updated haproxy state

2022-12-17 23:26:58 +01:00 · 2022-12-17 23:26:58 +01:00 · 7e35a90b19
commit 7e35a90b19
parent 385e486e90
4 changed files with 18 additions and 26 deletions
--- a/states/haproxy/config.sls
+++ b/states/haproxy/config.sls
@ -16,7 +16,7 @@ haproxy-maps-{{ filename }}:
 haproxy-spoe-config:
  file.managed:
    - name: {{ haproxy.config.dir }}/spoe.cfg
-    - source: salt://haproxy/spoe/spoe.cfg.j2
+    - source: salt://haproxy/templates/spoe.cfg.j2
    - user: {{ haproxy.config.user }}
    - group: {{ haproxy.config.group }}
    - mode: "0600"
--- a/states/haproxy/defaults.yaml
+++ b/states/haproxy/defaults.yaml
@ -27,10 +27,10 @@ haproxy:
      #log: 127.0.0.1 local0
      log: stdout format raw daemon info
      retries: 2
      timeout check: 1s
      timeout client: 30m
-      timeout connect: 4s
+      timeout connect: 1s
      timeout server: 30m
      timeout check: 5s
      unique-id-format: "%{+X}o\\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid"
    balance: roundrobin
    check: true
@ -44,7 +44,7 @@ haproxy:
      port: 7000
    api:
      enable: true
-      filesocket: /var/run/hap-lb.sock
+      filesocket: /var/run/haproxy.sock
      tcpsocket: ipv4@127.0.0.1:9990
    acme_dir: /etc/acme
    acme_fullchains_dir: /etc/acme/fullchains
--- a/states/haproxy/templates/haproxy.cfg.j2
+++ b/states/haproxy/templates/haproxy.cfg.j2
@ -120,7 +120,7 @@ frontend https
  acl path_host path /host
  acl path_date path /date
 {%- if haproxy.config.admin.enable %}
-  acl admin path /server-status
+  acl admin path_beg /server-status
 {%- endif %}
  http-request set-var(req.src) src
  http-request set-var(req.host) req.hdr(host)
@ -136,7 +136,6 @@ frontend https
  http-request deny deny_status 429 if { sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200)}} } !internal
  ## Returns
  http-request return status 200 content-type text/html lf-string "%H\n" if path_host
  http-request return status 200 content-type text/html string "User-agent: *\r\nDisallow: /" if robots_txt
  http-request return status 200 content-type text/html lf-string "%H\n" if path_host
  http-request return status 200 content-type text/html lf-string "%T\n" if path_date
@ -203,14 +202,14 @@ listen {{ name }}
 {%- endif %}
  default-server inter 3s fall 3
  {{- tcpendpoints(servers=values.servers, check=values.check|default(haproxy.config.check)) }}
-{% endfor -%}
+{% endfor %}
 # SPOE Agents
 {%- for name, values in haproxy.config.spoe.items() %}
 listen {{ name }}
  bind *:{{ values.port }},:::{{ values.port }} v4v6
-{% endfor -%}
+{% endfor %}
-{% if haproxy.config.admin.enable %}
+{%- if haproxy.config.admin.enable %}
 {{ admin() }}
 {%- endif %}
--- a/states/haproxy/templates/spoe.cfg.j2
+++ b/states/haproxy/templates/spoe.cfg.j2
@ -11,20 +11,13 @@ spoe-agent {{ name }}
  use-backend {{ name }}
  log global
-{%- for m, m_values in values.messages.items() %}
+#{%- for m, m_values in values.messages.items() %}
-spoe-message {{ m }}
+#spoe-message {{ m }}
-  {%- if m_values.args.keys() > 0 %}
+#  {%- if m_values.args.keys() > 0 %}
-  args {{ " ".join([i+"="+v for i, v in m_values.args.items()]) }}
+#  args {# " ".join(["%s=%s".format(i,v) for (i, v) in m_values.args.items()]) #}
-  {%- endif %}
+#  {%- endif %}
-  {%- if m_values.event %}
+#  {%- if m_values.event %}
-  event {{ m_values.event }}
+#  event {{ m_values.event }}
-  {%- endif %}
+#  {%- endif %}
-{% endfor  %}
+#{% endfor  %}
-
+#{% endfor -%}
 spoe-message request
  args unique_id=unique-id clientip=src host=req.hdr(Host) method=method path=pathq headers=req.hdrs body_size=req.body_size body=req.body
  event on-frontend-http-request
 spoe-message response
  args unique_id=unique-id status=status
  event on-http-response
 {% endfor -%}