Add SSL certificate; Fix minor bugs in redirect route.

README.md

@@ -16,7 +16,7 @@ Create a yaml file in your machine called `easyconfig.cfg` and put the contents:
 ```yaml
 stats:
   username: admin
-  password: senha
+  password: password
   port: 1936         # Optional (default 1936)
 
 customerrors: true   # Optional (default false)
@@ -29,6 +29,11 @@ easymapping:
     redirect:
       www.host1.com.br: http://host1.com.br
 
+  - port: 443
+    ssl_cert: /etc/easyconfig/mycert.pem
+    hosts:
+      host1.com.br: container:80
+
   - port: 8080
     hosts:
       host3.com.br: domain:8181
@@ -84,6 +89,25 @@ services:
       - 1936:1936
 ```
 
+# Handling SSL
+
+HaProxy can handle SSL for you. in this case add the parameter pointing to file containing
+the pem of certificates and key in only one file:
+
+```
+  - port: 443
+    ssl_cert: /etc/easyconfig/mycert.pem
+    hosts:
+      host1.com.br: container:80
+```
+
+Important: Different certificates need to be handled in different entries. 
+
+# Setting Custom Errors
+
+Map the volume : `/etc/haproxy/errors-custom/` and put a file named `ERROR_NUMBER.http` where ERROR_NUMBER
+is the http error code (e.g. 503.http)  
+
 # Build
 
 ```

entrypoint.py

@@ -29,6 +29,7 @@ def defaults(custom):
 global
     log /dev/log local0
     maxconn 2000
+    tune.ssl.default-dh-param 2048
 """
     return result
 
@@ -54,29 +55,31 @@ def stats(map):
 """.format(map["username"], map["password"], map["port"] if "port" in map else 1936)
 
 
-def easymapping(o):
+def easymapping(o, salt):
     port = o["port"]
+    ssl = " ssl crt " + o["ssl_cert"] if "ssl_cert" in o else ""
     hosts = o["hosts"] if "hosts" in o else dict()
     redir = o["redirect"] if "redirect" in o else dict()
 
     result = """
-frontend http_in_{0}
-    bind *:{0}
+frontend http_in_{0}_{1}
+    bind *:{0} {2}
     mode http
     
-""".format(port)
+""".format(port, salt, ssl)
 
     for k in redir:
         result += "    redirect prefix " + redir[k] + " code 301 if { hdr(host) -i " + k + " }\n"
 
     result += "\n"
     for k in hosts:
-        host = k.replace(".", "_") + "_{}".format(port)
-        result += "    acl is_rule_{0} hdr(host) -i {1}\n".format(host, k)
-        result += "    use_backend srv_{0} if is_rule_{0}\n\n".format(host)
+        host = k.replace(".", "_") + "_{0}_{1}".format(port, salt)
+        result += "    acl is_rule_{0}_1 hdr(host) -i {1}\n".format(host, k)
+        result += "    acl is_rule_{0}_2 hdr(host) -i {1}:{2}\n".format(host, k, port)
+        result += "    use_backend srv_{0} if is_rule_{0}_1 OR is_rule_{0}_2\n\n".format(host)
 
     for k in hosts:
-        host = k.replace(".", "_") + "_{}".format(port)
+        host = k.replace(".", "_") + "_{0}_{1}".format(port, salt)
         result += """
 backend srv_{0}
     balance roundrobin
@@ -93,11 +96,14 @@ def easymapping(o):
 with open(sys.argv[1], 'r') as content_file:
     parsed = yaml.load(content_file.read())
 
+n = 0
+
 print(defaults(parsed["customerrors"] if "customerrors" in parsed else False))
 if "stats" in parsed:
     print(stats(parsed["stats"]))
 if "easymapping" in parsed:
     for k in parsed["easymapping"]:
-        print(easymapping(k))
+        n = n + 1
+        print(easymapping(k, n))
 
 

example.yml

@@ -1,6 +1,6 @@
 stats:
   username: admin
-  password: senha
+  password: password
   port: 1936
 
 customerrors: true
@@ -13,6 +13,11 @@ easymapping:
     redirect:
       www.host1.com.br: http://host1.com.br
 
+  - port: 443
+    ssl_cert: /etc/easyconfig/mycert.pem
+    hosts:
+      host1.com.br: container:80
+
   - port: 8080
     hosts:
       host3.com.br: domain:8181