OPNSense MCP Server

# HAProxy Implementation Summary ## Overview Successfully implemented comprehensive HAProxy management functionality for the OPNsense MCP server, enabling full control over HAProxy load balancing and reverse proxy features through Claude Desktop. ## What Was Implemented ### 1. Core HAProxy Resource Class (`src/resources/services/haproxy/index.ts`) - Complete TypeScript implementation with interfaces and types - Full CRUD operations for all HAProxy components - Error handling and API payload formatting ### 2. Service Control Tools - `haproxy_service_control` - Start, stop, restart, reload, and check status - Automatic reconfiguration after changes ### 3. Backend Management Tools - `haproxy_backend_create` - Create backends with server pools - `haproxy_backend_list` - List all backends - `haproxy_backend_delete` - Delete backends - Support for HTTP/TCP modes and various load balancing algorithms ### 4. Frontend Management Tools - `haproxy_frontend_create` - Create frontends with SSL support - `haproxy_frontend_list` - List all frontends - `haproxy_frontend_delete` - Delete frontends - SSL/TLS configuration with certificate selection ### 5. Certificate Management - `haproxy_certificate_list` - List available certificates - `haproxy_certificate_create` - Create self-signed or import certificates - Support for SANs (Subject Alternative Names) ### 6. ACL and Action Management - `haproxy_acl_create` - Create ACLs for request routing - `haproxy_action_create` - Create actions based on ACL conditions - Support for backend selection, redirects, and header manipulation ### 7. Monitoring and Statistics - `haproxy_stats` - Get comprehensive statistics - `haproxy_backend_health` - Check backend server health - Real-time monitoring of sessions, bytes, and error rates ### 8. MCP Resources Added three new resources: - `opnsense://haproxy/backends` - `opnsense://haproxy/frontends` - `opnsense://haproxy/stats` ## Integration Points ### Updated Files: 1. `src/index.ts` - Added HAProxy resource initialization and tool handlers 2. `package.json` - Updated version to 0.5.0 3. Created `src/resources/services/haproxy/index.ts` - Main HAProxy implementation 4. Created `docs/HAPROXY-GUIDE.md` - Comprehensive usage documentation ### API Endpoints Used: - `/api/haproxy/service/*` - Service control - `/api/haproxy/settings/*` - Configuration management - `/api/haproxy/stats/show` - Statistics retrieval - `/api/system/certificates/*` - Certificate management ## Key Features 1. **Type Safety** - Full TypeScript support with proper interfaces 2. **Auto-reconfiguration** - Changes automatically trigger HAProxy reload 3. **Error Handling** - Comprehensive error messages and validation 4. **Batch Operations** - Create backends with multiple servers in one call 5. **SSL Support** - Full SSL/TLS configuration for frontends and backends ## Usage Example ```typescript // Create a backend for TrueNAS await haproxy_backend_create({ name: "truenas-backend", mode: "http", balance: "roundrobin", servers: [{ name: "truenas-server", address: "10.0.0.14", port: 443, ssl: true, verify: "none" }] }); // Create HTTPS frontend await haproxy_frontend_create({ name: "truenas-frontend", bind: "0.0.0.0:443", mode: "http", backend: "truenas-backend", ssl: true, certificates: ["opnsense-selfsigned"] }); ``` ## Benefits 1. **No Manual Configuration** - Manage HAProxy entirely through Claude 2. **Infrastructure as Code** - Define load balancing configurations programmatically 3. **Monitoring** - Real-time visibility into proxy performance 4. **Flexibility** - Support for complex routing rules with ACLs ## Next Steps The implementation is complete and ready for use. Users can now: 1. Configure HAProxy load balancing for services like TrueNAS 2. Set up SSL termination for backend services 3. Create complex routing rules based on hostnames or paths 4. Monitor backend health and performance All functionality has been tested to compile successfully with TypeScript.