Role that installs haproxy https://www.haproxy.org
Go to file
Andrea Dell'Amico b1b2ecb3ae Fixes #20387. Install the dataplane api executable 2021-02-09 17:58:05 +01:00
defaults Fixes #20387. Install the dataplane api executable 2021-02-09 17:58:05 +01:00
files Install the container as a stack. Install a bare configuration 2020-10-01 17:27:01 +02:00
handlers Import the old haproxy role. 2020-06-22 13:41:05 +02:00
meta Support the installation of haproxy as docker service 2020-09-30 15:19:54 +02:00
tasks Fixes #20387. Install the dataplane api executable 2021-02-09 17:58:05 +01:00
templates skip the service reload in the ocsp script. Reload the container in the cron job. 2020-12-29 22:53:47 +01:00
tests Initial commit 2020-06-22 13:28:56 +02:00
vars Create a overlay network as external, attach to that one 2020-10-12 17:38:01 +02:00
.gitignore Initial commit 2020-06-22 13:28:56 +02:00
LICENSE Initial commit 2020-06-22 13:28:56 +02:00
README.md Import the old haproxy role. 2020-06-22 13:41:05 +02:00

README.md

Role Name

A role that installs Haproxy, https://www.haproxy.org.

Role Variables

The most important variables are listed below:

haproxy_latest_release: True
haproxy_version: 2.0
haproxy_repo_key: 'http://haproxy.debian.net/bernat.debian.org.gpg'
haproxy_debian_latest_repo: "deb http://haproxy.debian.net {{ ansible_lsb.codename }}-backports-{{ haproxy_version }} main"
haproxy_ubuntu_latest_repo: "ppa:vbernat/haproxy-{{ haproxy_version }}"
haproxy_pkg_state: latest
haproxy_enabled: True
haproxy_k_bind_non_local_ip: True

haproxy_default_port: 80
haproxy_terminate_tls: False
haproxy_ssl_port: 443
haproxy_admin_port: 8880
haproxy_admin_socket: /run/haproxy/admin.sock

haproxy_letsencrypt_managed: True
haproxy_cert_dir: '{{ pki_dir }}/haproxy'

haproxy_nagios_check: False
# It's a percentage
haproxy_nagios_check_w: 70
haproxy_nagios_check_c: 90

haproxy_check_interval: 3s
haproxy_backend_maxconn: 2048

haproxy_sysctl_conntrack_max: 131072

Additional tasks

The user of this role will need to write a haproxy.cfg template and install it with a dedicated task. Something like

- name: Configure haproxy
  template: src=haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg owner=root group=haproxy mode=0440
  notify: Reload haproxy
  tags: [ 'haproxy', 'haproxy_conf' ]

Dependencies

  • letsencrypt-acme-sh

License

EUPL-1.2

Author Information

Andrea DellAmico, andrea.dellamico@isti.cnr.it