paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update haproxy state
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Paul 2025-04-22 21:56:09 +02:00
parent c32ab5e3f4
commit 7fdadae4e7
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
states/haproxy/templates/haproxy.cfg.j2
View File

@ -179,7 +179,7 @@ frontend fe_http from {{ haproxy.config.namespace }}
acl internal src -f {{ haproxy.config.dir }}/maps/access acl internal src -f {{ haproxy.config.dir }}/maps/access
acl domains req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/domains) -m found acl domains req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/domains) -m found
acl allowhttp req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/allowhttp,false) true acl allowhttp req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/allowhttp,false) true
acl ua req.hdr(User-Agent),map_beg(/etc/haproxy/maps/ua) -m found acl ua req.hdr(User-Agent),map_reg(/etc/haproxy/maps/ua) -m found
acl security_txt path /.well-known/security.txt acl security_txt path /.well-known/security.txt
acl robots_txt path /robots.txt acl robots_txt path /robots.txt
acl max_req_rate sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200) }} acl max_req_rate sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200) }}
@ -217,7 +217,7 @@ frontend fe_http from {{ haproxy.config.namespace }}
http-request redirect scheme https if http !allowhttp http-request redirect scheme https if http !allowhttp
use_backend %[req.hdr(Host),lower,map({{ haproxy.config.dir }}/maps/vhosts)] if domains use_backend %[req.hdr(Host),lower,map({{ haproxy.config.dir }}/maps/vhosts)] if domains
use_backend %[req.hdr(User-Agent),map_beg({{ haproxy.config.dir }}/maps/ua)] if ua use_backend %[req.hdr(User-Agent),map_reg({{ haproxy.config.dir }}/maps/ua)] if ua
default_backend {{ ns.default_backend }} default_backend {{ ns.default_backend }}
# Default HTTPS frontend # Default HTTPS frontend
@ -242,7 +242,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
## ACLs ## ACLs
acl internal src -f {{ haproxy.config.dir }}/maps/access acl internal src -f {{ haproxy.config.dir }}/maps/access
acl domains req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/domains) -m found acl domains req.hdr(Host),map_dom({{ haproxy.config.dir }}/maps/domains) -m found
acl ua req.hdr(User-Agent),map_beg(/etc/haproxy/maps/ua) -m found acl ua req.hdr(User-Agent),map_reg(/etc/haproxy/maps/ua) -m found
acl security_txt path /.well-known/security.txt acl security_txt path /.well-known/security.txt
acl robots_txt path /robots.txt acl robots_txt path /robots.txt
acl max_req_rate sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200) }} acl max_req_rate sc_http_req_rate(0) gt {{ haproxy.config.ddos.maxrequests|default(200) }}
@ -312,7 +312,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
use_backend admin if self_host internal use_backend admin if self_host internal
{%- endif %} {%- endif %}
use_backend %[req.hdr(Host),lower,map({{ haproxy.config.dir }}/maps/vhosts)] if domains use_backend %[req.hdr(Host),lower,map({{ haproxy.config.dir }}/maps/vhosts)] if domains
use_backend %[req.hdr(User-Agent),map_beg({{ haproxy.config.dir }}/maps/ua)] if ua use_backend %[req.hdr(User-Agent),map_reg({{ haproxy.config.dir }}/maps/ua)] if ua
default_backend {{ ns.default_backend }} default_backend {{ ns.default_backend }}