From 5a5b5a5bcdbe2d021756aa5b4c2d56e71910d359 Mon Sep 17 00:00:00 2001 From: Christophe-Marie Duquesne Date: Thu, 31 Jan 2019 12:25:54 +0100 Subject: [PATCH 1/6] Supporting `raw_options` in every section + in test.yml --- templates/etc/haproxy/backend.cfg.j2 | 3 +++ templates/etc/haproxy/defaults.cfg.j2 | 3 +++ templates/etc/haproxy/frontend.cfg.j2 | 3 +++ templates/etc/haproxy/global.cfg.j2 | 3 +++ templates/etc/haproxy/listen.cfg.j2 | 3 +++ tests/test.yml | 13 +++++++++++++ 6 files changed, 28 insertions(+) diff --git a/templates/etc/haproxy/backend.cfg.j2 b/templates/etc/haproxy/backend.cfg.j2 index dfdf3920..c5bd893f 100644 --- a/templates/etc/haproxy/backend.cfg.j2 +++ b/templates/etc/haproxy/backend.cfg.j2 @@ -136,3 +136,6 @@ backend {{ backend.name }} {% endfor %} {% endfor %} +{% for line in backend.raw_options | default([]) %} + {{ line }} +{% endfor %} diff --git a/templates/etc/haproxy/defaults.cfg.j2 b/templates/etc/haproxy/defaults.cfg.j2 index ce6ee380..408edef6 100644 --- a/templates/etc/haproxy/defaults.cfg.j2 +++ b/templates/etc/haproxy/defaults.cfg.j2 @@ -43,3 +43,6 @@ {% if haproxy_default_server_params | default([]) %} default-server {% for param in haproxy_default_server_params | default([]) %} {{ param }}{% endfor %} {% endif %} +{% for line in haproxy_default_raw_options %} + {{ line }} +{% endfor %} diff --git a/templates/etc/haproxy/frontend.cfg.j2 b/templates/etc/haproxy/frontend.cfg.j2 index 1b57bc9d..5815ab32 100644 --- a/templates/etc/haproxy/frontend.cfg.j2 +++ b/templates/etc/haproxy/frontend.cfg.j2 @@ -130,3 +130,6 @@ frontend {{ frontend.name }} {% endfor %} {% endfor %} +{% for line in frontend.raw_options | default([]) %} + {{ line }} +{% endfor %} diff --git a/templates/etc/haproxy/global.cfg.j2 b/templates/etc/haproxy/global.cfg.j2 index 500f144e..f3fa986a 100644 --- a/templates/etc/haproxy/global.cfg.j2 +++ b/templates/etc/haproxy/global.cfg.j2 @@ -98,3 +98,6 @@ peers {{ peers.name }} peer {{ peer.name }} {{ peer.listen }} {% endfor %} {% endfor %} +{% for line in haproxy_global_raw_options | default([]) %} + {{ line }} +{% endfor %} diff --git a/templates/etc/haproxy/listen.cfg.j2 b/templates/etc/haproxy/listen.cfg.j2 index f20204a2..1b331f11 100644 --- a/templates/etc/haproxy/listen.cfg.j2 +++ b/templates/etc/haproxy/listen.cfg.j2 @@ -158,3 +158,6 @@ listen {{ listen.name }} {% endfor %} {% endfor %} +{% for line in listen.raw_options | default([]) %} + {{ line }} +{% endfor %} diff --git a/tests/test.yml b/tests/test.yml index 4718f6a8..ec97b8f1 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -6,6 +6,15 @@ roles: - ../../ vars: + # global parameters + haproxy_global_raw_options: + - cpu-map odd + - server-state-file /tmp/haproxy.state + + # default section + haproxy_default_raw_options: + - load-server-state-from-file global + # front-end section haproxy_frontend: - name: http @@ -16,6 +25,8 @@ reqrep: - search: "^Host:\\ (.*)" string: "Host:\\ foo.com" + raw_options: + - rspideny ^Content-type:\\.*/ms-word # back-end section haproxy_backend: @@ -26,6 +37,8 @@ - forwardfor - 'httpchk HEAD / HTTP/1.1\r\nHost:localhost' server: [] + raw_options: + - rspdeny ^Content-type:\\.*/ms-word # user-lists section haproxy_userlists: From 4b179318d5924471bcbb9fcc564a0dc30c7cd9bc Mon Sep 17 00:00:00 2001 From: Christophe-Marie Duquesne Date: Thu, 31 Jan 2019 12:41:25 +0100 Subject: [PATCH 2/6] Documenting `raw_options` in the README --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index 196f543f..270c4f93 100644 --- a/README.md +++ b/README.md @@ -52,6 +52,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_global_peers.{n}.peers`: Peer declarations * `haproxy_global_peers.{n}.peers.{n}.name`: [required]: Name of the host (recommended to be `hostname`) (e.g. `haproxy1`) * `haproxy_global_peers.{n}.peers.{n}.listen`: [required]: IP and port for peer to listen/connect to (e.g. `192.168.0.1:1024`) +* `haproxy_global_raw_options`: [default: []]: additional arbitrary lines to insert in the global section * `haproxy_defaults_log`: [default: `global`]: Enable per-instance logging of events and traffic. `global` should be used when the instance's logging parameters are the same as the global ones. This is the most common usage * `haproxy_defaults_logformat`: [optional]: Allows you to customize the logs in http mode and tcp mode (e.g. `%{+Q}o\ %t\ %s\ %{-Q}r`) @@ -69,6 +70,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_defaults_compression.{}.name`: [required]: The compression name (e.g. `algo`, `type`, `offload`) * `haproxy_defaults_compression.{}.value`: [required]: The compression value, (e.g. if name = algo : one of this values `identity`, `gzip`, `deflate`, `raw-deflate` / if name = type : list of mime type separated by space for example `text/html text/plain text/css` / if name = `offload` value is empty) * `haproxy_default_server_params`: [optional]: Default server backend parameters passed to each backend/listen server. +* `haproxy_default_raw_options`: [default: []]: additional arbitrary lines to insert in the default section * `haproxy_ssl_map`: [default: `[]`]: SSL declarations * `haproxy_ssl_map.{n}.src`: The local path of the file to copy, can be absolute or relative (e.g. `../../../files/haproxy/etc/haproxy/ssl/star-example-com.pem`) @@ -181,6 +183,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_listen.{n}.errorfile.{n}.code`: [required]: The HTTP status code. Currently, HAProxy is capable of generating codes 200, 400, 403, 408, 500, 502, 503, and 504 (e.g. `400`) * `haproxy_listen.{n}.errorfile.{n}.file`: [required]: A file containing the full HTTP response (e.g `/etc/haproxy/errors/400.http`) * `haproxy_listen.{n}.default_server_params`: [optional]: Default server params applied for each server for this particular listen entry. +* `haproxy_listen.{n}.raw_options`: [default: []]: additional arbitrary lines to insert in the section * `haproxy_frontend`: [default: `[]`]: Front-end declarations * `haproxy_frontend.{n}.name`: [required]: The name of the section (e.g. `https`) @@ -270,6 +273,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_frontend.{n}.errorfile`: [optional]: Errorfile declarations * `haproxy_frontend.{n}.errorfile.{n}.code`: [required]: The HTTP status code. Currently, HAProxy is capable of generating codes 200, 400, 403, 408, 500, 502, 503, and 504 (e.g. `400`) * `haproxy_frontend.{n}.errorfile.{n}.file`: [required]: A file containing the full HTTP response (e.g `/etc/haproxy/errors/400.http`) +* `haproxy_frontend.{n}.raw_options`: [default: []]: additional arbitrary lines to insert in the section * `haproxy_backend`: [default: `[]`]: Back-end declarations * `haproxy_backend.{n}.name`: [required]: The name of the section (e.g. `webservers`) @@ -360,6 +364,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_backend.{n}.errorfile.{n}.code`: [required]: The HTTP status code. Currently, HAProxy is capable of generating codes 200, 400, 403, 408, 500, 502, 503, and 504 (e.g. `400`) * `haproxy_backend.{n}.errorfile.{n}.file`: [required]: A file containing the full HTTP response (e.g `/etc/haproxy/errors/400.http`) * `haproxy_backend.{n}.default_server_params`: [optional]: Default server params applied for each server for this particular backend entry. +* `haproxy_backend.{n}.raw_options`: [default: []]: additional arbitrary lines to insert in the section * `haproxy_userlists`: [default: `[]`]: Userlist declarations * `haproxy_userlists.{n}.name`: [required]: The name of the userlist From 12406b4ee7587e301b8d028e94fcddfc0dd55e1a Mon Sep 17 00:00:00 2001 From: Christophe-Marie Duquesne Date: Thu, 31 Jan 2019 12:49:38 +0100 Subject: [PATCH 3/6] Moving the raw_option bloc within the for loops --- templates/etc/haproxy/backend.cfg.j2 | 3 +-- templates/etc/haproxy/frontend.cfg.j2 | 3 +-- templates/etc/haproxy/listen.cfg.j2 | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/templates/etc/haproxy/backend.cfg.j2 b/templates/etc/haproxy/backend.cfg.j2 index c5bd893f..1ef11746 100644 --- a/templates/etc/haproxy/backend.cfg.j2 +++ b/templates/etc/haproxy/backend.cfg.j2 @@ -134,8 +134,7 @@ backend {{ backend.name }} {% for errorfile in backend.errorfile | default([]) %} errorfile {{ errorfile.code }} {{ errorfile.file }} {% endfor %} - -{% endfor %} {% for line in backend.raw_options | default([]) %} {{ line }} {% endfor %} +{% endfor %} diff --git a/templates/etc/haproxy/frontend.cfg.j2 b/templates/etc/haproxy/frontend.cfg.j2 index 5815ab32..7e073e09 100644 --- a/templates/etc/haproxy/frontend.cfg.j2 +++ b/templates/etc/haproxy/frontend.cfg.j2 @@ -128,8 +128,7 @@ frontend {{ frontend.name }} {% for errorfile in frontend.errorfile | default([]) %} errorfile {{ errorfile.code }} {{ errorfile.file }} {% endfor %} - -{% endfor %} {% for line in frontend.raw_options | default([]) %} {{ line }} {% endfor %} +{% endfor %} diff --git a/templates/etc/haproxy/listen.cfg.j2 b/templates/etc/haproxy/listen.cfg.j2 index 1b331f11..37cd2892 100644 --- a/templates/etc/haproxy/listen.cfg.j2 +++ b/templates/etc/haproxy/listen.cfg.j2 @@ -156,8 +156,7 @@ listen {{ listen.name }} {% for errorfile in listen.errorfile | default([]) %} errorfile {{ errorfile.code }} {{ errorfile.file }} {% endfor %} - -{% endfor %} {% for line in listen.raw_options | default([]) %} {{ line }} {% endfor %} +{% endfor %} From c7c253a977c7f0856f903f3325d029bf67103bdc Mon Sep 17 00:00:00 2001 From: Christophe-Marie Duquesne Date: Thu, 31 Jan 2019 15:18:40 +0100 Subject: [PATCH 4/6] test.yml: using the cpu-map option properly --- tests/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test.yml b/tests/test.yml index ec97b8f1..366e5703 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -8,7 +8,7 @@ vars: # global parameters haproxy_global_raw_options: - - cpu-map odd + - cpu-map 1/all 0-3 - server-state-file /tmp/haproxy.state # default section From a2f98fa6b8acf66f884efbb12a6a3abbb0670eb1 Mon Sep 17 00:00:00 2001 From: Mischa ter Smitten Date: Tue, 12 Feb 2019 10:22:43 +0100 Subject: [PATCH 5/6] Consistency changes --- README.md | 10 +++++----- templates/etc/haproxy/backend.cfg.j2 | 1 + templates/etc/haproxy/defaults.cfg.j2 | 3 ++- templates/etc/haproxy/frontend.cfg.j2 | 1 + templates/etc/haproxy/global.cfg.j2 | 1 + templates/etc/haproxy/listen.cfg.j2 | 1 + 6 files changed, 11 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 270c4f93..ee06199f 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_global_peers.{n}.peers`: Peer declarations * `haproxy_global_peers.{n}.peers.{n}.name`: [required]: Name of the host (recommended to be `hostname`) (e.g. `haproxy1`) * `haproxy_global_peers.{n}.peers.{n}.listen`: [required]: IP and port for peer to listen/connect to (e.g. `192.168.0.1:1024`) -* `haproxy_global_raw_options`: [default: []]: additional arbitrary lines to insert in the global section +* `haproxy_global_raw_options`: [default: `[]`]: Additional arbitrary lines to insert in the section * `haproxy_defaults_log`: [default: `global`]: Enable per-instance logging of events and traffic. `global` should be used when the instance's logging parameters are the same as the global ones. This is the most common usage * `haproxy_defaults_logformat`: [optional]: Allows you to customize the logs in http mode and tcp mode (e.g. `%{+Q}o\ %t\ %s\ %{-Q}r`) @@ -70,7 +70,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_defaults_compression.{}.name`: [required]: The compression name (e.g. `algo`, `type`, `offload`) * `haproxy_defaults_compression.{}.value`: [required]: The compression value, (e.g. if name = algo : one of this values `identity`, `gzip`, `deflate`, `raw-deflate` / if name = type : list of mime type separated by space for example `text/html text/plain text/css` / if name = `offload` value is empty) * `haproxy_default_server_params`: [optional]: Default server backend parameters passed to each backend/listen server. -* `haproxy_default_raw_options`: [default: []]: additional arbitrary lines to insert in the default section +* `haproxy_default_raw_options`: [default: `[]`]: Additional arbitrary lines to insert in the section * `haproxy_ssl_map`: [default: `[]`]: SSL declarations * `haproxy_ssl_map.{n}.src`: The local path of the file to copy, can be absolute or relative (e.g. `../../../files/haproxy/etc/haproxy/ssl/star-example-com.pem`) @@ -183,7 +183,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_listen.{n}.errorfile.{n}.code`: [required]: The HTTP status code. Currently, HAProxy is capable of generating codes 200, 400, 403, 408, 500, 502, 503, and 504 (e.g. `400`) * `haproxy_listen.{n}.errorfile.{n}.file`: [required]: A file containing the full HTTP response (e.g `/etc/haproxy/errors/400.http`) * `haproxy_listen.{n}.default_server_params`: [optional]: Default server params applied for each server for this particular listen entry. -* `haproxy_listen.{n}.raw_options`: [default: []]: additional arbitrary lines to insert in the section +* `haproxy_listen.{n}.raw_options`: [default: `[]`]: Additional arbitrary lines to insert in the section * `haproxy_frontend`: [default: `[]`]: Front-end declarations * `haproxy_frontend.{n}.name`: [required]: The name of the section (e.g. `https`) @@ -273,7 +273,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_frontend.{n}.errorfile`: [optional]: Errorfile declarations * `haproxy_frontend.{n}.errorfile.{n}.code`: [required]: The HTTP status code. Currently, HAProxy is capable of generating codes 200, 400, 403, 408, 500, 502, 503, and 504 (e.g. `400`) * `haproxy_frontend.{n}.errorfile.{n}.file`: [required]: A file containing the full HTTP response (e.g `/etc/haproxy/errors/400.http`) -* `haproxy_frontend.{n}.raw_options`: [default: []]: additional arbitrary lines to insert in the section +* `haproxy_frontend.{n}.raw_options`: [default: `[]`]: Additional arbitrary lines to insert in the section * `haproxy_backend`: [default: `[]`]: Back-end declarations * `haproxy_backend.{n}.name`: [required]: The name of the section (e.g. `webservers`) @@ -364,7 +364,7 @@ Set up (the latest version of) [HAProxy](http://www.haproxy.org/) in Ubuntu syst * `haproxy_backend.{n}.errorfile.{n}.code`: [required]: The HTTP status code. Currently, HAProxy is capable of generating codes 200, 400, 403, 408, 500, 502, 503, and 504 (e.g. `400`) * `haproxy_backend.{n}.errorfile.{n}.file`: [required]: A file containing the full HTTP response (e.g `/etc/haproxy/errors/400.http`) * `haproxy_backend.{n}.default_server_params`: [optional]: Default server params applied for each server for this particular backend entry. -* `haproxy_backend.{n}.raw_options`: [default: []]: additional arbitrary lines to insert in the section +* `haproxy_backend.{n}.raw_options`: [default: `[]`]: Additional arbitrary lines to insert in the section * `haproxy_userlists`: [default: `[]`]: Userlist declarations * `haproxy_userlists.{n}.name`: [required]: The name of the userlist diff --git a/templates/etc/haproxy/backend.cfg.j2 b/templates/etc/haproxy/backend.cfg.j2 index 1ef11746..8a50ea2f 100644 --- a/templates/etc/haproxy/backend.cfg.j2 +++ b/templates/etc/haproxy/backend.cfg.j2 @@ -134,6 +134,7 @@ backend {{ backend.name }} {% for errorfile in backend.errorfile | default([]) %} errorfile {{ errorfile.code }} {{ errorfile.file }} {% endfor %} + {% for line in backend.raw_options | default([]) %} {{ line }} {% endfor %} diff --git a/templates/etc/haproxy/defaults.cfg.j2 b/templates/etc/haproxy/defaults.cfg.j2 index 408edef6..8abe4df5 100644 --- a/templates/etc/haproxy/defaults.cfg.j2 +++ b/templates/etc/haproxy/defaults.cfg.j2 @@ -43,6 +43,7 @@ {% if haproxy_default_server_params | default([]) %} default-server {% for param in haproxy_default_server_params | default([]) %} {{ param }}{% endfor %} {% endif %} -{% for line in haproxy_default_raw_options %} + +{% for line in haproxy_default_raw_options | default([]) %} {{ line }} {% endfor %} diff --git a/templates/etc/haproxy/frontend.cfg.j2 b/templates/etc/haproxy/frontend.cfg.j2 index 7e073e09..d1867914 100644 --- a/templates/etc/haproxy/frontend.cfg.j2 +++ b/templates/etc/haproxy/frontend.cfg.j2 @@ -128,6 +128,7 @@ frontend {{ frontend.name }} {% for errorfile in frontend.errorfile | default([]) %} errorfile {{ errorfile.code }} {{ errorfile.file }} {% endfor %} + {% for line in frontend.raw_options | default([]) %} {{ line }} {% endfor %} diff --git a/templates/etc/haproxy/global.cfg.j2 b/templates/etc/haproxy/global.cfg.j2 index f3fa986a..81e9bb89 100644 --- a/templates/etc/haproxy/global.cfg.j2 +++ b/templates/etc/haproxy/global.cfg.j2 @@ -98,6 +98,7 @@ peers {{ peers.name }} peer {{ peer.name }} {{ peer.listen }} {% endfor %} {% endfor %} + {% for line in haproxy_global_raw_options | default([]) %} {{ line }} {% endfor %} diff --git a/templates/etc/haproxy/listen.cfg.j2 b/templates/etc/haproxy/listen.cfg.j2 index 37cd2892..f3b9e301 100644 --- a/templates/etc/haproxy/listen.cfg.j2 +++ b/templates/etc/haproxy/listen.cfg.j2 @@ -156,6 +156,7 @@ listen {{ listen.name }} {% for errorfile in listen.errorfile | default([]) %} errorfile {{ errorfile.code }} {{ errorfile.file }} {% endfor %} + {% for line in listen.raw_options | default([]) %} {{ line }} {% endfor %} From 489428afff16cf5c5d3d208007edbd77182f34df Mon Sep 17 00:00:00 2001 From: Mischa ter Smitten Date: Tue, 12 Feb 2019 10:26:27 +0100 Subject: [PATCH 6/6] Fix double space --- tests/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test.yml b/tests/test.yml index 366e5703..d2e1a218 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -26,7 +26,7 @@ - search: "^Host:\\ (.*)" string: "Host:\\ foo.com" raw_options: - - rspideny ^Content-type:\\.*/ms-word + - rspideny ^Content-type:\\.*/ms-word # back-end section haproxy_backend: @@ -38,7 +38,7 @@ - 'httpchk HEAD / HTTP/1.1\r\nHost:localhost' server: [] raw_options: - - rspdeny ^Content-type:\\.*/ms-word + - rspdeny ^Content-type:\\.*/ms-word # user-lists section haproxy_userlists: