diff --git a/states/haproxy/config.sls b/states/haproxy/config.sls index f3d0243..a7ed709 100644 --- a/states/haproxy/config.sls +++ b/states/haproxy/config.sls @@ -4,7 +4,7 @@ haproxy-maps-{{ filename }}: file.managed: - name: {{ haproxy.config.dir }}/maps/{{ filename }} - - source: salt://haproxy/maps/{{ filename }}.j2 + - source: salt://haproxy/templates/maps/{{ filename }}.j2 - user: {{ haproxy.config.user }} - group: {{ haproxy.config.group }} - mode: "0600" diff --git a/states/haproxy/defaults.yaml b/states/haproxy/defaults.yaml index 26bb177..4639c48 100644 --- a/states/haproxy/defaults.yaml +++ b/states/haproxy/defaults.yaml @@ -17,6 +17,7 @@ haproxy: configfile: haproxy.cfg peers: dirs: + - geoip - maps - scripts - mods diff --git a/states/haproxy/install.sls b/states/haproxy/install.sls index 0afdd90..e014f32 100644 --- a/states/haproxy/install.sls +++ b/states/haproxy/install.sls @@ -3,6 +3,8 @@ haproxy-pkg: pkg.installed: - pkgs: {{ haproxy.packages }} + - watch_in: + - service: haproxy-service haproxy-config-dir: file.directory: @@ -10,6 +12,9 @@ haproxy-config-dir: - user: {{ haproxy.config.user }} - group: {{ haproxy.config.group }} - mode: "0700" + - recurse: + - user + - group {% for dir in haproxy.config.dirs %} haproxy-config-{{ dir }}-dir: diff --git a/states/haproxy/map.jinja b/states/haproxy/map.jinja index 6fc2b02..094dbb2 100644 --- a/states/haproxy/map.jinja +++ b/states/haproxy/map.jinja @@ -6,6 +6,7 @@ {%- set users = salt['pillar.get']('htpasswds') -%} {%- set net = salt['pillar.get']('net') -%} +{%- set fqdn = salt['grains.get']('fqdn') -%} {% set peers = salt['mine.get']( tgt='G@lb:true', diff --git a/states/haproxy/maps/access.j2 b/states/haproxy/maps/access.j2 deleted file mode 100644 index 81c78d8..0000000 --- a/states/haproxy/maps/access.j2 +++ /dev/null @@ -1,8 +0,0 @@ -## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }} -{%- from "haproxy/map.jinja" import net with context %} -{%- for key, value in net.ipv4_networks.items() %} -{{ value.ip }}/{{ value.mask }} -{%- endfor %} -{%- for key, value in net.ipv6_networks.items() %} -{{ value.ip }}/{{ value.mask }} -{%- endfor %} diff --git a/states/haproxy/templates/haproxy.cfg.j2 b/states/haproxy/templates/haproxy.cfg.j2 index 073d973..5f4dc81 100644 --- a/states/haproxy/templates/haproxy.cfg.j2 +++ b/states/haproxy/templates/haproxy.cfg.j2 @@ -1,7 +1,6 @@ ## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }} -{%- from "haproxy/map.jinja" import haproxy,certs with context %} +{%- from "haproxy/map.jinja" import haproxy,certs,fqdn with context %} -{%- set fqdn = salt["grains.get"]("fqdn") %} {%- set ns = namespace(default_backend='notdefined') %} {%- for name, values in haproxy.config.vhosts.items() %}{% if values.default_backend|default(false) %}{% set ns.default_backend = name %}{% endif %}{% endfor %} @@ -25,7 +24,7 @@ {%- macro httpendpoints(servers=[], check=True, ssl=False, disabled=False) -%} {%- for server in servers %} - server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " " + httpcheckrules(inter=server.inter|default("2s"), fall=server.fall|default(5), rise=server.rise|default(5)) if check }}{{ " " + httpsslrules() if ssl }}{{ " disabled" if server.disabled|default(False) }} + server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " " + httpcheckrules(inter=server.inter|default("2s"), fall=server.fall|default(5), rise=server.rise|default(5)) if check }}{{ " " + httpsslrules() if ssl }}{{ " disabled" if server.disabled|default(False) }}{{ " send-proxy" if server.proxy|default(False) }} {%- endfor %} {%- endmacro -%} @@ -214,6 +213,11 @@ backend {{ name }} from {{ haproxy.config.namespace }} {%- endfor %} {{ statusresponses() }} {%- endif %} +{%- if values.overrides|default([]) %} +{%- for override in values.overrides %} + {{ override }} +{%- endfor %} +{%- endif %} {%- if values.head|default(False) %} {{ head() }} {%- endif %} diff --git a/states/haproxy/templates/maps/access.j2 b/states/haproxy/templates/maps/access.j2 new file mode 100644 index 0000000..6c0354f --- /dev/null +++ b/states/haproxy/templates/maps/access.j2 @@ -0,0 +1,5 @@ +## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }} +{%- from "haproxy/map.jinja" import net with context %} +{%- for network in net.ip_networks %} +{{ network }} +{%- endfor %} diff --git a/states/haproxy/maps/domains.j2 b/states/haproxy/templates/maps/domains.j2 similarity index 100% rename from states/haproxy/maps/domains.j2 rename to states/haproxy/templates/maps/domains.j2 diff --git a/states/haproxy/maps/redirects.j2 b/states/haproxy/templates/maps/redirects.j2 similarity index 100% rename from states/haproxy/maps/redirects.j2 rename to states/haproxy/templates/maps/redirects.j2 diff --git a/states/haproxy/maps/vhosts.j2 b/states/haproxy/templates/maps/vhosts.j2 similarity index 100% rename from states/haproxy/maps/vhosts.j2 rename to states/haproxy/templates/maps/vhosts.j2 diff --git a/states/haproxy/templates/spoe.cfg.j2 b/states/haproxy/templates/spoe.cfg.j2 index 98112ee..c783d24 100644 --- a/states/haproxy/templates/spoe.cfg.j2 +++ b/states/haproxy/templates/spoe.cfg.j2 @@ -12,13 +12,13 @@ spoe-agent {{ name }} timeout processing {{ values.timeout_processing|default("300ms") }} use-backend {{ name }} -{% for m, m_values in values.messages.items() -%} -spoe-message {{ m }} - {%- if m_values.args.keys()|length > 0 %} - args {% for i,v in m_values.args.items() %}{{ "{}={}".format(i,v) }} {% endfor %} +{% for name, values in values.messages.items() -%} +spoe-message {{ name }} + {%- if values.args.keys()|length > 0 %} + args {% for i, v in values.args.items() %}{{ "{}={}".format(i,v) }} {% endfor %} {%- endif %} - {%- if m_values.event %} - event {{ m_values.event }} + {%- if values.event %} + event {{ values.event }} {%- endif %} {% endfor -%} {% endfor -%}