- Sources:
- This guide covers set up on OPNSense. We will need to open traffic for nginx web server, so that we can reach the admin web interface + RoundCube, both installed on the iRedMail server.
- If you do not have haproxy installed on your OPNSense instance, you can install it under System → Firmware → Packages – find os-haproxy and click on the + symbol to install it.
- Under Services → HaProxy → Settings, go to Real Servers → Real Servers and add a new host. In this guide, we will use port 8082 that will be forwarded internally on the LAN to the iRedMail VM.
- Make sure the ‘Enabled’ tick box is ticked.
- Now go to Virtual Services → Backend pools and add a new host there:
- Let’s define a condition. Go to Rules & Checks → Conditions and create a new condition:
- Condition type: Host amatches
- Host String: mail.your-domain.tld
- Now we can set up a rule what to do if the condition is met. Go to Rules & Checks → Rules and create a new rule:
- In the rule, we say that if the condition is met, traffic should be forwarded to the backend host we have created. Yet there is no service listening in the front-end yet to handle the traffic.
- Go to Virtual Services → Public Services and unless you have a service there already, add a new one that listens on port 80.
- Once done, click on the ‘Test syntax’ button and only click on ‘Apply’ if everything is okay.
- Verify the HAProxy log in case you encouter issues (or post below this article ideally with a screenshot of your set up).