slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🎨: make haproxy.cfg idempotent

Browse Source
This commit is contained in:
VC
2024-07-17 21:34:06 +02:00
parent 1ee8f4437b
commit b49b680bdf
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
roles/haproxy/templates/haproxy.cfg.j2
View File

@@ -41,8 +41,8 @@ frontend http
tcp-request inspect-delay 3s tcp-request inspect-delay 3s
acl letsencrypt path_beg /.well-known/acme-challenge acl letsencrypt path_beg /.well-known/acme-challenge
redirect scheme https code 301 if !letsencrypt redirect scheme https code 301 if !letsencrypt
{% for server in groups['webservers'] | difference(groups['disabled_loadbalanced_webservers']) %} {% for server in groups['webservers'] | difference(groups['disabled_loadbalanced_webservers']) | sort %}
{% for hostname in hostvars[server]['web_hostname'] %} {% for hostname in hostvars[server]['web_hostname'] | sort %}
## {{ hostname }} configuration ## {{ hostname }} configuration
acl host_{{ hostname }} hdr(host) -i {{ hostname }} acl host_{{ hostname }} hdr(host) -i {{ hostname }}
use_backend http_{{ server }} if letsencrypt host_{{ hostname }} use_backend http_{{ server }} if letsencrypt host_{{ hostname }}
@@ -56,8 +56,8 @@ frontend https
bind *:443 name frontend-https bind *:443 name frontend-https
tcp-request inspect-delay 3s tcp-request inspect-delay 3s
tcp-request content accept if { req.ssl_hello_type 1 } tcp-request content accept if { req.ssl_hello_type 1 }
{% for server in groups['webservers'] | difference(groups['disabled_loadbalanced_webservers']) %} {% for server in groups['webservers'] | difference(groups['disabled_loadbalanced_webservers']) | sort %}
{% for hostname in hostvars[server]['web_hostname'] %} {% for hostname in hostvars[server]['web_hostname'] | sort %}
## {{ hostname }} configuration ## {{ hostname }} configuration
acl host_{{ hostname }} req.ssl_sni -i {{ hostname }} acl host_{{ hostname }} req.ssl_sni -i {{ hostname }}
use_backend https_{{ server }} if host_{{ hostname }} use_backend https_{{ server }} if host_{{ hostname }}
@@ -65,7 +65,7 @@ frontend https
{% endfor %} {% endfor %}
{% endfor %} {% endfor %}
{% for server in groups['webservers'] | difference(groups['disabled_loadbalanced_webservers']) %} {% for server in groups['webservers'] | difference(groups['disabled_loadbalanced_webservers']) | sort %}
## {{ server }} configuration ## {{ server }} configuration
backend http_{{ server }} backend http_{{ server }}
mode http mode http