Owncloud with HA-Proxy error from desktop client

I’ve Owncloud 10.0.10 (too old). And wish balance the charge but i have strange behavior. When access by browser the access is fine, but try from client aks me the password and not login.

Web access -> HA Proxy -> Nextcloud -> Fine
Desktop client -> HA Proxy -> Owncloud -> Not fine

My HAProxy configuration

    stats socket /tmp/haproxysock level admin
    tune.ssl.default-dh-param 2048
    stats socket    /tmp/haproxy
    log local2
#    mode http
    #log /dev/log local1 notice
    log global
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms
    option httpclose
    option forwardfor except
    option redispatch
    option abortonclose
    option httplog
    option dontlognull

frontend http_owncloud
    bind *:80
    mode http
    maxconn 1000
    default_backend webservers

frontend https_owncloud
    bind *:443 ssl crt /etc/haproxy/certs/cloud.domain.com.pem
    default_backend webservers
    mode http
    reqadd X-Forwarded-Proto:\ https
    rspadd Strict-Transport-Security:\ max-age=31536000;\ includeSubDomains;\ preload

backend webservers
    mode http
    balance roundrobin
    stats enable
    stats uri /haproxy?stats
    stats refresh 30s
    option  httpchk
    option  httpclose
    option  forwardfor
    server oc-web-new-01 172.31.x.x:80 check verify none
    server oc-web-new-02 172.31.x.x:80 check verify none
    http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
    http-request set-header X-Forwarded-Port %[dst_port]
    http-request add-header X-Forwarded-Proto https if { ssl_fc }

My services

S.O Centos 7 (HA Proxy and Owncloud)
PHP 7.2.17 with FPM (For Owncloud webserver)
Owncloud version 10.0.10
HA Proxy 1.5.18
Desktop client 2.5.4 (stable)

And the client error:



Hello mora,

I don’t know what’s the default policy for balancing with roundrobin in HAProxy but maybe it’s the problem, I’m not sure that the roundrobin works as you expected.
You should try to stick a backend to a source ip. It’s plausible it works in the web case because it’s using a cookie and not with the desktop client.
Another possible problem with that configuration setup is the PHP sessions, file locking etc … since the same ownCloud can be accessed on two different servers do not forget to take care of that.
I hope this helps.