paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated haproxy state

Browse Source
This commit is contained in:
Paul 2023-03-10 00:02:52 +01:00
parent 6267e21834
commit 8fb956a7e2
11 changed files with 26 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
states/haproxy/config.sls
View File

@ -4,7 +4,7 @@
haproxy-maps-{{ filename }}: haproxy-maps-{{ filename }}:
file.managed: file.managed:
- name: {{ haproxy.config.dir }}/maps/{{ filename }} - name: {{ haproxy.config.dir }}/maps/{{ filename }}
- source: salt://haproxy/maps/{{ filename }}.j2 - source: salt://haproxy/templates/maps/{{ filename }}.j2
- user: {{ haproxy.config.user }} - user: {{ haproxy.config.user }}
- group: {{ haproxy.config.group }} - group: {{ haproxy.config.group }}
- mode: "0600" - mode: "0600"

1
states/haproxy/defaults.yaml
View File

@ -17,6 +17,7 @@ haproxy:
configfile: haproxy.cfg configfile: haproxy.cfg
peers: peers:
dirs: dirs:
- geoip
- maps - maps
- scripts - scripts
- mods - mods

5
states/haproxy/install.sls
View File

@ -3,6 +3,8 @@
haproxy-pkg: haproxy-pkg:
pkg.installed: pkg.installed:
- pkgs: {{ haproxy.packages }} - pkgs: {{ haproxy.packages }}
- watch_in:
- service: haproxy-service
haproxy-config-dir: haproxy-config-dir:
file.directory: file.directory:
@ -10,6 +12,9 @@ haproxy-config-dir:
- user: {{ haproxy.config.user }} - user: {{ haproxy.config.user }}
- group: {{ haproxy.config.group }} - group: {{ haproxy.config.group }}
- mode: "0700" - mode: "0700"
- recurse:
- user
- group
{% for dir in haproxy.config.dirs %} {% for dir in haproxy.config.dirs %}
haproxy-config-{{ dir }}-dir: haproxy-config-{{ dir }}-dir:

1
states/haproxy/map.jinja
View File

@ -6,6 +6,7 @@
{%- set users = salt['pillar.get']('htpasswds') -%} {%- set users = salt['pillar.get']('htpasswds') -%}
{%- set net = salt['pillar.get']('net') -%} {%- set net = salt['pillar.get']('net') -%}
{%- set fqdn = salt['grains.get']('fqdn') -%}
{% set peers = salt['mine.get']( {% set peers = salt['mine.get'](
tgt='G@lb:true', tgt='G@lb:true',

8
states/haproxy/maps/access.j2
View File

@ -1,8 +0,0 @@
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
{%- from "haproxy/map.jinja" import net with context %}
{%- for key, value in net.ipv4_networks.items() %}
{{ value.ip }}/{{ value.mask }}
{%- endfor %}
{%- for key, value in net.ipv6_networks.items() %}
{{ value.ip }}/{{ value.mask }}
{%- endfor %}

10
states/haproxy/templates/haproxy.cfg.j2
View File

@ -1,7 +1,6 @@
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }} ## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
{%- from "haproxy/map.jinja" import haproxy,certs with context %} {%- from "haproxy/map.jinja" import haproxy,certs,fqdn with context %}
{%- set fqdn = salt["grains.get"]("fqdn") %}
{%- set ns = namespace(default_backend='notdefined') %} {%- set ns = namespace(default_backend='notdefined') %}
{%- for name, values in haproxy.config.vhosts.items() %}{% if values.default_backend|default(false) %}{% set ns.default_backend = name %}{% endif %}{% endfor %} {%- for name, values in haproxy.config.vhosts.items() %}{% if values.default_backend|default(false) %}{% set ns.default_backend = name %}{% endif %}{% endfor %}
@ -25,7 +24,7 @@
{%- macro httpendpoints(servers=[], check=True, ssl=False, disabled=False) -%} {%- macro httpendpoints(servers=[], check=True, ssl=False, disabled=False) -%}
{%- for server in servers %} {%- for server in servers %}
server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " " + httpcheckrules(inter=server.inter|default("2s"), fall=server.fall|default(5), rise=server.rise|default(5)) if check }}{{ " " + httpsslrules() if ssl }}{{ " disabled" if server.disabled|default(False) }} server {{ server.name }} {{ server.name }}:{{ server.port }}{{ " " + httpcheckrules(inter=server.inter|default("2s"), fall=server.fall|default(5), rise=server.rise|default(5)) if check }}{{ " " + httpsslrules() if ssl }}{{ " disabled" if server.disabled|default(False) }}{{ " send-proxy" if server.proxy|default(False) }}
{%- endfor %} {%- endfor %}
{%- endmacro -%} {%- endmacro -%}
@ -214,6 +213,11 @@ backend {{ name }} from {{ haproxy.config.namespace }}
{%- endfor %} {%- endfor %}
{{ statusresponses() }} {{ statusresponses() }}
{%- endif %} {%- endif %}
{%- if values.overrides|default([]) %}
{%- for override in values.overrides %}
{{ override }}
{%- endfor %}
{%- endif %}
{%- if values.head|default(False) %} {%- if values.head|default(False) %}
{{ head() }} {{ head() }}
{%- endif %} {%- endif %}

5
states/haproxy/templates/maps/access.j2 Normal file
View File

@ -0,0 +1,5 @@
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
{%- from "haproxy/map.jinja" import net with context %}
{%- for network in net.ip_networks %}
{{ network }}
{%- endfor %}

0
states/haproxy/maps/domains.j2 → states/haproxy/templates/maps/domains.j2
View File

0
states/haproxy/maps/redirects.j2 → states/haproxy/templates/maps/redirects.j2
View File

0
states/haproxy/maps/vhosts.j2 → states/haproxy/templates/maps/vhosts.j2
View File

12
states/haproxy/templates/spoe.cfg.j2
View File

@ -12,13 +12,13 @@ spoe-agent {{ name }}
timeout processing {{ values.timeout_processing|default("300ms") }} timeout processing {{ values.timeout_processing|default("300ms") }}
use-backend {{ name }} use-backend {{ name }}
{% for m, m_values in values.messages.items() -%} {% for name, values in values.messages.items() -%}
spoe-message {{ m }} spoe-message {{ name }}
{%- if m_values.args.keys()|length > 0 %} {%- if values.args.keys()|length > 0 %}
args {% for i,v in m_values.args.items() %}{{ "{}={}".format(i,v) }} {% endfor %} args {% for i, v in values.args.items() %}{{ "{}={}".format(i,v) }} {% endfor %}
{%- endif %} {%- endif %}
{%- if m_values.event %} {%- if values.event %}
event {{ m_values.event }} event {{ values.event }}
{%- endif %} {%- endif %}
{% endfor -%} {% endfor -%}
{% endfor -%} {% endfor -%}