After recent security updates, my webmin (now 1.903) served trough haproxy stopped working. Login page was not loading correctly…
Using opera developer tools I have debugged that index page is returned correctly, but then css and javascripts are requested but not returned correctly. No content was returned – request was endless. It seems there is some problem with gzip encoding between miniserv and haproxy?
Solution is disable gzip in webmin/miniserv.conf.
/etc/webmin/miniserv.conf:
gzip=0
Other issue with webmin is login redirect problem. This can be fixed with this haproxy backend config:
haproxy.cfg
backend webmin
mode http
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request set-header X-Forwarded-Proto https if { ssl_fc }
#fix stupid login redirect port problem
http-response replace-value Location (.*):.* \1
server webmin 127.0.0.1:10000 ssl verify none
…
frontend https
bind *:443 ssl crt /etc/haproxy/ssl/cloud.zazezi.net.pem crt /etc/haproxy/ssl/ alpn h2,http/1.1
use_backend apache if { hdr_dom(Host) -i mail.zazezi.net mail.zazezi.sk mail.iwik.org }
use_backend zabbix if { hdr_dom(Host) -i zabbix.iwik.org }
use_backend cloud if { hdr_dom(Host) -i owncloud.iwik.org nextcloud.iwik.org cloud.iwik.org }
use_backend webmin if { hdr_dom(Host) -i webadmin.zazezi.net webadmin.zazezi.sk }
use_backend avenger if { hdr_dom(Host) -i iwik.org avenger.iwik.org www.iwik.org iwik.sk www.iwik.sk }
http-response set-header X-SSL-Proxy haproxy
default_backend apache
Webmin config shoud contain
/etc/webmin/config
relative_redir=1 webprefix= webprefixnoredir=1
Thank-you for this, I was able to transpose the various settings into my setup that uses OPNsense that runs HAProxy and my Raspberry Pi 4 running Raspian and Webmin.