paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update haproxy state
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Paul 2025-04-22 21:56:09 +02:00
parent c32ab5e3f4
commit 7fdadae4e7
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
states/haproxy/templates/haproxy.cfg.j2
View File

@ -78,7 +78,7 @@ backend admin from {{ haproxy.config.namespace }}
# Runtime API
stats socket {{ haproxy.config.api.tcpsocket }} level admin
stats socket {{ haproxy.config.api.filesocket }} mode 666 level admin
{%- endmacro %}
{%- endmacro %}
{%- macro geoip() %}
http-request set-var(txn.country) lua.country(req.src)
@ -179,7 +179,7 @@ frontend fe_http from {{ haproxy.config.namespace }}
acl internal src -f {{ haproxy.config.dir }}/maps/access
acl domains req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/domains) -m found
acl allowhttp req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/allowhttp,false) true
acl ua req.hdr(User-Agent),map_beg(/etc/haproxy/maps/ua) -m found
acl ua req.hdr(User-Agent),map_reg(/etc/haproxy/maps/ua) -m found
acl security_txt path /.well-known/security.txt
acl robots_txt path /robots.txt
acl max_req_rate sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200) }}
@ -217,7 +217,7 @@ frontend fe_http from {{ haproxy.config.namespace }}
http-request redirect scheme https if http !allowhttp
use_backend %[req.hdr(Host),lower,map({{ haproxy.config.dir }}/maps/vhosts)] if domains
use_backend %[req.hdr(User-Agent),map_beg({{ haproxy.config.dir }}/maps/ua)] if ua
use_backend %[req.hdr(User-Agent),map_reg({{ haproxy.config.dir }}/maps/ua)] if ua
default_backend {{ ns.default_backend }}
# Default HTTPS frontend
@ -242,7 +242,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
## ACLs
acl internal src -f {{ haproxy.config.dir }}/maps/access
acl domains req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/domains) -m found
acl ua req.hdr(User-Agent),map_beg(/etc/haproxy/maps/ua) -m found
acl ua req.hdr(User-Agent),map_reg(/etc/haproxy/maps/ua) -m found
acl security_txt path /.well-known/security.txt
acl robots_txt path /robots.txt
acl max_req_rate sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200) }}
@ -312,7 +312,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
use_backend admin if self_host internal
{%- endif %}
use_backend %[req.hdr(Host),lower,map({{ haproxy.config.dir }}/maps/vhosts)] if domains
use_backend %[req.hdr(User-Agent),map_beg({{ haproxy.config.dir }}/maps/ua)] if ua
use_backend %[req.hdr(User-Agent),map_reg({{ haproxy.config.dir }}/maps/ua)] if ua
default_backend {{ ns.default_backend }}