7 @@ POSSIBILITY OF SUCH DAMAGE.
{{ lang._('%sGroup:%s A optional list containing one or more users. Groups usually make it easier to manage permissions for a large number of users') | format('', '') }}
{{ lang._('Note that users and groups must be selected from the Backend Pool or Public Service configuration in order to be used for authentication. In addition to this users and groups may also be used in Rules/Conditions.') }}
-
{{ lang._("For more information on HAProxy's %suser/group management%s see the %sofficial documentation%s.") | format('', '', '', '') }}
+
{{ lang._("For more information on HAProxy's %suser/group management%s see the %sofficial documentation%s.") | format('', '', '', '') }}
@@ -792,7 +792,7 @@ POSSIBILITY OF SUCH DAMAGE.
{{ lang._("%sCache:%s HAProxy's cache which was designed to perform cache on small objects (favicon, css, etc.). This is a minimalist low-maintenance cache which runs in RAM.") | format('', '', '', '') }}
{{ lang._("%sPeers:%s Configure a communication channel between two HAProxy instances. This will propagate entries of any data-types in stick-tables between these HAProxy instances over TCP connections in a multi-master fashion. Useful when aiming for a seamless failover in a HA setup.") | format('', '', '', '') }}
-
{{ lang._("For more details visit HAProxy's official documentation regarding the %sStatistics%s, %sCache%s and %sPeers%s features.") | format('', '', '', '', '', '') }}
+
{{ lang._("For more details visit HAProxy's official documentation regarding the %sStatistics%s, %sCache%s and %sPeers%s features.") | format('', '', '', '', '', '') }}
@@ -810,7 +810,7 @@ POSSIBILITY OF SUCH DAMAGE.
{{ lang._("%sResolvers:%s This feature allows in-depth configuration of how HAProxy handles name resolution and interacts with name resolvers (DNS). Each resolver configuration can be used in %sBackend Pools%s to apply individual name resolution configurations.") | format('', '', '', '') }}
{{ lang._("%sE-Mail Alerts:%s It is possible to send email alerts when the state of servers changes. Each configuration can be used in %sBackend Pools%s to send e-mail alerts to the configured recipient.") | format('', '', '', '') }}
-
{{ lang._("For more details visit HAProxy's official documentation regarding the %sError Messages%s, %sLua Script%s and the %sMap Files%s features. More information on HAProxy's CPU Affinity is also available %shere%s, %shere%s and %shere%s. A detailed explanation of the resolvers feature can be found %shere%s.") | format('', '', '', '', '', '' ,'', '' ,'', '' ,'', '','', '') }}
+
{{ lang._("For more details visit HAProxy's official documentation regarding the %sError Messages%s, %sLua Script%s and the %sMap Files%s features. More information on HAProxy's CPU Affinity is also available %shere%s, %shere%s and %shere%s. A detailed explanation of the resolvers feature can be found %shere%s.") | format('', '', '', '', '', '' ,'', '' ,'', '' ,'', '','', '') }}
diff --git a/net/haproxy/src/opnsense/scripts/OPNsense/HAProxy/exportCerts.php b/net/haproxy/src/opnsense/scripts/OPNsense/HAProxy/exportCerts.php
index 935844878..cccff6408 100755
--- a/net/haproxy/src/opnsense/scripts/OPNsense/HAProxy/exportCerts.php
+++ b/net/haproxy/src/opnsense/scripts/OPNsense/HAProxy/exportCerts.php
@@ -92,7 +92,7 @@ foreach ($configNodes as $key => $value) {
// check if a CA is linked
if (!empty((string)$cert->caref)) {
// append the CA to the certificate data
- $ca = CertStore::getCaChain((string)$cert->caref));
+ $ca = CertStore::getCaChain((string)$cert->caref);
$pem_content .= "\n" . $ca;
// additionally export CA to it's own file,
// not required for HAProxy, but makes OCSP handling easier
diff --git a/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf b/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf
index 3e40f63c0..642a84e4a 100644
--- a/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf
+++ b/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf
@@ -990,10 +990,10 @@ global
{# # check if OCSP is enabled #}
{% if OPNsense.HAProxy.general.tuning.ocspUpdateEnabled|default('') == '1' %}
{% if helpers.exists('OPNsense.HAProxy.general.tuning.ocspUpdateMinDelay') %}
- tune.ssl.ocsp-update.mindelay {{OPNsense.HAProxy.general.tuning.ocspUpdateMinDelay}}
+ ocsp-update.mindelay {{OPNsense.HAProxy.general.tuning.ocspUpdateMinDelay}}
{% endif %}
{% if helpers.exists('OPNsense.HAProxy.general.tuning.ocspUpdateMaxDelay') %}
- tune.ssl.ocsp-update.maxdelay {{OPNsense.HAProxy.general.tuning.ocspUpdateMaxDelay}}
+ ocsp-update.maxdelay {{OPNsense.HAProxy.general.tuning.ocspUpdateMaxDelay}}
{% endif %}
{% endif %}
{% if helpers.exists('OPNsense.HAProxy.general.tuning.resolversPrefer') %}