ansible-role-haproxy/templates/haproxy-docker-stack.yml.j2

version: '3.6'

networks:
  {{ haproxy_docker_overlay_network }}:
    external: true

{% if not haproxy_docker_mount_conf_file %}
configs:
  haproxy_conf:
    file: /etc/haproxy/haproxy.cfg
{% endif %}

services:
  haproxy:
    image: {{ haproxy_docker_image }}
    entrypoint: ["haproxy", "-sf", "350", "-x", "{{ haproxy_admin_socket }}", "-W", "-db", "-f", "/usr/local/etc/haproxy/haproxy.cfg", "-L", "local_haproxy"]
    volumes:
      - {{ haproxy_cert_dir }}:{{ haproxy_cert_dir }}:ro
      - /var/run/docker.sock:/var/run/docker.sock
      - {{ haproxy_docker_socket_dir }}:{{ haproxy_admin_socket_dir }}
{% if haproxy_docker_mount_conf_file %}
      - /etc/haproxy:/usr/local/etc/haproxy:ro
{% endif %}
{% if not haproxy_docker_mount_conf_file %}
    configs:
      - source: haproxy_conf
        target: /usr/local/etc/haproxy/haproxy.cfg
        mode: 0444
{% endif %}
    networks:
      - {{ haproxy_docker_overlay_network }}
    ports:
      - target: {{ haproxy_default_port }}
        published: {{ haproxy_default_port }}
        protocol: tcp
{% if docker_swarm_haproxy_installation_type == 'mesh' %}
        mode: ingress
{% else %}
        mode: host
{% endif %}
      - target: {{ haproxy_ssl_port }}
        published: {{ haproxy_ssl_port }}
        protocol: tcp
{% if docker_swarm_haproxy_installation_type == 'mesh' %}
        mode: ingress
{% else %}
        mode: host
{% endif %}
{% if haproxy_docker_swarm_plain_http_listener %}
      - target: {{ haproxy_docker_swarm_plain_http_port }}
        published: {{ haproxy_docker_swarm_plain_http_port }}
        protocol: tcp
{% if docker_swarm_haproxy_installation_type == 'mesh' %}
        mode: ingress
{% else %}
        mode: host
{% endif %}
{% endif %}
      - target: {{ haproxy_admin_port }}
        published: {{ haproxy_admin_port }}
        protocol: tcp
{% if docker_swarm_haproxy_installation_type == 'mesh' %}
        mode: ingress
{% else %}
        mode: host
{% endif %}
{% if docker_swarm_expose_api_via_haproxy %}
      - target: {{ docker_swarm_haproxy_swarm_port }}
        published: {{ docker_swarm_haproxy_swarm_port }}
        protocol: tcp
{% if docker_swarm_haproxy_shinyproxy_metrics is defined and docker_swarm_haproxy_shinyproxy_metrics %}
      - target: 9090
        published: 9090
        protocol: tcp
{% endif %}
{% if docker_swarm_haproxy_installation_type == 'mesh' %}
        mode: ingress
{% else %}
        mode: host
{% endif %}
{% endif %}
    dns: [127.0.0.11]
    deploy:
{% if docker_swarm_haproxy_installation_type == 'keepalive' or docker_swarm_haproxy_installation_type == 'mesh' %}
      mode: replicated
      replicas: 1
{% endif %}
{% if docker_swarm_haproxy_installation_type == 'global' %}
      mode: global
      update_config:
        parallelism: 1
        delay: 20s
{% endif %}
      placement:
        constraints:
{% for constr in docker_swarm_haproxy_constraints %}
          - {{ constr }}
{% endfor %}
      restart_policy:
        condition: {{ haproxy_docker_restart_policy}}
        delay: 20s
        max_attempts: 5
        window: 120s
      resources:
        limits:
          cpus: '2.0'
          memory: 768M
        reservations:
          cpus: '1.0'
          memory: 384M
{% if docker_log_to_journal %}
    logging:
      driver: 'journald'
{% endif %}