From 3910bde0bce123677d3681472ef472fcdfe4a4dd Mon Sep 17 00:00:00 2001 From: msotnikov Date: Fri, 9 Jan 2026 17:54:22 +0300 Subject: [PATCH 1/8] feat: el10 --- .gitignore | 1 + SOURCES/haproxy.cfg | 7 +++++-- SOURCES/haproxy.syslog.el10 | 18 ++++++++++++++++++ SPECS/haproxy.spec | 38 +++++++++++++++++++++++++++---------- 4 files changed, 52 insertions(+), 12 deletions(-) create mode 100644 SOURCES/haproxy.syslog.el10 diff --git a/.gitignore b/.gitignore index 6d414c2..5034f68 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ RPMS .docker *DS_Store *.rpm +.idea diff --git a/SOURCES/haproxy.cfg b/SOURCES/haproxy.cfg index f1cb8d6..cf6ba21 100644 --- a/SOURCES/haproxy.cfg +++ b/SOURCES/haproxy.cfg @@ -7,7 +7,7 @@ global #log /dev/log local1 notice log 127.0.0.1 local1 notice chroot /var/lib/haproxy - stats socket /run/haproxy/haproxy.sock mode 600 level admin + stats socket /run/haproxy.sock mode 600 level admin pidfile /var/run/haproxy.pid stats timeout 30s user haproxy @@ -20,7 +20,10 @@ listen stats stats enable stats realm Haproxy\ Statistics # Title text for popup window stats uri /haproxy_stats - + timeout connect 5s + timeout client 10s + timeout server 10s + defaults log global mode http diff --git a/SOURCES/haproxy.syslog.el10 b/SOURCES/haproxy.syslog.el10 new file mode 100644 index 0000000..5d22ea3 --- /dev/null +++ b/SOURCES/haproxy.syslog.el10 @@ -0,0 +1,18 @@ +$ModLoad imudp +$UDPServerAddress 127.0.0.1 +$UDPServerRun 514 + +$template HAProxy,"%TIMESTAMP% %syslogseverity-text:::UPPERCASE%: %msg:::drop-last-lf%\n" +$template HAProxyAccess,"%msg%\n" + +if $programname startswith 'haproxy' then { + if $syslogseverity == 6 then + action(type="omfile" file="/var/log/haproxy/access.log" template="HAProxyAccess") + stop + if $syslogseverity <= 3 then + action(type="omfile" file="/var/log/haproxy/error.log" template="HAProxy") + stop + if $syslogseverity <= 5 then + action(type="omfile" file="/var/log/haproxy/status.log" template="HAProxy") + stop +} diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec index 3171325..6e01cf4 100644 --- a/SPECS/haproxy.spec +++ b/SPECS/haproxy.spec @@ -31,7 +31,12 @@ Source4: %{name}.syslog%{?dist} Source5: halog.1 BuildRoot: %{_tmppath}/%{name}-%{version}-root +%if 0%{?el10} +BuildRequires: pcre2-devel +%else BuildRequires: pcre-devel +%endif + BuildRequires: zlib-devel BuildRequires: make BuildRequires: gcc openssl-devel @@ -54,6 +59,13 @@ Requires(preun): systemd Requires(postun): systemd %endif +%if 0%{?el10} +BuildRequires: systemd +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd +%endif + %description HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: @@ -79,7 +91,7 @@ https://github.com/philyuchkoff/HAProxy-3-RPM-builder %build regparm_opts= %ifarch %ix86 x86_64 -regparm_opts="USE_REGPARM=1" +#regparm_opts="USE_REGPARM=1" %endif RPM_BUILD_NCPUS="`/usr/bin/nproc 2>/dev/null || /usr/bin/getconf _NPROCESSORS_ONLN`"; @@ -95,7 +107,11 @@ systemd_opts="USE_SYSTEMD=1" pcre_opts="USE_PCRE=1 USE_PCRE_JIT=1" %endif -%if 0%{?el7} || 0%{?el8} || 0%{?el9} +%if 0%{?el10} +pcre_opts="USE_PCRE2=1 USE_PCRE2_JIT=1" +%endif + +%if 0%{?el7} || 0%{?el8} || 0%{?el9} || 0%{?el10} USE_TFO=1 USE_NS=1 %endif @@ -127,8 +143,9 @@ popd %{__install} -d %{buildroot}%{_sysconfdir}/logrotate.d %{__install} -d %{buildroot}%{_sysconfdir}/rsyslog.d %{__install} -d %{buildroot}%{_localstatedir}/log/%{name} +%{__install} -d %{buildroot}%{_localstatedir}/lib/%{name} -%{__install} -s %{name} %{buildroot}%{_sbindir}/ +%{__install} %{name} %{buildroot}%{_sbindir}/ %{__install} -c -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/haproxy.cfg @@ -146,8 +163,8 @@ popd %{__install} -c -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/rc.d/init.d/%{name} %endif -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} -%{__install} -s %{name} %{buildroot}%{_sbindir}/ +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%{__install} %{name} %{buildroot}%{_sbindir}/ %{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service %endif @@ -163,7 +180,7 @@ getent passwd %{haproxy_user} >/dev/null || \ exit 0 %post -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} %systemd_post %{name}.service systemctl reload-or-try-restart rsyslog.service %endif @@ -174,7 +191,7 @@ systemctl reload-or-try-restart rsyslog.service %endif %preun -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} %systemd_preun %{name}.service %endif @@ -186,7 +203,7 @@ fi %endif %postun -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} %systemd_postun_with_restart %{name}.service systemctl reload-or-try-restart rsyslog.service %endif @@ -201,7 +218,7 @@ fi %files %defattr(-,root,root) %doc CHANGELOG examples/*.cfg doc/configuration.txt doc/intro.txt doc/management.txt doc/proxy-protocol.txt -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} %license LICENSE %endif %doc %{_mandir}/man1/* @@ -210,6 +227,7 @@ fi %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/%{name}/%{name}.cfg %attr(0755,root,root) %{_sbindir}/%{name} %dir %{_localstatedir}/log/%{name} +%dir %{_localstatedir}/lib/%{name} %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/rsyslog.d/49-%{name}.conf %{_bindir}/halog @@ -219,6 +237,6 @@ fi %attr(0755,root,root) %config %_sysconfdir/rc.d/init.d/%{name} %endif -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} %attr(-,root,root) %{_unitdir}/%{name}.service %endif From 5e51d58099c462f97b7228c59147aa87667a7154 Mon Sep 17 00:00:00 2001 From: msotnikov Date: Fri, 9 Jan 2026 18:03:10 +0300 Subject: [PATCH 2/8] refactor: el10 support --- SPECS/haproxy.spec | 48 ++++++++++++++++++++-------------------------- 1 file changed, 21 insertions(+), 27 deletions(-) diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec index 6e01cf4..f17b00c 100644 --- a/SPECS/haproxy.spec +++ b/SPECS/haproxy.spec @@ -31,7 +31,8 @@ Source4: %{name}.syslog%{?dist} Source5: halog.1 BuildRoot: %{_tmppath}/%{name}-%{version}-root -%if 0%{?el10} +# PCRE selection: EL8, EL9, and EL10 use PCRE2. EL6/7 use PCRE1. +%if 0%{?rhel} >= 8 BuildRequires: pcre2-devel %else BuildRequires: pcre-devel @@ -39,7 +40,7 @@ BuildRequires: pcre-devel BuildRequires: zlib-devel BuildRequires: make -BuildRequires: gcc openssl-devel +BuildRequires: gcc BuildRequires: openssl-devel Requires(pre): shadow-utils @@ -51,15 +52,8 @@ Requires(preun): chkconfig, initscripts Requires(postun): initscripts %endif -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} -BuildRequires: systemd-units -BuildRequires: systemd-devel -Requires(post): systemd -Requires(preun): systemd -Requires(postun): systemd -%endif - -%if 0%{?el10} +# Systemd dependencies for EL7+ (including EL10) +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} BuildRequires: systemd Requires(post): systemd Requires(preun): systemd @@ -85,32 +79,26 @@ https://github.com/philyuchkoff/HAProxy-3-RPM-builder %prep %setup -q -# We don't want any perl dependecies in this RPM: +# We don't want any perl dependencies in this RPM: %define __perl_requires /bin/true %build -regparm_opts= -%ifarch %ix86 x86_64 -#regparm_opts="USE_REGPARM=1" -%endif - RPM_BUILD_NCPUS="`/usr/bin/nproc 2>/dev/null || /usr/bin/getconf _NPROCESSORS_ONLN`"; # Default opts -systemd_opts= pcre_opts="USE_PCRE=1" USE_TFO= USE_NS= -%if 0%{?el7} || 0%{?el8} || 0%{?el9} -systemd_opts="USE_SYSTEMD=1" -pcre_opts="USE_PCRE=1 USE_PCRE_JIT=1" -%endif - -%if 0%{?el10} +# PCRE2 flags for EL8+ +%if 0%{?rhel} >= 8 pcre_opts="USE_PCRE2=1 USE_PCRE2_JIT=1" +%else +# PCRE1 flags for EL7/6 +pcre_opts="USE_PCRE=1 USE_PCRE_JIT=1" %endif +# TFO and NS support for EL7+ %if 0%{?el7} || 0%{?el8} || 0%{?el9} || 0%{?el10} USE_TFO=1 USE_NS=1 @@ -124,7 +112,14 @@ SET_LUA="USE_LUA=1" SET_PROMETHEUS="EXTRA_OBJS=addons/promex/service-prometheus.o" %endif -%{__make} -j$RPM_BUILD_NCPUS %{?_smp_mflags} CPU="generic" TARGET="linux-glibc" ${systemd_opts} ${pcre_opts} USE_OPENSSL=1 USE_ZLIB=1 USE_PROMEX=1 ${regparm_opts} ADDINC="%{optflags}" USE_LINUX_TPROXY=1 USE_THREAD=1 USE_TFO=${USE_TFO} USE_NS=${USE_NS} ${SET_LUA} ${SET_PROMETHEUS} ADDLIB="%{__global_ldflags}" +%{__make} -j$RPM_BUILD_NCPUS %{?_smp_mflags} CPU="generic" TARGET="linux-glibc" \ + ${pcre_opts} \ + USE_OPENSSL=1 USE_ZLIB=1 USE_PROMEX=1 \ + ADDINC="%{optflags}" \ + USE_LINUX_TPROXY=1 USE_THREAD=1 \ + USE_TFO=${USE_TFO} USE_NS=${USE_NS} \ + ${SET_LUA} ${SET_PROMETHEUS} \ + ADDLIB="%{__global_ldflags}" %{__make} admin/halog/halog OPTIMIZE="%{optflags} %{__global_ldflags}" @@ -145,9 +140,9 @@ popd %{__install} -d %{buildroot}%{_localstatedir}/log/%{name} %{__install} -d %{buildroot}%{_localstatedir}/lib/%{name} +# Install binary once (previously duplicated) %{__install} %{name} %{buildroot}%{_sbindir}/ - %{__install} -c -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/haproxy.cfg %{__install} -c -m 644 examples/errorfiles/*.http %{buildroot}%{_sysconfdir}/%{name}/errors/ %{__install} -c -m 644 doc/%{name}.1 %{buildroot}%{_mandir}/man1/ @@ -164,7 +159,6 @@ popd %endif %if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} -%{__install} %{name} %{buildroot}%{_sbindir}/ %{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service %endif From 6fe130d32084b620aac8277bf7c510e5efc85aaf Mon Sep 17 00:00:00 2001 From: msotnikov Date: Fri, 9 Jan 2026 18:26:02 +0300 Subject: [PATCH 3/8] fix: amzn2023 support --- SOURCES/haproxy.syslog.amzn2023 | 39 ++++++++++++++++----------------- SPECS/haproxy.spec | 20 ++++++++--------- 2 files changed, 29 insertions(+), 30 deletions(-) diff --git a/SOURCES/haproxy.syslog.amzn2023 b/SOURCES/haproxy.syslog.amzn2023 index 9c67e90..915aa4f 100644 --- a/SOURCES/haproxy.syslog.amzn2023 +++ b/SOURCES/haproxy.syslog.amzn2023 @@ -1,22 +1,21 @@ -# /opt/HAProxy-3-RPM-builder/rpmbuild/SOURCES/haproxy.syslog.amzn2023 -# Syslog configuration for HAProxy on Amazon Linux 2023 (using rsyslog) +$ModLoad imudp +$UDPServerAddress 127.0.0.1 +$UDPServerRun 514 -# Enable UDP reception (for older syslog protocols) -module(load="imudp") -input(type="imudp" port="514") +$template HAProxy,"%TIMESTAMP% %syslogseverity-text:::UPPERCASE%: %msg:::drop-last-lf%\n" +$template HAProxyAccess,"%msg%\n" -# Enable TCP reception (more reliable) -module(load="imtcp") -input(type="imtcp" port="514") - -# HAProxy logging configuration -local0.* /var/log/haproxy.log -& ~ - -# Optional: Send HAProxy logs to a remote syslog server -# Replace with your actual remote server IP -# local0.* @@remote-syslog-server:514 - -# Template for structured logging (optional) -template(name="haproxy-template" type="string" - string="%timestamp% %hostname% %syslogtag%%msg%") +if $programname startswith 'haproxy' then { + if $syslogseverity == 6 then { + action(type="omfile" file="/var/log/haproxy/access.log" template="HAProxyAccess") + stop + } + if $syslogseverity <= 3 then { + action(type="omfile" file="/var/log/haproxy/error.log" template="HAProxy") + stop + } + if $syslogseverity <= 5 then { + action(type="omfile" file="/var/log/haproxy/status.log" template="HAProxy") + stop + } +} diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec index f17b00c..c9bbe3a 100644 --- a/SPECS/haproxy.spec +++ b/SPECS/haproxy.spec @@ -32,7 +32,7 @@ Source5: halog.1 BuildRoot: %{_tmppath}/%{name}-%{version}-root # PCRE selection: EL8, EL9, and EL10 use PCRE2. EL6/7 use PCRE1. -%if 0%{?rhel} >= 8 +%if 0%{?rhel} >= 8 || 0%{?amzn2023} BuildRequires: pcre2-devel %else BuildRequires: pcre-devel @@ -53,7 +53,7 @@ Requires(postun): initscripts %endif # Systemd dependencies for EL7+ (including EL10) -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} BuildRequires: systemd Requires(post): systemd Requires(preun): systemd @@ -91,7 +91,7 @@ USE_TFO= USE_NS= # PCRE2 flags for EL8+ -%if 0%{?rhel} >= 8 +%if 0%{?rhel} >= 8 || 0%{?amzn2023} pcre_opts="USE_PCRE2=1 USE_PCRE2_JIT=1" %else # PCRE1 flags for EL7/6 @@ -99,7 +99,7 @@ pcre_opts="USE_PCRE=1 USE_PCRE_JIT=1" %endif # TFO and NS support for EL7+ -%if 0%{?el7} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} USE_TFO=1 USE_NS=1 %endif @@ -158,7 +158,7 @@ popd %{__install} -c -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/rc.d/init.d/%{name} %endif -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} %{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service %endif @@ -174,7 +174,7 @@ getent passwd %{haproxy_user} >/dev/null || \ exit 0 %post -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} %systemd_post %{name}.service systemctl reload-or-try-restart rsyslog.service %endif @@ -185,7 +185,7 @@ systemctl reload-or-try-restart rsyslog.service %endif %preun -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} %systemd_preun %{name}.service %endif @@ -197,7 +197,7 @@ fi %endif %postun -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} %systemd_postun_with_restart %{name}.service systemctl reload-or-try-restart rsyslog.service %endif @@ -212,7 +212,7 @@ fi %files %defattr(-,root,root) %doc CHANGELOG examples/*.cfg doc/configuration.txt doc/intro.txt doc/management.txt doc/proxy-protocol.txt -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} %license LICENSE %endif %doc %{_mandir}/man1/* @@ -231,6 +231,6 @@ fi %attr(0755,root,root) %config %_sysconfdir/rc.d/init.d/%{name} %endif -%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} +%if 0%{?el7} || 0%{?amzn2} || 0%{?el8} || 0%{?el9} || 0%{?el10} || 0%{?amzn2023} %attr(-,root,root) %{_unitdir}/%{name}.service %endif From f797dcfb90e1f8e7aafb89975f6e48deda7b638b Mon Sep 17 00:00:00 2001 From: msotnikov Date: Fri, 9 Jan 2026 18:27:34 +0300 Subject: [PATCH 4/8] fix: syslog configuration logic is consistent across EL8, EL9, EL10, and Amazon Linux 2023, separating logs into access.log (info), error.log (err/crit/alert/emerg), and status.log (notice/warning). --- SOURCES/haproxy.cfg | 6 +++--- SOURCES/haproxy.syslog.el10 | 9 ++++++--- SOURCES/haproxy.syslog.el6 | 13 +++++++++++++ SOURCES/haproxy.syslog.el7 | 13 +++++++++++++ SOURCES/haproxy.syslog.el8 | 20 ++++++++++++++------ SOURCES/haproxy.syslog.el9 | 9 ++++++--- 6 files changed, 55 insertions(+), 15 deletions(-) create mode 100644 SOURCES/haproxy.syslog.el6 create mode 100644 SOURCES/haproxy.syslog.el7 diff --git a/SOURCES/haproxy.cfg b/SOURCES/haproxy.cfg index cf6ba21..e94e3b1 100644 --- a/SOURCES/haproxy.cfg +++ b/SOURCES/haproxy.cfg @@ -3,9 +3,9 @@ # global #log /dev/log local0 - log 127.0.0.1 local0 - #log /dev/log local1 notice - log 127.0.0.1 local1 notice + log 127.0.0.1 local2 + #log /dev/log local1 notice + #log 127.0.0.1 local1 notice chroot /var/lib/haproxy stats socket /run/haproxy.sock mode 600 level admin pidfile /var/run/haproxy.pid diff --git a/SOURCES/haproxy.syslog.el10 b/SOURCES/haproxy.syslog.el10 index 5d22ea3..915aa4f 100644 --- a/SOURCES/haproxy.syslog.el10 +++ b/SOURCES/haproxy.syslog.el10 @@ -6,13 +6,16 @@ $template HAProxy,"%TIMESTAMP% %syslogseverity-text:::UPPERCASE%: %msg:::drop-la $template HAProxyAccess,"%msg%\n" if $programname startswith 'haproxy' then { - if $syslogseverity == 6 then + if $syslogseverity == 6 then { action(type="omfile" file="/var/log/haproxy/access.log" template="HAProxyAccess") stop - if $syslogseverity <= 3 then + } + if $syslogseverity <= 3 then { action(type="omfile" file="/var/log/haproxy/error.log" template="HAProxy") stop - if $syslogseverity <= 5 then + } + if $syslogseverity <= 5 then { action(type="omfile" file="/var/log/haproxy/status.log" template="HAProxy") stop + } } diff --git a/SOURCES/haproxy.syslog.el6 b/SOURCES/haproxy.syslog.el6 new file mode 100644 index 0000000..9f3b6e3 --- /dev/null +++ b/SOURCES/haproxy.syslog.el6 @@ -0,0 +1,13 @@ +$ModLoad imudp +$UDPServerAddress 127.0.0.1 +$UDPServerRun 514 +$MaxMessageSize 64k +$FileCreateMode 0600 + +$template HAProxy,"%TIMESTAMP% %syslogseverity-text:::UPPERCASE%: %msg%\n" +$template HAProxyAccess,"%msg%\n" + +local2.=info /var/log/haproxy/access.log;HAProxyAccess +local2.=notice;local2.=warning /var/log/haproxy/status.log;HAProxy +local2.error /var/log/haproxy/error.log;HAProxy +local2.* ~ diff --git a/SOURCES/haproxy.syslog.el7 b/SOURCES/haproxy.syslog.el7 new file mode 100644 index 0000000..5f0f480 --- /dev/null +++ b/SOURCES/haproxy.syslog.el7 @@ -0,0 +1,13 @@ +$ModLoad imudp +$UDPServerAddress 127.0.0.1 +$UDPServerRun 514 +$MaxMessageSize 64k +$FileCreateMode 0600 + +$template HAProxy,"%TIMESTAMP% %syslogseverity-text:::UPPERCASE%: %msg%\n" +$template HAProxyAccess,"%msg%\n" + +local2.=info /var/log/haproxy/access.log;HAProxyAccess +local2.=notice;local2.=warning /var/log/haproxy/status.log;HAProxy +local2.error /var/log/haproxy/error.log;HAProxy +local2.* stop diff --git a/SOURCES/haproxy.syslog.el8 b/SOURCES/haproxy.syslog.el8 index 3618b00..915aa4f 100644 --- a/SOURCES/haproxy.syslog.el8 +++ b/SOURCES/haproxy.syslog.el8 @@ -5,9 +5,17 @@ $UDPServerRun 514 $template HAProxy,"%TIMESTAMP% %syslogseverity-text:::UPPERCASE%: %msg:::drop-last-lf%\n" $template HAProxyAccess,"%msg%\n" -local2.=info if $programname startswith 'haproxy' then /var/log/haproxy/access.log;HAProxyAccess -& stop -local2.emerg if $programname startswith 'haproxy' then /var/log/haproxy/error.log;HAProxy -& stop -local2.notice if $programname startswith 'haproxy' then /var/log/haproxy/status.log;HAProxy -& stop +if $programname startswith 'haproxy' then { + if $syslogseverity == 6 then { + action(type="omfile" file="/var/log/haproxy/access.log" template="HAProxyAccess") + stop + } + if $syslogseverity <= 3 then { + action(type="omfile" file="/var/log/haproxy/error.log" template="HAProxy") + stop + } + if $syslogseverity <= 5 then { + action(type="omfile" file="/var/log/haproxy/status.log" template="HAProxy") + stop + } +} diff --git a/SOURCES/haproxy.syslog.el9 b/SOURCES/haproxy.syslog.el9 index 5d22ea3..915aa4f 100644 --- a/SOURCES/haproxy.syslog.el9 +++ b/SOURCES/haproxy.syslog.el9 @@ -6,13 +6,16 @@ $template HAProxy,"%TIMESTAMP% %syslogseverity-text:::UPPERCASE%: %msg:::drop-la $template HAProxyAccess,"%msg%\n" if $programname startswith 'haproxy' then { - if $syslogseverity == 6 then + if $syslogseverity == 6 then { action(type="omfile" file="/var/log/haproxy/access.log" template="HAProxyAccess") stop - if $syslogseverity <= 3 then + } + if $syslogseverity <= 3 then { action(type="omfile" file="/var/log/haproxy/error.log" template="HAProxy") stop - if $syslogseverity <= 5 then + } + if $syslogseverity <= 5 then { action(type="omfile" file="/var/log/haproxy/status.log" template="HAProxy") stop + } } From 1e3d3084381f37fdef2aa19e34ea3c1512476646 Mon Sep 17 00:00:00 2001 From: msotnikov Date: Fri, 9 Jan 2026 18:34:02 +0300 Subject: [PATCH 5/8] feat: some config changes --- SOURCES/haproxy.cfg | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/SOURCES/haproxy.cfg b/SOURCES/haproxy.cfg index e94e3b1..537452a 100644 --- a/SOURCES/haproxy.cfg +++ b/SOURCES/haproxy.cfg @@ -1,6 +1,9 @@ # # THIS IS SAMPLE CONFIG, FOR TEST, NOT FOR PRODUCTION!!! # +# To check config run: +# haproxy -c -V -f /etc/haproxy/haproxy.cfg + global #log /dev/log local0 log 127.0.0.1 local2 @@ -8,22 +11,26 @@ global #log 127.0.0.1 local1 notice chroot /var/lib/haproxy stats socket /run/haproxy.sock mode 600 level admin - pidfile /var/run/haproxy.pid + #pidfile /var/run/haproxy.pid stats timeout 30s user haproxy group haproxy daemon - + listen stats bind :9000 mode http + #http-request use-service prometheus-exporter if { path /metrics } stats enable + #stats hide-version + stats refresh 10s stats realm Haproxy\ Statistics # Title text for popup window stats uri /haproxy_stats + #stats auth admin:admin_password timeout connect 5s timeout client 10s timeout server 10s - + defaults log global mode http From 4b7694774b08952af450137443160179fc564d32 Mon Sep 17 00:00:00 2001 From: msotnikov Date: Fri, 9 Jan 2026 19:17:44 +0300 Subject: [PATCH 6/8] feat: update supported platform list in README to include EL10 and Amazon Linux 2023 --- README.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ad9b388..4240bc3 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# RPM builder for HAProxy 3.2 (CentOS 8/9) +# RPM builder for HAProxy 3.2 (EL8/EL9/EL10/Amazon Linux 2023) ## Build latest HAProxy binary with prometheus metrics support ![GitHub last commit](https://img.shields.io/github/last-commit/philyuchkoff/HAProxy-3-RPM-builder?style=for-the-badge) @@ -81,8 +81,15 @@ If SELINUX is enabled - switch off this: open /etc/selinux/config and change SE - Create `/var/lib/haproxy` directory - Check on the rpcbind service to ensure that this service is started -#### :o: Failed to download metadata for repo ‘AppStream’ (CentOS8/9) +#### :o: Failed to download metadata for repo 'AppStream' (CentOS8/9) ##### Solution: cd /etc/yum.repos.d/ sudo sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* sudo sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* + + +### Supported platforms: +- Enterprise Linux 8 (RHEL 8, CentOS 8, Rocky Linux 8, AlmaLinux 8) +- Enterprise Linux 9 (RHEL 9, CentOS 9, Rocky Linux 9, AlmaLinux 9) +- Enterprise Linux 10 (RHEL 10, CentOS 10, Rocky Linux 10, AlmaLinux 10) +- Amazon Linux 2023 From 16ff590e24aae25b261273416e52f3c7321b846e Mon Sep 17 00:00:00 2001 From: msotnikov Date: Sun, 11 Jan 2026 18:27:56 +0300 Subject: [PATCH 7/8] feat: PCRE dependency in Makefile to support RHEL version detection --- Makefile | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 0a72ba7..e390b07 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,16 @@ VERSION := $(if $(VERSION),$(VERSION),${MAINVERSION}.0) SUDO := $(if $(filter 1,$(NO_SUDO)),,sudo) # Основные зависимости -BASE_DEPS := pcre-devel pcre2-devel make gcc openssl-devel rpm-build systemd-devel curl sed zlib-devel +BASE_DEPS := make gcc openssl-devel rpm-build systemd-devel curl sed zlib-devel + +# Detect RHEL version to select correct PCRE library +RHEL_VER := $(shell rpm -E %{rhel} 2>/dev/null) +ifeq ($(shell [ -n "$(RHEL_VER)" ] && [ "$(RHEL_VER)" -ge 8 ] 2>/dev/null && echo 1 || echo 0),1) + BASE_DEPS += pcre2-devel +else + BASE_DEPS += pcre-devel +endif + LUA_DEPS := readline-devel # Этапы сборки From 4d8f596baa36c9d852a23645093885aab0c9ca6d Mon Sep 17 00:00:00 2001 From: msotnikov Date: Sun, 11 Jan 2026 19:49:22 +0300 Subject: [PATCH 8/8] feat: add SELinux configuration example for non-standard ports in README --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 4240bc3..12ff0f1 100644 --- a/README.md +++ b/README.md @@ -75,6 +75,12 @@ If SELINUX is enabled - switch off this: open /etc/selinux/config and change SE sudo sed -i s/^SELINUX=.*$/SELINUX=disabled/ /etc/selinux/config +#### :o: Work with non-standard ports (SELinux) + + sudo dnf -yd install policycoreutils-python-utils + sudo semanage port -a -t http_port_t -p tcp 9999 + + #### :o: Cannot chroot1 [/usr/sbin/haproxy.main()] Cannot chroot1(/var/lib/haproxy) ##### Solution: