From 454c5ba97335b776633bb16277662a17e90ec998 Mon Sep 17 00:00:00 2001 From: John Keates Date: Sun, 17 May 2015 15:47:47 +0200 Subject: [PATCH 1/4] Add redirection capabilities to the frontend --- README.rst | 1 + haproxy/install.sls | 13 ++++++++++++- haproxy/templates/haproxy.jinja | 10 +++++++++- pillar.example | 1 + 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/README.rst b/README.rst index 353bd74..10cda13 100644 --- a/README.rst +++ b/README.rst @@ -55,6 +55,7 @@ Currently, only a handful of options can be set using the pillar: + name: the name haproxy will use for the frontend + bind: the bind string: this allows you to set the IP, Port and other paramters for the bind + + redirect: add a redirect line, an unparsed string like in the backend + reqadd: an array of reqadd statements. Looped over and put in the configuration, no parsing + default_backend: sets the default backend + acls: a list of acls, not parsed, simply looped and put in to the configuration diff --git a/haproxy/install.sls b/haproxy/install.sls index 7355f1b..5981aca 100644 --- a/haproxy/install.sls +++ b/haproxy/install.sls @@ -1,3 +1,14 @@ +# Because on Ubuntu we don't have a current HAProxy in the usual repo, we add a PPA +{% if salt['grains.get']('osfullname') == 'Ubuntu' %} +haproxy_ppa_repo: + pkgrepo.managed: + - ppa: vbernat/haproxy-1.5 + - require_in: + - pkg: haproxy.install + - watch_in: + - pkg: haproxy.install +{% endif %} + haproxy.install: pkg.installed: - - name: haproxy \ No newline at end of file + - name: haproxy diff --git a/haproxy/templates/haproxy.jinja b/haproxy/templates/haproxy.jinja index c70203c..04372cf 100644 --- a/haproxy/templates/haproxy.jinja +++ b/haproxy/templates/haproxy.jinja @@ -56,6 +56,10 @@ defaults {%- for frontend in salt['pillar.get']('haproxy:frontends', {}).iteritems() %} frontend {{ frontend[1].name }} bind {{ frontend[1].bind }} +{%- if 'redirects' in backend[1] %} +{%- for redirect in frontend[1].redirects %} +redirect {{ redirect }}{% endfor %} +{-% endif %} {%- if 'acls' in frontend[1] %} {%- for acl in frontend[1].acls %} acl {{ acl }} @@ -82,10 +86,14 @@ frontend {{ frontend[1].name }} {%- if 'backends' in salt['pillar.get']('haproxy', {}) %} {%- for backend in salt['pillar.get']('haproxy:backends', {}).iteritems() %} backend {{ backend[1].name }} +{%- if 'redirects' in backend[1] %} +{%- for redirect in backend[1].redirects %} +redirect {{ redirect }}{% endfor %} +{-% endif %} balance {{ backend[1].balance }} {%- if 'servers' in backend[1] %} {%- for server in backend[1].servers.iteritems() %} server {{ server[1].name }} {{ server[1].host }}:{{ server[1].port }} {{ server[1].check }}{% endfor %} {% endif %} {% endfor %} -{% endif %} \ No newline at end of file +{% endif %} diff --git a/pillar.example b/pillar.example index 137b9de..61f4b26 100644 --- a/pillar.example +++ b/pillar.example @@ -48,6 +48,7 @@ haproxy: frontend1: name: www-http bind: "*:80" + redirect: scheme https if !{ ssl_fc } reqadd: - "X-Forwarded-Proto:\\ http" default_backend: www-backend From b089a7feb406917dca619428469f19c00e6099f9 Mon Sep 17 00:00:00 2001 From: John Keates Date: Sun, 17 May 2015 18:26:08 +0200 Subject: [PATCH 2/4] Trying to fix the nesting mistake --- haproxy/templates/haproxy.jinja | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/haproxy/templates/haproxy.jinja b/haproxy/templates/haproxy.jinja index 04372cf..b306318 100644 --- a/haproxy/templates/haproxy.jinja +++ b/haproxy/templates/haproxy.jinja @@ -56,9 +56,10 @@ defaults {%- for frontend in salt['pillar.get']('haproxy:frontends', {}).iteritems() %} frontend {{ frontend[1].name }} bind {{ frontend[1].bind }} -{%- if 'redirects' in backend[1] %} -{%- for redirect in frontend[1].redirects %} -redirect {{ redirect }}{% endfor %} +{%- if 'redirects' in frontend[1] %} +{%- for front_redirect in frontend[1].redirects %} +redirect {{ front_redirect }} +{% endfor %} {-% endif %} {%- if 'acls' in frontend[1] %} {%- for acl in frontend[1].acls %} @@ -94,6 +95,6 @@ redirect {{ redirect }}{% endfor %} {%- if 'servers' in backend[1] %} {%- for server in backend[1].servers.iteritems() %} server {{ server[1].name }} {{ server[1].host }}:{{ server[1].port }} {{ server[1].check }}{% endfor %} - {% endif %} - {% endfor %} +{% endif %} +{% endfor %} {% endif %} From 6c4f312f76804395e83a0dc0756066994c603dd8 Mon Sep 17 00:00:00 2001 From: John Keates Date: Sun, 17 May 2015 18:30:15 +0200 Subject: [PATCH 3/4] Basic typo fixed --- haproxy/templates/haproxy.jinja | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/haproxy/templates/haproxy.jinja b/haproxy/templates/haproxy.jinja index b306318..7ffd921 100644 --- a/haproxy/templates/haproxy.jinja +++ b/haproxy/templates/haproxy.jinja @@ -60,7 +60,7 @@ frontend {{ frontend[1].name }} {%- for front_redirect in frontend[1].redirects %} redirect {{ front_redirect }} {% endfor %} -{-% endif %} +{%- endif %} {%- if 'acls' in frontend[1] %} {%- for acl in frontend[1].acls %} acl {{ acl }} From cd237e01098e2f09744e62db6ea919ad8a218712 Mon Sep 17 00:00:00 2001 From: John Keates Date: Sat, 23 May 2015 19:43:21 +0200 Subject: [PATCH 4/4] Fix typo and add some nice indentation --- haproxy/templates/haproxy.jinja | 87 +++++++++++++++++---------------- 1 file changed, 45 insertions(+), 42 deletions(-) diff --git a/haproxy/templates/haproxy.jinja b/haproxy/templates/haproxy.jinja index 6407138..2fb5195 100644 --- a/haproxy/templates/haproxy.jinja +++ b/haproxy/templates/haproxy.jinja @@ -21,9 +21,9 @@ global daemon {% endif %} {%- if salt['pillar.get']('haproxy:global:stats:enable', 'no') == True %} - #Stats support is currently limited to socket mode + # Stats support is currently limited to socket mode stats socket {{ salt['pillar.get']('haproxy:global:stats:socketpath', '/tmp/ha_stats.sock') }} - {% endif %} +{% endif %} #--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will @@ -34,16 +34,19 @@ defaults mode {{ salt['pillar.get']('haproxy:defaults:mode') }} retries {{ salt['pillar.get']('haproxy:defaults:retries') }} {%- if 'options' in salt['pillar.get']('haproxy:defaults', {}) %} -{%- for option in salt['pillar.get']('haproxy:defaults:options') %} - option {{ option }}{% endfor %} + {%- for option in salt['pillar.get']('haproxy:defaults:options') %} + option {{ option }} + {%- endfor %} {% endif %} {%- if 'timeouts' in salt['pillar.get']('haproxy:defaults', {}) %} -{%- for timeout in salt['pillar.get']('haproxy:defaults:timeouts') %} - timeout {{ timeout }}{% endfor %} + {%- for timeout in salt['pillar.get']('haproxy:defaults:timeouts') %} + timeout {{ timeout }} + {%- endfor %} {% endif %} {%- if 'errorfiles' in salt['pillar.get']('haproxy:defaults', {}) %} -{%- for errorfile in salt['pillar.get']('haproxy:defaults:errorfiles').iteritems() %} - errorfile {{ errorfile[0] }} {{ errorfile[1] }}{% endfor %} + {%- for errorfile in salt['pillar.get']('haproxy:defaults:errorfiles').iteritems() %} + errorfile {{ errorfile[0] }} {{ errorfile[1] }} + {%- endfor %} {% endif %} @@ -53,31 +56,31 @@ defaults # frontend instances #--------------------------------------------------------------------- {%- if 'frontends' in salt['pillar.get']('haproxy', {}) %} -{%- for frontend in salt['pillar.get']('haproxy:frontends', {}).iteritems() %} + {%- for frontend in salt['pillar.get']('haproxy:frontends', {}).iteritems() %} frontend {{ frontend[1].name }} bind {{ frontend[1].bind }} -{%- if 'redirects' in frontend[1] %} -{%- for front_redirect in frontend[1].redirects %} + {%- if 'redirects' in frontend[1] %} + {%- for front_redirect in frontend[1].redirects %} redirect {{ front_redirect }} -{% endfor %} -{%- endif %} -{%- if 'acls' in frontend[1] %} -{%- for acl in frontend[1].acls %} + {% endfor %} + {%- endif %} + {%- if 'acls' in frontend[1] %} + {%- for acl in frontend[1].acls %} acl {{ acl }} -{%- endfor %} -{%- endif %} -{%- if 'reqadd' in frontend[1] %} -{%- for reqadd in frontend[1].reqadd %} + {%- endfor %} + {%- endif %} + {%- if 'reqadd' in frontend[1] %} + {%- for reqadd in frontend[1].reqadd %} reqadd {{ reqadd }} -{%- endfor %} -{%- endif %} + {%- endfor %} + {%- endif %} default_backend {{ frontend[1].default_backend }} -{%-if 'use_backends' in frontend[1] -%} -{%- for use_backend in frontend[1].use_backends %} + {%-if 'use_backends' in frontend[1] -%} + {%- for use_backend in frontend[1].use_backends %} use_backend {{ use_backend }} -{% endfor %} -{%- endif %} -{% endfor %} + {% endfor %} + {%- endif %} + {% endfor %} {%- endif %} @@ -85,33 +88,33 @@ redirect {{ front_redirect }} # backend instances #--------------------------------------------------------------------- {%- if 'backends' in salt['pillar.get']('haproxy', {}) %} -{%- for backend in salt['pillar.get']('haproxy:backends', {}).iteritems() %} + {%- for backend in salt['pillar.get']('haproxy:backends', {}).iteritems() %} # Backend loop start backend {{ backend[1].name }} -{%- if 'redirects' in backend[1] %} -{%- for redirect in backend[1].redirects %} + {%- if 'redirects' in backend[1] %} + {%- for redirect in backend[1].redirects %} # Redirect loop start redirect {{ redirect }}{% endfor %} -{-% endif %} + {%- endif %} balance {{ backend[1].balance }} - {%- if 'options' in backend[1] %} + {%- if 'options' in backend[1] %} {%- for option in backend[1].options %} option {{ option }} {%- endfor %} - {%- endif %} - {%- if 'cookie' in backend[1] %} + {%- endif %} + {%- if 'cookie' in backend[1] %} cookie {{ backend[1].cookie }} - {%- endif %} - {%- if 'stats' in backend[1] %} + {%- endif %} + {%- if 'stats' in backend[1] %} {%- for option, value in backend[1].stats.iteritems() %} - {%- if option == 'enable' and value %} + {%- if option == 'enable' and value %} stats enable - {%- else %} + {%- else %} stats {{ option }} {{ value }} - {%- endif %} + {%- endif %} {%- endfor %} - {%- endif %} - {%- if 'servers' in backend[1] %} + {%- endif %} + {%- if 'servers' in backend[1] %} {%- for server in backend[1].servers.iteritems() %} server {{ server[1].name }} {{ server[1].host }}:{{ server[1].port }} {{ server[1].check }}{% endfor %} -{% endif %} -{% endfor %} + {% endif %} + {% endfor %} # Backend loop end {% endif %}