formula-haproxy/pillar.example

#
# Example pillar configuration
#

haproxy:
  config_file_path: /etc/haproxy/haproxy.cfg
  global:
    stats:
      enable: True
      socketpath: /var/lib/haproxy/stats

    user: haproxy
    group: haproxy
    chroot:
      enable: True
      path: /var/lib/haproxy

    daemon: True

  defaults:
    log: global
    mode: http
    retries: 3
    options:
      - httplog
      - dontlognull
      - forwardfor
      - http-server-close
    timeouts:
      - http-request    10s
      - queue           1m
      - connect         10s
      - client          1m
      - server          1m
      - http-keep-alive 10s
      - check           10s

    errorfiles:
      400: /etc/haproxy/errors/400.http
      403: /etc/haproxy/errors/403.http
      408: /etc/haproxy/errors/408.http
      500: /etc/haproxy/errors/500.http
      502: /etc/haproxy/errors/502.http
      503: /etc/haproxy/errors/503.http
      504: /etc/haproxy/errors/504.http

  frontends:
    frontend1:
      name: www-http
      bind: "*:80"
      redirect: scheme https if !{ ssl_fc }
      reqadd:
        - "X-Forwarded-Proto:\\ http"
      default_backend: www-backend

    frontend2:
      name: www-https
      bind: "*:443 ssl crt /etc/ssl/private/certificate-chain-and-key-combined.pem"
      reqadd:
        - "X-Forwarded-Proto:\\ https"
      default_backend: www-backend
      acls:
        - url_static       path_beg       -i /static /images /javascript /stylesheets
        - url_static       path_end       -i .jpg .gif .png .css .js
      use_backends:
        - static  if url_static

  backends:
    backend1:
      name: www-backend
      balance: roundrobin
      redirect: scheme https if !{ ssl_fc }
      servers:
        server1:
          name: server1-its-name
          host: 192.168.1.213
          port: 80
          check: check
    backend2:
      name: static
      balance: roundrobin
      redirect: scheme https if !{ ssl_fc }
      options:
        - http-server-close
        - httpclose
        - forwardfor    except 127.0.0.0/8
        - httplog
      cookie: "pm insert indirect"
      stats:
        enable: True
        uri: /url/to/stats
        realm: LoadBalancer
        auth: "user:password"
      servers:
        server1:
          name: some-server
          host: 123.156.189.111
          port: 8080
          check: check
Added jinja templated configuration support, a bit of documentation and a rough set of examples 2015-02-24 16:19:02 -05:00			`#`
			`# Example pillar configuration`
			`#`

			`haproxy:`
Allow customization of configuration file path 2015-03-17 05:16:55 -04:00			`config_file_path: /etc/haproxy/haproxy.cfg`
Added jinja templated configuration support, a bit of documentation and a rough set of examples 2015-02-24 16:19:02 -05:00			`global:`
			`stats:`
			`enable: True`
			`socketpath: /var/lib/haproxy/stats`

			`user: haproxy`
			`group: haproxy`
			`chroot:`
			`enable: True`
			`path: /var/lib/haproxy`

			`daemon: True`

			`defaults:`
			`log: global`
			`mode: http`
			`retries: 3`
			`options:`
			`- httplog`
			`- dontlognull`
			`- forwardfor`
			`- http-server-close`
			`timeouts:`
			`- http-request 10s`
			`- queue 1m`
			`- connect 10s`
			`- client 1m`
			`- server 1m`
			`- http-keep-alive 10s`
			`- check 10s`

			`errorfiles:`
			`400: /etc/haproxy/errors/400.http`
			`403: /etc/haproxy/errors/403.http`
			`408: /etc/haproxy/errors/408.http`
			`500: /etc/haproxy/errors/500.http`
			`502: /etc/haproxy/errors/502.http`
			`503: /etc/haproxy/errors/503.http`
			`504: /etc/haproxy/errors/504.http`

			`frontends:`
			`frontend1:`
			`name: www-http`
			`bind: "*:80"`
Add redirection capabilities to the frontend 2015-05-17 09:47:47 -04:00			`redirect: scheme https if !{ ssl_fc }`
Added jinja templated configuration support, a bit of documentation and a rough set of examples 2015-02-24 16:19:02 -05:00			`reqadd:`
			`- "X-Forwarded-Proto:\\ http"`
			`default_backend: www-backend`

			`frontend2:`
			`name: www-https`
			`bind: "*:443 ssl crt /etc/ssl/private/certificate-chain-and-key-combined.pem"`
			`reqadd:`
			`- "X-Forwarded-Proto:\\ https"`
			`default_backend: www-backend`
			`acls:`
			`- url_static path_beg -i /static /images /javascript /stylesheets`
			`- url_static path_end -i .jpg .gif .png .css .js`
			`use_backends:`
			`- static if url_static`

			`backends:`
			`backend1:`
			`name: www-backend`
			`balance: roundrobin`
			`redirect: scheme https if !{ ssl_fc }`
			`servers:`
			`server1:`
			`name: server1-its-name`
			`host: 192.168.1.213`
Add support for option, cookie and stats tags in backend instances 2015-05-20 10:12:43 -04:00			`port: 80`
Added jinja templated configuration support, a bit of documentation and a rough set of examples 2015-02-24 16:19:02 -05:00			`check: check`
			`backend2:`
			`name: static`
			`balance: roundrobin`
			`redirect: scheme https if !{ ssl_fc }`
Add support for option, cookie and stats tags in backend instances 2015-05-20 10:12:43 -04:00			`options:`
			`- http-server-close`
			`- httpclose`
			`- forwardfor except 127.0.0.0/8`
			`- httplog`
			`cookie: "pm insert indirect"`
			`stats:`
			`enable: True`
			`uri: /url/to/stats`
			`realm: LoadBalancer`
			`auth: "user:password"`
Added jinja templated configuration support, a bit of documentation and a rough set of examples 2015-02-24 16:19:02 -05:00			`servers:`
			`server1:`
			`name: some-server`
			`host: 123.156.189.111`
			`port: 8080`
Allow customization of configuration file path 2015-03-17 05:16:55 -04:00			`check: check`