├── ansible.cfg
├── vars
    ├── RedHat.yml
    └── main.yml
├── handlers
    └── main.yml
├── templates
    ├── http_request.cfg
    ├── userlist.cfg
    ├── stats.cfg
    ├── listen.cfg
    ├── backend.cfg
    ├── global.cfg
    ├── frontend.cfg
    └── defaults.cfg
├── meta
    └── main.yml
├── tasks
    ├── main.yml
    ├── setup-RedHat.yml
    └── configure.yml
├── test.yml
├── README.md
└── defaults
    └── main.yml


/ansible.cfg:
--------------------------------------------------------------------------------
1 | [defaults]
2 | roles_path = ../
3 | 


--------------------------------------------------------------------------------
/vars/RedHat.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # vars file for RedHat
3 | 
4 | haproxy_config: "/etc/haproxy/haproxy.cfg"
5 | 


--------------------------------------------------------------------------------
/handlers/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # handlers file for haproxy
3 | 
4 | - name: restart haproxy
5 |   service: name=haproxy state=restarted
6 | 


--------------------------------------------------------------------------------
/templates/http_request.cfg:
--------------------------------------------------------------------------------
1 | {%- for request in item.http_request -%}
2 |     http-request {{ request.action }}{% if request.param is defined %} {{ request.param }}{% endif %}{% if request.condition is defined %} {{ request.condition }}{% endif %}
3 | 
4 | {% endfor -%}
5 | 


--------------------------------------------------------------------------------
/meta/main.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | galaxy_info:
 3 |   author: z
 4 |   description: Installs and configure haproxy
 5 |   company:
 6 |   license: license (BSD, MIT)
 7 |   min_ansible_version: 1.8
 8 |   platforms:
 9 |   - name: EL
10 |     versions:
11 |     - 6
12 |     - 7
13 |   categories:
14 |   - networking
15 |   - system
16 |   - web
17 | dependencies: []
18 | 


--------------------------------------------------------------------------------
/tasks/main.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | # tasks file for haproxy
 3 | 
 4 | # Include variables and define needed variables.
 5 | - name: Include OS-specific variables.
 6 |   include_vars: "{{ ansible_os_family }}.yml"
 7 | 
 8 | # Setup/install tasks.
 9 | - include: setup-RedHat.yml
10 |   when: ansible_os_family == 'RedHat'
11 | 
12 | # Configure tasks.
13 | - include: configure.yml
14 |   when: haproxy_manage_config
15 | 


--------------------------------------------------------------------------------
/templates/userlist.cfg:
--------------------------------------------------------------------------------
 1 | 
 2 | userlist {{ item.name }}
 3 | {% if item.groups is defined %}
 4 | {% for group in item.groups %}
 5 |     group {{ group.name }} {% if group.users is defined %} users {{ ','.join(group.users) }}{% endif %}
 6 | 
 7 | {% endfor %}
 8 | {% endif %}
 9 | {% if item.users is defined %}
10 | {% for user in item.users %}
11 |     user {{ user.name }} password {{ user.password }}{% if user.groups is defined %} groups {{ ','.join(user.groups) }}{% endif %}
12 | 
13 | {% endfor %}
14 | {% endif %}
15 | 


--------------------------------------------------------------------------------
/tasks/setup-RedHat.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | # tasks file for RedHat
 3 | 
 4 | - name: Installs haproxy as well as socat for socket api.
 5 |   yum: name="{{ item }}" state=installed
 6 |   with_items:
 7 |     - haproxy
 8 |     - socat
 9 |   ignore_errors: true
10 | 
11 | - name: Make haproxy bindable on non local addresses
12 |   sysctl:
13 |     name: net.ipv4.ip_nonlocal_bind
14 |     value: 1
15 |     sysctl_set: yes
16 |     state: present
17 |   when: haproxy_bind_on_non_local | bool
18 | 
19 | - name: Ensure HAProxy is started and enabled on boot.
20 |   service: name=haproxy enabled=yes
21 | 
22 | - name: Ensure chroot directory exists.
23 |   file: name={{ haproxy_global.chroot }} state=directory
24 |   when: haproxy_global.chroot is defined and haproxy_global.chroot
25 | 


--------------------------------------------------------------------------------
/test.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | # test file
 3 | 
 4 | - hosts: servers
 5 |   roles:
 6 |      - role: ansible-role-haproxy
 7 |        haproxy_stats:
 8 |          name: 'global_monitor'
 9 |          ip: "{{ ansible_default_ipv4.address }}"
10 |          port: '38888'
11 |          stats:
12 |            enabled: True
13 |            hide_version: true
14 |            uri: /slb_stats_url
15 |            realm: Welcome\ to\ slb\ monitor
16 |            auth: admin:admin
17 |            refresh: 2s
18 |        haproxy_frontends:
19 |        - name: 'fe-testsite'
20 |          ip: '{{ ansible_default_ipv4.address }}'
21 |          port: '80'
22 |          maxconn: '1000'
23 |          default_backend: 'be-testsite'
24 |        haproxy_backends:
25 |        - name: 'be-testsite'
26 |          description: 'testsite'
27 |          servers:
28 |            - name: 'be-testsite-01'
29 |              ip: '192.168.1.100'
30 | 


--------------------------------------------------------------------------------
/templates/stats.cfg:
--------------------------------------------------------------------------------
 1 | 
 2 | listen {{ haproxy_stats.name }}
 3 | {% if haproxy_stats.bind is defined %}
 4 | {% for binding in haproxy_stats.bind %}
 5 |     bind {{ binding }}
 6 | {% endfor %}
 7 | {% endif %}
 8 | {% if haproxy_stats.mode is defined %}
 9 |     mode {{ haproxy_stats.mode }}
10 |  {% endif %}
11 | {% if haproxy_stats.stats is defined %}
12 | {% if haproxy_stats.stats.enabled is defined and haproxy_stats.stats.enabled == True %}
13 |     stats enable
14 | {% endif %}
15 | {% if haproxy_stats.stats.hide_version is defined and haproxy_stats.stats.hide_version == true %}
16 |     stats hide-version
17 | {% endif %}
18 | {% if haproxy_stats.stats.uri is defined %}
19 |     stats uri {{ haproxy_stats.stats.uri }}
20 | {% endif %}
21 | {% if haproxy_stats.stats.realm is defined %}
22 |     stats realm {{ haproxy_stats.stats.realm }}
23 | {% endif %}
24 | {% if haproxy_stats.stats.auth is defined %}
25 |     stats auth {{ haproxy_stats.stats.auth }}
26 | {% endif %}
27 | {% if haproxy_stats.stats.refresh is defined %}
28 |     stats refresh {{ haproxy_stats.stats.refresh }}
29 | {% endif %}
30 | {% endif -%}
31 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Ansible Role: haproxy
 2 | 
 3 | Installs HAProxy on RedHat/CentOS servers.
 4 | 
 5 | ## Requirements
 6 | 
 7 | - On RedHat/CentOS 6 must enable EPEL repo to install the socat package.
 8 | 
 9 | ## Role Variables
10 | 
11 | ### `defaults/main.yml`
12 | 
13 | * `haproxy_manage_config: true`
14 | * `haproxy_etc_prefix: /etc`
15 | 
16 | * `haproxy_defaults`
17 |     - see defaults/main.yml
18 | 
19 | * `haproxy_global`
20 |     - see defaults/main.yml
21 | 
22 | * `haproxy_stats`
23 |     - see defaults/main.yml
24 | 
25 | ### `vars/RedHat.yml`
26 | 
27 | * `haproxy_config: "/etc/haproxy/haproxy.cfg"`
28 | 
29 | ## Dependencies
30 | 
31 | None.
32 | 
33 | ## Example Playbook
34 | 
35 |     - hosts: servers
36 |       roles:
37 |         - role: haproxy
38 |           haproxy_frontends:
39 |           - name: 'fe-testsite'
40 |             ip: '{{ ansible_default_ipv4.address }}'
41 |             port: '80'
42 |             maxconn: '1000'
43 |             default_backend: 'be-testsite'
44 |           haproxy_backends:
45 |           - name: 'be-testsite'
46 |             description: 'testsite'
47 |             servers:
48 |               - name: 'be-testsite-01'
49 |                 ip: '192.168.1.100'
50 | 
51 | ## Author Information
52 | 
53 | z
54 | 


--------------------------------------------------------------------------------
/defaults/main.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | # defaults file for haproxy
 3 | 
 4 | haproxy_manage_config: true
 5 | haproxy_etc_prefix: /etc
 6 | haproxy_bind_on_non_local: True
 7 | 
 8 | haproxy_global:
 9 |   log:
10 |     - address: /dev/log
11 |       facility: local0
12 |     - address: /dev/log
13 |       facility: local1
14 |       level: notice
15 |   chroot: /var/lib/haproxy
16 |   user: haproxy
17 |   group: haproxy
18 |   daemon: true
19 | 
20 | haproxy_defaults:
21 |   mode: http
22 |   log:
23 |     - address: /dev/log
24 |       facility: local1
25 |       level: notice
26 |   timeout:
27 |       - param: 'connect'
28 |         value: '5000ms'
29 |       - param: 'client'
30 |         value: '50000ms'
31 |       - param: 'server'
32 |         value: '50000ms'
33 |   options:
34 |     - httpclose
35 |     - forwardfor except 127.0.0.0/8
36 |     - redispatch
37 |     - abortonclose
38 |     - httplog
39 |     - dontlognull
40 |   errorfile:
41 |       - code: 400
42 |         file: /etc/haproxy/errors/400.http
43 |       - code: 403
44 |         file: /etc/haproxy/errors/403.http
45 |       - code: 408
46 |         file: /etc/haproxy/errors/408.http
47 |       - code: 500
48 |         file: /etc/haproxy/errors/500.http
49 |       - code: 502
50 |         file: /etc/haproxy/errors/502.http
51 |       - code: 504
52 |         file: /etc/haproxy/errors/504.http
53 | 
54 | haproxy_stats:
55 |   name: 'global_monitor'
56 |   ip: "{{ ansible_default_ipv4.address }}"
57 |   port: '8888'
58 |   stats:
59 |     enabled: True
60 |     hide_version: true
61 |     uri: /stats_url
62 |     realm: Welcome\ to\ haproxy\ monitor
63 |     auth: admin:admin
64 |     refresh: 2s
65 |   mode: http
66 | 


--------------------------------------------------------------------------------
/templates/listen.cfg:
--------------------------------------------------------------------------------
 1 | 
 2 | listen {{ item.name }}
 3 | {% if item.bind is defined %}
 4 | {% for binding in item.bind %}
 5 |     bind {{ binding }}{% if item.ssl is defined %}{% if item.ssl.cert is defined %} ssl crt {{ item.ssl.cert }}{% if item.ssl.ciphers is defined %} ciphers {{ item.ssl.ciphers }}{% endif %}{% endif %}{% endif %}
 6 | 
 7 | {% endfor %}
 8 | {% endif -%}
 9 | {% if item.disabled is defined and item.disabled == true %}
10 |     disabled
11 | {% endif -%}
12 | {% if item.description is defined %}
13 |     description {{ item.description }}
14 | {% endif -%}
15 | {% if item.servers is defined %}
16 | {% for server in item.servers %}
17 |     server {{ server.name }} {{ server.ip }}{% if server.port is defined %}:{{server.port }}{% endif %} {% if server.maxconn is defined %}maxconn {{server.maxconn }} {% endif %}{% if server.params is defined %}{% for param in server.params %}{{ param }} {% endfor %}{% endif %}
18 | 
19 | {% endfor %}
20 | {% endif %}
21 | {% if item.balance is defined %}
22 |     balance {{ item.balance }}
23 | {% endif -%}
24 | {% if item.log is defined %}
25 |     log {{ item.log }}
26 | {% endif -%}
27 | {% if item.retries is defined %}
28 |     retries {{ item.retries }}
29 | {% endif -%}
30 | {% if item.contimeout is defined %}
31 |     contimeout {{ item.contimeout }}
32 | {% endif -%}
33 | {% if item.http_send_name_header is defined %}
34 |     http-send-name-header {{ item.http_send_name_header }}
35 | {% endif -%}
36 | {% if item.http_check_except is defined %}
37 | {% for check_except in item.http_check_except %}
38 |     http-check except {{ check_except }}
39 | {% endfor %}
40 | {% endif -%}
41 | {% if item.options is defined %}
42 | {% for option in item.options %}
43 |     option {{ option }}
44 | {% endfor %}
45 | {% endif -%}
46 | 


--------------------------------------------------------------------------------
/templates/backend.cfg:
--------------------------------------------------------------------------------
 1 | 
 2 | backend {{ item.name }}
 3 | {% if item.disabled is defined and item.disabled == true %}
 4 |     disabled
 5 | {% endif -%}
 6 | {% if item.description is defined %}
 7 |     description {{ item.description }}
 8 | {% endif -%}
 9 | {% if item.servers is defined %}
10 | {% for server in item.servers %}
11 |     server {{ server.name }} {{ server.ip }}{% if server.port is defined %}:{{server.port }}{% endif %} {% if server.maxconn is defined %}maxconn {{server.maxconn }} {% endif %}{% if server.params is defined %}{% for param in server.params %}{{ param }} {% endfor %}{% endif %}
12 | 
13 | {% endfor %}
14 | {% endif %}
15 | {% if item.balance is defined %}
16 |     balance {{ item.balance }}
17 | {% endif -%}
18 | {% if item.mode is defined %}
19 |     mode {{ item.mode }}
20 | {% endif -%}
21 | {% if item.log is defined %}
22 |     log {{ item.log }}
23 | {% endif -%}
24 | {% if item.retries is defined %}
25 |     retries {{ item.retries }}
26 | {% endif -%}
27 | {% if item.redirects is defined %}
28 |     {% for redirect in item.redirects -%}
29 |     redirect {{ redirect }}
30 |     {% endfor %}
31 | {% endif -%}
32 | {% if item.contimeout is defined %}
33 |     contimeout {{ item.contimeout }}
34 | {% endif -%}
35 | {% if item.http_send_name_header is defined %}
36 |     http-send-name-header {{ item.http_send_name_header }}
37 | {% endif -%}
38 | {% if item.http_check_expect is defined %}
39 | {% for check_expect in item.http_check_expect %}
40 |     http-check expect {{ check_expect }}
41 | {% endfor %}
42 | {% endif -%}
43 | {% if item.http_request is defined %}
44 |     {% include "http_request.cfg" %}
45 | {% endif -%}
46 | {% if item.options is defined %}
47 | {% for option in item.options %}
48 |     option {{ option }}
49 | {% endfor %}
50 | {% endif -%}
51 | 


--------------------------------------------------------------------------------
/templates/global.cfg:
--------------------------------------------------------------------------------
 1 | global
 2 | {% if haproxy_global.chroot is defined and haproxy_global.chroot != false %}
 3 |     chroot {{ haproxy_global.chroot }}
 4 | {% endif -%}
 5 | {% if haproxy_global.pidfile is defined %}
 6 |     pidfile {{ haproxy_global.pidfile }}
 7 | {% endif -%}
 8 | {% if haproxy_global.maxconn is defined %}
 9 |     maxconn {{ haproxy_global.maxconn }}
10 | {% endif -%}
11 | {% if haproxy_global.uid is defined %}
12 |     uid {{ haproxy_global.uid }}
13 | {% elif haproxy_global.user is defined %}
14 |     user {{ haproxy_global.user }}
15 | {% endif -%}
16 | {% if haproxy_global.gid is defined %}
17 |     gid {{ haproxy_global.gid }}
18 | {% elif haproxy_global.group is defined %}
19 |     group {{ haproxy_global.group }}
20 | {% endif -%}
21 | {% if haproxy_global.daemon is defined and haproxy_global.daemon == true %}
22 |     daemon
23 | {% endif -%}
24 | {% if haproxy_global.nbproc is defined %}
25 |     nbproc {{ haproxy_global.nbproc }}
26 | {% endif -%}
27 | {% if haproxy_global.spread_checks is defined %}
28 |     spread-checks {{ haproxy_global.spread_checks }}
29 | {% endif -%}
30 | {% if haproxy_global.stats is defined %}
31 | {% if haproxy_global.stats.socket is defined %}
32 |     stats socket {{ haproxy_global.stats.socket }}
33 | {% endif -%}
34 | {% if haproxy_global.stats.timeout is defined %}
35 |     stats timeout {{ haproxy_global.stats.timeout }}
36 | {% endif -%}
37 | {% endif %}
38 | {% if haproxy_global.log is defined %}
39 | {% for log in haproxy_global.log %}
40 |     log {{ log.address }} {{ log.facility }}{% if log.level is defined %} {{log.level }}{% endif %}{% if log.minlevel is defined %} {{ log.minlevel }}{% endif %}
41 | 
42 | {% if log.format is defined %}
43 |     log-format {{ log.format }}
44 | {% endif %}
45 | {% endfor %}
46 | {% endif %}
47 | 


--------------------------------------------------------------------------------
/vars/main.yml:
--------------------------------------------------------------------------------
  1 | ---
  2 | # vars file for haproxy
  3 | 
  4 | #haproxy_global:
  5 | #  chroot:
  6 | #  pidfile:
  7 | #  maxconn:
  8 | #  user:
  9 | #  uid:
 10 | #  group:
 11 | #  gid:
 12 | #  daemon:
 13 | #  nbproc:
 14 | #  spread_checks:
 15 | #  stats:
 16 | #      socket:
 17 | #      timeout:
 18 | #  log:
 19 | #    - address:
 20 | #      facility:
 21 | #      level:
 22 | #      minlevel:
 23 | #      format:
 24 | #
 25 | #haproxy_defaults:
 26 | #  mode:
 27 | #  log:
 28 | #  options:
 29 | #    - <option>
 30 | #  retries:
 31 | #  timeout:
 32 | #    - param:
 33 | #      value:
 34 | #  maxconn:
 35 | #  stats:
 36 | #    enabled:
 37 | #    hide_version:
 38 | #    uri:
 39 | #    realm:
 40 | #    auth:
 41 | #    refresh:
 42 | #  compression:
 43 | #    algo:
 44 | #    type:
 45 | #    offload:
 46 | #  http_check:
 47 | #    disable_on_404:
 48 | #    expect:
 49 | #    send_state:
 50 | #
 51 | #haproxy_frontends:
 52 | #  - name:
 53 | #    ip:
 54 | #    bind:
 55 | #      - 192.168.1.1:80
 56 | #      - 192.168.1.2:81
 57 | #    ssl:
 58 | #      cert: /etc/ssl/private/cert.pem
 59 | #      ciphers: 'RC4-SHA:AES128-SHA:AES:!ADH:!aNULL:!DH:!EDH:!eNULL'
 60 | #    maxconn:
 61 | #    monitor:
 62 | #      uri:
 63 | #      fail:
 64 | #        - <condition>
 65 | #    acl:
 66 | #      - name:
 67 | #        condition:
 68 | #    http-request:
 69 | #      - action:
 70 | #        param:
 71 | #        condition:
 72 | #    rate-limit-sessions:
 73 | #    block:
 74 | #        -
 75 | #    options:
 76 | #        - forwardfor
 77 | #    default_backend:
 78 | #    use_backend:
 79 | #      - name:
 80 | #        condition:
 81 | #
 82 | #haproxy_backends:
 83 | #  - name:
 84 | #    disabled:
 85 | #    description:
 86 | #    balance:
 87 | #    log:
 88 | #    retries:
 89 | #    contimeout:
 90 | #    http-send-name-header:
 91 | #    http-check-expect:
 92 | #        - condition
 93 | #    acl:
 94 | #      - name:
 95 | #        condition:
 96 | #    servers:
 97 | #      - name:
 98 | #        ip:
 99 | #        port:
100 | #        maxconn:
101 | #        params:
102 | #              - param1
103 | #    options:
104 | #        - forwardfor
105 | #
106 | #haproxy_listen:
107 | #  - name:
108 | #    bind:
109 | #    ssl:
110 | #      cert: /etc/ssl/private/cert.pem
111 | #      ciphers: 'RC4-SHA:AES128-SHA:AES:!ADH:!aNULL:!DH:!EDH:!eNULL'
112 | #    disabled:
113 | #    description:
114 | #    balance:
115 | #    log:
116 | #    retries:
117 | #    http-send-name-header:
118 | #    http-check-expect:
119 | #        - condition
120 | #    acl:
121 | #      - name:
122 | #        condition:
123 | #    servers:
124 | #      - name:
125 | #        ip:
126 | #        port:
127 | #        maxconn:
128 | #        params:
129 | #              - param1
130 | #    options:
131 | #        - forwardfor
132 | 


--------------------------------------------------------------------------------
/templates/frontend.cfg:
--------------------------------------------------------------------------------
 1 | 
 2 | frontend {{ item.name }} {%if item.ip is defined %}{{ item.ip }}{% endif %}{%if item.port is defined %}:{{ item.port }}{% endif %}
 3 | 
 4 |     {% if item.bind is defined -%}
 5 |     {%- for bind in item.bind -%}
 6 |         bind {{ bind }}{% if item.ssl is defined %}{% if item.ssl.cert is defined %} ssl crt {{ item.ssl.cert }}{% if item.ssl.ciphers is defined %} ciphers {{ item.ssl.ciphers }}{% endif %}{% endif %}{% endif %}
 7 | 
 8 |     {% endfor -%}
 9 |     {% endif -%}
10 | 
11 |     {% if item.mode is defined -%}
12 |         mode {{ item.mode }}
13 |     {% endif -%}
14 | 
15 |     {% if item.maxconn is defined -%}
16 |         maxconn {{ item.maxconn }}
17 |     {% endif -%}
18 | 
19 |     {%- if item.monitor is defined -%}
20 |        {% if item.monitor.uri is defined -%}
21 |             monitor-uri {{ item.monitor.uri }}
22 |        {% endif %}
23 |        {%- if item.monitor.fail is defined -%}
24 |          {%- for condition in item.monitor.fail -%}
25 |             monitor fail {{ condition }}
26 |          {% endfor %}
27 |        {% endif %}
28 |     {% endif -%}
29 | 
30 |     {%- if item.acl is defined -%}
31 |     {%- for acl in item.acl -%}
32 |          acl {{ acl.name }} {{ acl.condition }}
33 |     {% endfor %}
34 |     {% endif -%}
35 | 
36 |     {%- if item.reqadd is defined -%}
37 |        {%- for reqadd in item.reqadd -%}
38 |          reqadd {{ reqadd }}
39 |        {% endfor %}
40 |     {% endif -%}
41 | 
42 |     {%- if item.rate_limit_sessions is defined -%}
43 |         rate-limit sessions {{ item.rate_limit_sessions }}
44 |     {% endif %}
45 | 
46 |     {%- if item.block is defined -%}
47 |     {%- for block in item.block -%}
48 |         block {{ block }}
49 |     {% endfor -%}
50 |     {% endif -%}
51 | 
52 |     {% if item.options is defined %}
53 |     {% for option in item.options %}
54 |         option {{ option }}
55 |     {% endfor %}
56 |     {% endif -%}
57 | 
58 |     {%- if item.redirects is defined -%}
59 |     {%- for redirect in item.redirects -%}
60 |         redirect {{ redirect }}
61 |     {% endfor -%}
62 |     {% endif -%}
63 | 
64 |     {%- if item.http_request is defined -%}
65 |     {%- for request in item.http_request -%}
66 |         http-request {{ request.action }}{% if request.param is defined %} {{ request.param }}{% endif %}{% if request.condition is defined %} {{ request.condition }}{% endif %}
67 | 
68 |     {% endfor -%}
69 |     {% endif -%}
70 | 
71 |     {%- if item.tcp_request is defined -%}
72 |     {%- for request in item.tcp_request -%}
73 |         tcp-request {{ request.param }} {{ request.value }}{% if request.condition is defined %} {{ request.condition }}{% endif %}
74 |     {% endfor -%}
75 |     {% endif -%}
76 | 
77 |     {% if item.http_request is defined %}
78 |         {% include "http_request.cfg" %}
79 |     {% endif -%}
80 | 
81 |     {%- if item.default_backend is defined -%}
82 |     default_backend {{ item.default_backend }}
83 |     {% endif -%}
84 | 
85 |     {%- if item.use_backend is defined -%}
86 |         {% for backend in item.use_backend %}
87 |             use_backend {{ backend.name }} {{ backend.condition }}
88 |         {% endfor %}
89 |     {% endif -%}
90 | 


--------------------------------------------------------------------------------
/templates/defaults.cfg:
--------------------------------------------------------------------------------
 1 | 
 2 | defaults
 3 | {% if haproxy_defaults.mode is defined %}
 4 |     mode {{ haproxy_defaults.mode }}
 5 | {% endif -%}
 6 | {% if haproxy_defaults.log is defined %}
 7 | {% for log in haproxy_defaults.log %}
 8 |     log {{ log.address }} {{ log.facility }}{% if log.level is defined %} {{log.level }}{% endif %}{% if log.minlevel is defined %} {{ log.minlevel }}{% endif %}
 9 | {% if log.format is defined %}
10 |     log-format {{ log.format }}
11 | {% endif %}
12 | 
13 | {% endfor %}
14 | {% endif %}
15 | {% if haproxy_defaults.retries is defined %}
16 |     retries {{ haproxy_defaults.retries }}
17 | {% endif -%}
18 | {% if haproxy_defaults.timeout is defined -%}
19 | {% for condition in haproxy_defaults.timeout %}
20 |     timeout {{ condition.param }} {{ condition.value }}
21 | {% endfor %}
22 | {% endif -%}
23 | {% if haproxy_defaults.maxconn is defined %}
24 |     maxconn {{ haproxy_defaults.maxconn }}
25 | {% endif %}
26 | {% if haproxy_defaults.stats is defined %}
27 | {% if haproxy_defaults.stats.enabled is defined and haproxy_defaults.stats.enabled == True %}
28 |     stats enable
29 | {% endif -%}
30 | {% if haproxy_defaults.stats.hide_version is defined and haproxy_defaults.stats.hide_version == true %}
31 |     stats hide-version
32 | {% endif -%}
33 | {% if haproxy_defaults.stats.uri is defined %}
34 |     stats uri {{ haproxy_defaults.stats.uri }}
35 | {% endif -%}
36 | {% if haproxy_defaults.stats.realm is defined %}
37 |     stats realm {{ haproxy_defaults.stats.realm }}
38 | {% endif -%}
39 | {% if haproxy_defaults.stats.auth is defined %}
40 |     stats auth {{ haproxy_defaults.stats.auth }}
41 | {% endif -%}
42 | {% if haproxy_defaults.stats.refresh is defined %}
43 |     stats refresh {{ haproxy_defaults.stats.refresh }}
44 | {% endif -%}
45 | {% endif %}
46 | {% if haproxy_defaults.options is defined %}
47 | {% for option in haproxy_defaults.options %}
48 |     option {{ option }}
49 | {% endfor -%}
50 | {% endif -%}
51 | {% if ansible_distribution != 'CentOS' %}
52 | {% if haproxy_defaults.errorfile is defined %}
53 | {% for item in haproxy_defaults.errorfile %}
54 |     errorfile {{ item.code }} {{ item.file }}
55 | {% endfor %}
56 | {% endif -%}
57 | {% endif -%}
58 | {% if haproxy_defaults.balance is defined %}
59 |     balance {{ haproxy_defaults.balance }}
60 | {% endif -%}
61 | 
62 | {% if haproxy_defaults.compression is defined %}
63 | {% if haproxy_defaults.compression.algo is defined %}
64 |     compression algo {{ haproxy_defaults.compression.algo }}
65 | {% endif -%}
66 | {% if haproxy_defaults.compression.type is defined %}
67 |     compression type {{ haproxy_defaults.compression.type }}
68 | {% endif -%}
69 | {% if haproxy_defaults.compression.offload is defined and haproxy_defaults.compression.offload == true %}
70 |     compression offload
71 | {% endif -%}
72 | {% endif -%}
73 | 
74 | {% if haproxy_defaults.http_check is defined %}
75 | {% if haproxy_defaults.http_check.disable_on_404 is defined and haproxy_defaults.http_check.disable_on_404 == true %}
76 |     http-check disable-on-404
77 | {% endif -%}
78 | {% if haproxy_defaults.http_check.expect is defined %}
79 |     http-check expect {{ haproxy_defaults.http_check.expect }}
80 | {% endif -%}
81 | {% if haproxy_defaults.http_check.send_state is defined and haproxy_defaults.http_check.send_state == true %}
82 |     http-check send-state
83 | {% endif -%}
84 | {% endif -%}
85 | 


--------------------------------------------------------------------------------
/tasks/configure.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | # tasks file configure.yml
 3 | 
 4 | ## ASSEMBLE CONFIG - FRONTEND
 5 | - name: 'Create directory for the frontend'
 6 |   file: path=/etc/haproxy/frontends.d state=directory
 7 | 
 8 | - name: 'Empty the folder if not already empty'
 9 |   command: find {{ haproxy_etc_prefix }}/haproxy/frontends.d -name *.cfg -exec rm -f {} \;
10 | 
11 | - name: 'Build up the frontends'
12 |   template: src=frontend.cfg dest={{ haproxy_etc_prefix }}/haproxy/frontends.d/{{ item.name }}.cfg
13 |   with_items: "{{ haproxy_frontends }}"
14 |   when: haproxy_frontends is defined
15 | 
16 | ## ASSEMBLE CONFIG - BACKEND
17 | 
18 | - name: 'Create directory for the backends'
19 |   file: path={{ haproxy_etc_prefix }}/haproxy/backends.d state=directory
20 | 
21 | - name: 'Empty the folder if not already empty'
22 |   command: find {{ haproxy_etc_prefix }}/haproxy/backends.d -name *.cfg -exec rm -f {} \;
23 | 
24 | - name: 'Build up the backends'
25 |   template: src=backend.cfg dest={{ haproxy_etc_prefix }}/haproxy/backends.d/{{ item.name }}.cfg
26 |   with_items: "{{ haproxy_backends }}"
27 |   when: haproxy_backends is defined
28 | 
29 | ## ASSEMBLE CONFIG - LISTEN
30 | 
31 | - name: 'Create directory for the listen sections'
32 |   file: path={{ haproxy_etc_prefix }}/haproxy/listen.d state=directory
33 | 
34 | - name: 'Empty the folder if not already empty'
35 |   command: find {{ haproxy_etc_prefix }}/haproxy/listen.d -name *.cfg -exec rm -f {} \;
36 | 
37 | - name: 'Build up the listen sections'
38 |   template: src=listen.cfg dest={{ haproxy_etc_prefix }}/haproxy/listen.d/{{ item.name }}.cfg
39 |   with_items: "{{ haproxy_listen }}"
40 |   when: haproxy_listen is defined
41 | 
42 | ## ASSEMBLE CONFIG - USERLIST
43 | 
44 | - name: 'Create directory for the userlists'
45 |   file: path={{ haproxy_etc_prefix }}/haproxy/userlists.d state=directory
46 | 
47 | - name: 'Empty the folder if not already empty'
48 |   command: find {{ haproxy_etc_prefix }}/haproxy/userlists.d -name *.cfg -exec rm -f {} \;
49 | 
50 | - name: 'Build up the userlist sections'
51 |   template: src=userlist.cfg dest={{ haproxy_etc_prefix }}/haproxy/userlists.d/{{ item.name }}.cfg
52 |   with_items: "{{ haproxy_userlists }}"
53 |   when: haproxy_userlists is defined
54 | 
55 | ## ASSEMBLE CONFIG - GLOBAL & DEFAULT & STATS
56 | 
57 | - name: 'Create  the compiled folder'
58 |   file: path={{ haproxy_etc_prefix }}/haproxy/compiled state=directory
59 | 
60 | - name: 'Empty the folder if not already empty'
61 |   command: find {{ haproxy_etc_prefix }}/haproxy/compiled -name *.cfg -exec rm -f {} \;
62 | 
63 | - name: 'Build up the global config'
64 |   template: src=global.cfg dest={{ haproxy_etc_prefix }}/haproxy/compiled/01-global.cfg
65 |   when: haproxy_global is defined
66 |   tags: 'test'
67 | 
68 | - name: 'Build up the default config'
69 |   template: src=defaults.cfg dest={{ haproxy_etc_prefix }}/haproxy/compiled/02-defaults.cfg
70 |   when: haproxy_defaults is defined
71 | 
72 | - name: 'Build up the stats config'
73 |   template: src=stats.cfg dest={{ haproxy_etc_prefix }}/haproxy/compiled/03-stats.cfg
74 |   when: haproxy_stats is defined
75 | 
76 | ## ASSEMBLE FINAL CONFIG
77 | 
78 | - name: 'Assemble the frontends configuration file'
79 |   assemble: src={{ haproxy_etc_prefix }}/haproxy/frontends.d dest={{ haproxy_etc_prefix }}/haproxy/compiled/04-frontends.cfg
80 | 
81 | - name: 'Assemble the backends configuration file'
82 |   assemble: src={{ haproxy_etc_prefix }}/haproxy/backends.d dest={{ haproxy_etc_prefix }}/haproxy/compiled/05-backends.cfg
83 | 
84 | - name: 'Assemble the listen sections configuration file'
85 |   assemble: src={{ haproxy_etc_prefix }}/haproxy/listen.d dest={{ haproxy_etc_prefix }}/haproxy/compiled/06-listen.cfg
86 | 
87 | - name: 'Assemble the userlists sections configuration file'
88 |   assemble: src={{ haproxy_etc_prefix }}/haproxy/userlists.d dest={{ haproxy_etc_prefix }}/haproxy/compiled/07-userlists.cfg
89 | 
90 | - name: 'Assemble the final configuration file'
91 |   assemble: src={{ haproxy_etc_prefix }}/haproxy/compiled dest={{ haproxy_config }} backup=yes
92 |   notify: restart haproxy
93 | 


--------------------------------------------------------------------------------