OSBal - Open Source Highly Available Loadbalancer Appliance

Active-Passive VRRP High-Availability Workflow

Client Traffic

Virtual IP (VIP)<br>Keepalived VRRP

Primary

Failover

OSBal Master<br>HAProxy + WAF

OSBal Backup<br>Standby Node

Backend Server 01

Backend Server 02

Why OSBal? Serving a Core Niche

A load balancer built specifically for environments where cost, performance efficiency, and offline resilience are paramount.

Zero Bandwidth Fees

Unlike cloud load balancers (AWS ALB, Azure, GCP) that charge subscription hours plus data egress metrics, OSBal runs on your own hardware or VMs with unlimited bandwidth for free.

Offline & Edge Ready

Perfect for private subnets, secure military networks, edge installations, or homelabs. OSBal functions 100% locally and does not depend on cloud APIs or WAN connection links.

Low Resource Footprint

Proprietary enterprise VMs require several cores and gigabytes of RAM. OSBal runs high-performance C binaries (HAProxy & Keepalived) using less than 512MB RAM on a Raspberry Pi.

OSBal vs. Other Open Source Alternatives

How OSBal compares directly to other open-source load balancers and proxy managers in the ecosystem.

Feature<br>OSBal<br>Roxy-WI<br>Nginx Proxy Manager<br>Raw CLI Configurations

Clustering / Failover (VRRP)<br>Yes (Built-in active-passive config)<br>Yes (Complex multi-daemon)<br>No (Must setup manually)<br>Manual script configuration

Supported Proxy Engines<br>HAProxy & Stunnel4<br>HAProxy, Nginx, Keepalived<br>Nginx only<br>Any (HAProxy, Stunnel, Nginx)

License & Restrictions<br>100% Free (No limits)<br>Commercially limited / Paid subscription<br>100% Free<br>100% Free

Resource Overhead<br>Ultra Low (<br>Heavy (requires Python backend)<br>Medium (NodeJS & database)<br>Ultra Low

Setup & Maintenance<br>Easy (1-line script & UI)<br>Hard (requires database & config servers)<br>Easy<br>Hard (Manual text edits only)

Roxy-WI Analysis

Pros : Highly comprehensive, supports multiple load balancers, and has advanced monitoring dashboards.

Cons : Heavy Python/Flask overhead. Advanced features and updates are locked behind paid commercial licenses or memberships. Setup is complex and time-consuming.

Nginx Proxy Manager Analysis

Pros : Extremely user-friendly UI, simple setup, and integrated Let's Encrypt SSL certificate generation.

Cons : Limited strictly to Nginx. Lacks Keepalived VRRP failover config, meaning you cannot easily set up active-passive redundant cluster load balancers out of the box.

Appliance Highlights

Optional WAF Shield

Toggle native SQL Injection (SQLi) query blocking, Cross-Site Scripting (XSS) filters, automated WAF request mitigation (Deny vs. Tarpit delay), and configure global IP Access Blacklists. Compiled directly into HAProxy ACL rules.

Realtime Stats Terminal

Inspect active connection stats, query response times, and filter blocks. Features a simulated live Access Logs terminal and stress simulator to test threshold behaviors.

3-Step Setup Wizard

Dynamic package diagnostics list automatically verifies that HAProxy, Keepalived, and Stunnel are installed, guiding you through admin setups and network interfaces.

Visual Load Balancing

Create frontends, backends, and assign server nodes using balancing strategies like Round-Robin, Session Cookie-based stickiness, or Client IP hashing from a clean web form.

Config Syntax Validator

Validate compilation syntax before reloads. Invokes the official `haproxy -c` config check directly from the web console, preventing bad parameters from crashing active services.

Backend Reachability Tester

Run instant socket reachability tests from the load balancer appliance to backend IPs and ports. Verify connection latency (in ms) or receive detailed system-level socket failure reports.

Get Started in Your Terminal

Ready to deploy? Copy the script below to install system dependencies, download the OSBal interface, configure system permissions, and launch the web server automatically.

curl -sSL https://raw.githubusercontent.com/siefkencp/osbal/main/scripts/deploy.sh | bash<br>Copy

Developer & Clustering API

OSBal exposes a fully featured REST API on every node. This API allows external orchestration tools to export configuration states, deploy certificates, update blocklists, or synchronize redundant HA pairs.

API Authentication Header

All external API requests must authorize by sending the cluster's shared secret API key. Add the key under one of the following HTTP headers. Requests without valid keys will receive a 401 Unauthorized response.

X-OSBAL-API-KEY: your_configured_api_key

(Note: This key must match the 'Shared API Key' configured in the High Availability Clustering tab.)

GET /api/config.php

Export Configuration

Retrieves the complete appliance database structure. The output is a consolidated JSON object containing service configurations, SSL certificates, global IP blacklists, and HA router parameters.

HTTP Response Schema (200 OK):

"success": true,<br>"config": {<br>"services": {<br>"service_unique_id": {<br>"id":...