Revert "Feature/more modular template"

2016-04-07 17:43:00 -07:00
8 changed files with 21 additions and 133 deletions
--- a/README.rst
+++ b/README.rst
@ -35,7 +35,7 @@ Currently, only a handful of options can be set using the pillar:

 - Global

-  + stats: enable stats, curently only via a unix socket which can be set to a path with custom permissions
+  + stats: enable stats, curently only via a unix socket which can be set to a path
  + user: sets the user haproxy shall run as
  + group: sets the group haproxy shall run as
  + chroot: allows you to turn on chroot and set a directory
@ -74,7 +74,6 @@ Currently, only a handful of options can be set using the pillar:
    + port: the port to contact the server on
    + check: set to check to enable checking

- For global, default, frontend, listener, backend and server it is possible to use the "extra" option for more rare settings not mentioned above.

 ``haproxy.service``
 -------------------
--- a/haproxy/config.sls
+++ b/haproxy/config.sls
@ -1,19 +1,12 @@
-{% from "haproxy/map.jinja" import haproxy with context %}
-
-{% set config_file = salt['pillar.get']('haproxy:config_file_path', haproxy.config_file) %}
 haproxy.config:
 file.managed:
-   - name: {{ config_file }}
-   - source: {{ haproxy.config_file_source }}
+   - name: {{ salt['pillar.get']('haproxy:config_file_path', '/etc/haproxy/haproxy.cfg') }}
+   - source: salt://haproxy/templates/haproxy.jinja
   - template: jinja
-   - user: {{ haproxy.user }}
-   - group: {{ haproxy.group }}
+   - user: root
+   - group: root
   - mode: 644
   - require_in:
     - service: haproxy.service
   - watch_in:
-     - service: haproxy.service
-   {% if salt['pillar.get']('haproxy:overwrite', default=True) == False %}
-   - unless:
-     - test -e {{ config_file }}
-   {% endif %}
+     - service: haproxy.service
--- a/haproxy/init.sls
+++ b/haproxy/init.sls
@ -3,10 +3,11 @@
 # Meta-state to fully setup haproxy on debian. (or any other distro that has haproxy in their repo)

 include:
-{%- set haproxy_items = salt['pillar.get']('haproxy:include', []) %}
-{%- for item in haproxy_items %}
+{% if salt['pillar.get']('haproxy:include') %}
+{% for item in salt['pillar.get']('haproxy:include') %}
  - {{ item }}
-{%- endfor %}
+{% endfor %}
+{% endif %}
  - haproxy.install
  - haproxy.service
  - haproxy.config
--- a/haproxy/install.sls
+++ b/haproxy/install.sls
@ -1,8 +1,6 @@
-{% from "haproxy/map.jinja" import haproxy with context %}
-
 haproxy.install:
  pkg.installed:
-    - name: {{ haproxy.package }}
+    - name: haproxy
 {% if salt['pillar.get']('haproxy:require') %}
    - require:
 {% for item in salt['pillar.get']('haproxy:require') %}
--- a/haproxy/map.jinja
+++ b/haproxy/map.jinja
@ -1,14 +0,0 @@
-{% set haproxy = salt['grains.filter_by']({
-    'default': {
-        'package': 'haproxy',
-        'config_file': '/etc/haproxy/haproxy.cfg',
-        'config_file_source': 'salt://haproxy/templates/haproxy.jinja',
-        'user': 'root',
-        'group': 'root',
-        'service': 'haproxy',
-    },
-    'FreeBSD': {
-        'group': 'wheel',
-    },
-}, merge=salt['pillar.get']('haproxy:lookup'), base='default') %}
-
--- a/haproxy/service.sls
+++ b/haproxy/service.sls
@ -1,19 +1,17 @@
-{% from "haproxy/map.jinja" import haproxy with context %}
-
 haproxy.service:
 {% if salt['pillar.get']('haproxy:enable', True) %}
  service.running:
-    - name: {{ haproxy.service }}
+    - name: haproxy
    - enable: True
    - reload: True
    - require:
-      - pkg: haproxy.install
+      - pkg: haproxy
 {% if salt['grains.get']('os_family') == 'Debian' %}
      - file: haproxy.service
 {% endif %}
 {% else %}
  service.dead:
-    - name: {{ haproxy.service }}
+    - name: haproxy
    - enable: False
 {% endif %}
 {% if salt['grains.get']('os_family') == 'Debian' %}
--- a/haproxy/templates/haproxy.jinja
+++ b/haproxy/templates/haproxy.jinja
@ -23,14 +23,8 @@
 # Global settings
 #------------------
 global
-{%- if salt['pillar.get']('haproxy:global:log', []) != [] %}
-{%- for log in salt['pillar.get']('haproxy:global:log') %}
-    log {{log}}
-{%- endfor %}
-{%- else %}
    log /dev/log    local0
    log /dev/log    local1 notice
-{%- endif %}
    user {{ salt['pillar.get']('haproxy:global:user', 'haproxy') }}
    group {{ salt['pillar.get']('haproxy:global:group', 'haproxy') }}
 {%- if salt['pillar.get']('haproxy:global:chroot:enable', 'no') == True %}
@ -40,7 +34,7 @@ global
    daemon
 {%- endif %}
 {%- if salt['pillar.get']('haproxy:global:stats:enable', 'no') == True %}
-    stats socket {{ salt['pillar.get']('haproxy:global:stats:socketpath', '/tmp/ha_stats.sock') }} mode {{ salt['pillar.get']('haproxy:global:stats:mode', '660') }} level {{ salt['pillar.get']('haproxy:global:stats:level', 'operator') }}
+    stats socket {{ salt['pillar.get']('haproxy:global:stats:socketpath', '/tmp/ha_stats.sock') }} level {{ salt['pillar.get']('haproxy:global:stats:level', 'operator') }}
 {%- endif %}
 {%- if 'maxconn' in salt['pillar.get']('haproxy:global', {}) %}
    maxconn {{ salt['pillar.get']('haproxy:global:maxconn') }}
@ -69,15 +63,6 @@ global
 {%- if 'ssl-default-bind-options' in salt['pillar.get']('haproxy:global', {}) %}
    {{- render_list_of_dictionaries('ssl-default-bind-options', salt['pillar.get']('haproxy:global:ssl-default-bind-options')) }}
 {%- endif %}
-{%- if 'extra' in salt['pillar.get']('haproxy:global', {}) %}
-  {%- if salt['pillar.get']('haproxy:global:extra', {}) is string %}
-    {{ salt['pillar.get']('haproxy:global:extra') }}
-  {%- else %}
-    {%- for line in salt['pillar.get']('haproxy:global:extra') %}
-    {{ line }}
-    {%- endfor %}
-  {%- endif %}
-{%- endif %}

 {%- for id, userlist in salt['pillar.get']('haproxy:userlists',  {})|dictsort %}
 #------------------
@ -104,21 +89,13 @@ userlist {{ id }}
 #------------------
 defaults
    log {{ salt['pillar.get']('haproxy:defaults:log', 'global') }}
-{%- if 'mode' in salt['pillar.get']('haproxy:defaults', {}) %}
    mode {{ salt['pillar.get']('haproxy:defaults:mode', 'http') }}
-{%- endif %}
-{%- if 'retries' in salt['pillar.get']('haproxy:defaults', {}) %}
    retries {{ salt['pillar.get']('haproxy:defaults:retries', '3') }}
-{%- endif %}
-{%- if 'balance' in salt['pillar.get']('haproxy:defaults', {}) %}
    balance {{ salt['pillar.get']('haproxy:defaults:balance', 'roundrobin') }}
-{%- endif %}
-{%- if 'monitoruri' in salt['pillar.get']('haproxy:defaults', {}) %}
+{%- if 'monitoruri' in salt['pillar.get']('haproxy:defaults', {}) -%}
    monitor-uri {{ salt['pillar.get']('haproxy:defaults:monitoruri') }}
 {%- endif %}
-{%- if 'hashtype' in salt['pillar.get']('haproxy:defaults', {}) %}
    hash-type {{ salt['pillar.get']('haproxy:defaults:hashtype', 'map-based') }}
-{%- endif %}
 {%- if 'options' in salt['pillar.get']('haproxy:defaults', {}) -%}
    {{- render_list_of_dictionaries('option', salt['pillar.get']('haproxy:defaults:options')) }}
 {%- endif %}
@ -140,15 +117,6 @@ defaults
 {%- if 'stats' in salt['pillar.get']('haproxy:defaults', {}) -%}
    {{ render_list_of_dictionaries('stats', salt['pillar.get']('haproxy:defaults:stats')) }}
 {%- endif %}
-{%- if 'extra' in salt['pillar.get']('haproxy:defaults', {}) %}
-  {%- if salt['pillar.get']('haproxy:defaults:extra', {}) is string %}
-    {{ salt['pillar.get']('haproxy:defaults:extra') }}
-  {%- else %}
-    {%- for line in salt['pillar.get']('haproxy:defaults:extra') %}
-    {{ line }}
-    {%- endfor %}
-  {%- endif %}
-{%- endif %}
 {%- if 'errorfiles' in salt['pillar.get']('haproxy:defaults', {}) %}
  {%- for errorfile_name, errorfile in salt['pillar.get']('haproxy:defaults:errorfiles')|dictsort %}
    errorfile {{ errorfile_name }} {{ errorfile }}
@ -232,7 +200,7 @@ listen {{ listener.get('name', listener_name) }}
    {%- endif %}
    {%- if 'tcprequests' in listener %}
      {%- if listener.tcprequests is string %}
-    tcp-request {{ listener.tcprequests }}
+    tcp-request {{ listner.tcprequests }}
      {%- else %}
        {%- for tcprequest in listener.tcprequests %}
    tcp-request {{ tcprequest }}
@ -307,11 +275,6 @@ listen {{ listener.get('name', listener_name) }}
    {%- if 'maxconn' in listener %}
    maxconn {{ listener.maxconn }}
    {%- endif %}
-    {%- if 'timeouts' in listener %}
-      {%- for timeout in listener.timeouts %}
-    timeout {{ timeout }}
-      {%- endfor %}
-    {%- endif %}
    {%- if 'options' in listener %}
      {%- if listener.options is string %}
    option {{ listener.options }}
@ -340,20 +303,12 @@ listen {{ listener.get('name', listener_name) }}
    appsession {%- for option in listener.appsession %}  {{ option }}  {%- endfor %}
      {%- endif %}
    {%- endif %}
-    {%- if 'extra' in listener %}
-      {%- if listener.extra is string %}
-    {{ listener.extra }}
-      {%- else %}
-    {%- for line in listener.extra %}
-    {{ line }}  {%- endfor %}
-      {%- endif %}
-    {%- endif %}
    {%- if 'defaultserver' in listener %}
    default-server {%- for option, value in listener.defaultserver|dictsort %} {{ ' '.join((option, value|string, '')) }} {%- endfor %}
    {%- endif %}
    {%- if 'servers' in listener %}
      {%- for server_name, server in listener.servers|dictsort %}
-    server {{ server.get('name', server_name) }} {{ server.host }}{% if 'port' in server %}:{{ server.port }}{% endif %} {% if 'maxconn' in server %} maxconn {{ server.maxconn }}{% endif %} {{ server.get('check', '') }} {{ server.get('extra', '') }}
+    server {{ server.get('name', server_name) }} {{ server.host }}{% if 'port' in server %}:{{ server.port }}{% endif %} {{ server.get('check', '') }} {{ server.get('extra', '') }}
      {%- endfor %}
    {%- endif %}
  {% endfor %}
@ -380,11 +335,6 @@ frontend {{ frontend.get('name', frontend_name) }}
    {%- if 'maxconn' in frontend %}
    maxconn {{ frontend.maxconn }}
    {%- endif %}
-    {%- if 'timeouts' in frontend %}
-      {%- for timeout in frontend.timeouts %}
-    timeout {{ timeout }}
-      {%- endfor %}
-    {%- endif %}
    {%- if 'options' in frontend %}
    {{- render_list_of_dictionaries('option', frontend.options) }}
    {%- endif %}
@ -439,15 +389,6 @@ frontend {{ frontend.get('name', frontend_name) }}
    {%- if 'stickons' in frontend %}
    {{- render_list_of_dictionaries('stickon', frontend.stickons) }}
    {%- endif %}
-    {%- if 'extra' in frontend %}
-      {%- if frontend.extra is string %}
-    {{ frontend.extra }}
-      {%- else %}
-    {%- for line in frontend.extra %}
-    {{ line }}
-    {%- endfor %}
-      {%- endif %}
-    {%- endif %}
    {%- if 'default_backend' in frontend %}
    default_backend {{ frontend.default_backend }}
    {%- endif %}
@ -472,11 +413,6 @@ backend {{ backend.get('name', backend_name) }}
    {%- if 'balance' in backend %}
    balance {{ backend.balance }}
    {%- endif %}
-    {%- if 'timeouts' in backend %}
-      {%- for timeout in backend.timeouts %}
-    timeout {{ timeout }}
-      {%- endfor %}
-    {%- endif %}
    {%- if 'options' in backend %}
      {%- if backend.options is string %}
    option {{ backend.options }}
@ -564,15 +500,6 @@ backend {{ backend.get('name', backend_name) }}
    {%- if 'reqreps' in backend %}
    {{- render_list_of_dictionaries('reqrep', backend.reqreps) }}
    {%- endif %}
-    {%- if 'extra' in backend %}
-      {%- if backend.extra is string %}
-    {{ backend.extra }}
-      {%- else %}
-    {%- for line in backend.extra %}
-    {{ line }}
-    {%- endfor %}
-      {%- endif %}
-    {%- endif %}
    {%- if 'defaultserver' in backend %}
    default-server {%- for option, value in backend.defaultserver|dictsort %} {{ ' '.join((option, value|string, '')) }} {%- endfor %}
    {%- endif %}
--- a/pillar.example
+++ b/pillar.example
@ -3,24 +3,12 @@
 #

 haproxy:
-  # use lookup section to override 'map.jinja' values
-  #lookup:
-    #user: 'custom-user'
-    #group: 'custom-group'
-    # new setting to override configuration file path
-    #config_file: /etc/haproxy/haproxy.cfg
  enabled: True
-  overwrite: True # Overwrite an existing config file if present (default behaviour unless set to false)
-  # old setting to override configuration file path, kept for compatibility
-  #config_file_path: /etc/haproxy/haproxy.cfg
+  config_file_path: /etc/haproxy/haproxy.cfg
  global:
-    log:
-      - 127.0.0.1 local2
-      - 127.0.0.1 local1 notice
    stats:
      enable: True
      socketpath: /var/lib/haproxy/stats
-      mode: 660
      level: admin
    ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384"
    ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11"
@ -139,7 +127,6 @@ haproxy:
        - url_static       path_end       -i .jpg .gif .png .css .js
      use_backends:
        - static-backend  if url_static
-      extra: "rspadd  Strict-Transport-Security:\ max-age=15768000"
    some-services:
      bind:
        - "*:8080"
@ -152,7 +139,6 @@ haproxy:
      balance: roundrobin
      redirects: 
        - scheme https if !{ ssl_fc }
-      extra: "reqidel ^X-Forwarded-For:"
      servers:
        server1:
          name: server1-its-name
@ -210,6 +196,6 @@ haproxy:
        - "content accept if serverhello"
      stickons:
        - "payload_lv(43,1) if clienthello"
-      reqreps:
-        - '^([^\ :]*)\ /static/(.*)	\1\ \2'
+      reqrep:
+        - "^([^\ :]*)\ /static/(.*)	\1\ \2"
      options: "ssl-hello-chk"