Give the option to add some arbtrary http-request checks.

2024-03-29 16:02:54 +01:00 · 2024-03-29 16:02:54 +01:00 · 7eecbb912e
parent 1c227e2373
commit 7eecbb912e
2 changed files with 33 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -9,16 +9,16 @@ Role Variables
 The most important variables are listed below:
 ``` yaml
-docker_swarm_cluster_haproxy_install: True
+docker_swarm_cluster_haproxy_install: true
 # mesh, keepalive, global
 docker_swarm_haproxy_installation_type: 'keepalive'
 docker_swarm_haproxy_networks:
  - '{{ docker_swarm_portainer_network }}'
 #
-docker_swarm_expose_api_via_haproxy: True
+docker_swarm_expose_api_via_haproxy: false
 docker_swarm_expose_api_hostname: 'swarm.example.com'
 # Portainer
-docker_swarm_cluster_portainer_install: True
+docker_swarm_cluster_portainer_install: true
 docker_swarm_portainer_hostname: 'portainer-swarm.example.com'
 docker_swarm_portainer_additional_constraints: []
 #  - 'node.hostname != docker01'
@ -35,6 +35,22 @@ docker_swarm_haproxy_additional_services: []
 #  - { acl_name: 'service', acl_rule: 'hdr_dom(host) -i service.example.com', service_name: 'service-', service_replica_num: '1', service_port: '9999', service_overlay_network: 'service-network', http_redirect_to_https: True }
 ```
 HAPROXY configuration
 ------------
 `docker_swarm_haproxy_plain_http_global_acl_rules` allows the definition of arbitrary acl with the corresponding http-request rules, for the *plain http* listener
 `docker_swarm_haproxy_global_acl_rules` allows the definition of arbitrary acl with the corresponding http-request rules, for the *https* listener
 `haproxy_docker_swarm_additional_services` is the dictionary that contains the backends definitions and their acls
 A plain http listener can be defined, using the following variables. The syntax of `haproxy_docker_swarm_plain_http_services` is identical to the `haproxy_docker_swarm_additional_services` one.
 ```yaml
 haproxy_docker_swarm_plain_http_listener: true
 haproxy_docker_swarm_plain_http_port: 8080
 haproxy_docker_swarm_plain_http_services: []
 ```
 Dependencies
 ------------
--- a/templates/haproxy.cfg.j2
+++ b/templates/haproxy.cfg.j2
@ -88,6 +88,13 @@ frontend http_{{ docker_swarm_haproxy_plain_http_port }}
    acl {{ srv.acl_name }} {{ srv.acl_rule }}
    {%if srv.acl_path_rule is defined %}acl {{ srv.acl_name }}_path {{ srv.acl_path_rule }}{% endif %}
 {% if docker_swarm_haproxy_plain_http_global_acl_rules is defined %}
 {% for rule in docker_swarm_haproxy_plain_http_global_acl_rules %}
    acl {{rule.acl_name }} {{ rule.acl_args }}
    {{ rule.http_action }}
 {% endfor %}
 {% endif %}
 {% if srv.allowed_networks is defined %}
    acl {{ srv.acl_name }}_nets src {% for net in srv.allowed_networks %} {{ net }}{% endfor %}
@ -120,6 +127,13 @@ frontend http
    acl {{ srv.acl_name }} {{ srv.acl_rule }}
    {%if srv.acl_path_rule is defined %}acl {{ srv.acl_name }}_path {{ srv.acl_path_rule }}{% endif %}
 {% if docker_swarm_haproxy_global_acl_rules is defined %}
 {% for rule in docker_swarm_haproxy_global_acl_rules %}
    acl {{rule.acl_name }} {{ rule.acl_args }}
    {{ rule.http_action }}
 {% endfor %}
 {% endif %}
 {% if srv.allowed_networks is defined %}
    acl {{ srv.acl_name }}_nets src {% for net in srv.allowed_networks %} {{ net }}{% endfor %}