added mode selection for stats socket in global definitions

This commit is contained in:
Andrew Repulo 2016-08-11 18:49:06 +03:00
parent b69c7edebd
commit e7cddfe0e2
3 changed files with 3 additions and 2 deletions

View file

@ -35,7 +35,7 @@ Currently, only a handful of options can be set using the pillar:
- Global
+ stats: enable stats, curently only via a unix socket which can be set to a path
+ stats: enable stats, curently only via a unix socket which can be set to a path with custom permissions
+ user: sets the user haproxy shall run as
+ group: sets the group haproxy shall run as
+ chroot: allows you to turn on chroot and set a directory

View file

@ -34,7 +34,7 @@ global
daemon
{%- endif %}
{%- if salt['pillar.get']('haproxy:global:stats:enable', 'no') == True %}
stats socket {{ salt['pillar.get']('haproxy:global:stats:socketpath', '/tmp/ha_stats.sock') }} level {{ salt['pillar.get']('haproxy:global:stats:level', 'operator') }}
stats socket {{ salt['pillar.get']('haproxy:global:stats:socketpath', '/tmp/ha_stats.sock') }} mode {{ salt['pillar.get']('haproxy:global:stats:mode', '660') }} level {{ salt['pillar.get']('haproxy:global:stats:level', 'operator') }}
{%- endif %}
{%- if 'maxconn' in salt['pillar.get']('haproxy:global', {}) %}
maxconn {{ salt['pillar.get']('haproxy:global:maxconn') }}

View file

@ -10,6 +10,7 @@ haproxy:
stats:
enable: True
socketpath: /var/lib/haproxy/stats
mode: 660
level: admin
ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384"
ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11"