60 lines
2.3 KiB
YAML
60 lines
2.3 KiB
YAML
---
|
|
haproxy_latest_release: True
|
|
haproxy_version: 2.2
|
|
haproxy_repo_key: 'http://haproxy.debian.net/bernat.debian.org.gpg'
|
|
haproxy_debian_latest_repo: "deb http://haproxy.debian.net {{ ansible_lsb.codename }}-backports-{{ haproxy_version }} main"
|
|
haproxy_ubuntu_latest_repo: "ppa:vbernat/haproxy-{{ haproxy_version }}"
|
|
haproxy_pkg_state: present
|
|
haproxy_enabled: True
|
|
haproxy_loglevel: info
|
|
haproxy_k_bind_non_local_ip: True
|
|
haproxy_docker_container: False
|
|
haproxy_docker_version: '{{ haproxy_version }}.4'
|
|
haproxy_docker_image: 'haproxytech/haproxy-debian:{{ haproxy_version }}.4'
|
|
haproxy_docker_compose_dir: /srv/haproxy_swarm
|
|
haproxy_docker_restart_policy: 'on-failure'
|
|
|
|
haproxy_ha_with_keepalived: False
|
|
haproxy_docker_swarm_networks:
|
|
- '{{ docker_swarm_portainer_network }}'
|
|
haproxy_docker_swarm_additional_networks: []
|
|
|
|
haproxy_docker_swarm_haproxy_constraints:
|
|
- 'node.role == manager'
|
|
haproxy_docker_swarm_additional_services: []
|
|
# - { acl_name: 'service', acl_rule: 'hdr_dom(host) -i service.example.com', stack_name: 'stack', service_name: 'service', service_replica_num: '1', service_port: '9999', service_overlay_network: 'service-network', stick_sessions: False, stick_on_cookie: True, stick_cookie: 'JSESSIONID', stick_table: 'type ip size 2m expire 180m', balance_type: 'roundrobin', backend_options: '', http_check_enabled: True, http_check: 'meth HEAD uri / ver HTTP/1.1 hdr Host localhost', http_check_expect: 'rstatus (2|3)[0-9][0-9]', allowed_networks: '192.168.1.0/24 192.168.2.0/24' }
|
|
|
|
haproxy_default_port: 80
|
|
haproxy_terminate_tls: False
|
|
haproxy_ssl_port: 443
|
|
haproxy_admin_port: 8880
|
|
haproxy_admin_socket: /run/haproxy/admin.sock
|
|
|
|
haproxy_letsencrypt_managed: True
|
|
haproxy_cert_dir: '{{ pki_dir }}/haproxy'
|
|
|
|
haproxy_install_additional_pkgs: False
|
|
haproxy_additional_pkgs:
|
|
- haproxyctl
|
|
- haproxy-log-analysis
|
|
|
|
haproxy_nagios_check: False
|
|
# It's a percentage
|
|
haproxy_nagios_check_w: 70
|
|
haproxy_nagios_check_c: 90
|
|
|
|
# Used by some other role as defaults, eg docker-swarm
|
|
haproxy_spread_checks: 5
|
|
haproxy_connect_timeout: 10s
|
|
haproxy_client_timeout: 120s
|
|
haproxy_server_timeout: 480s
|
|
haproxy_global_keepalive_timeout: 10s
|
|
haproxy_client_keepalive_timeout: 5184000s
|
|
haproxy_backend_maxconn: 2048
|
|
haproxy_check_interval: 3s
|
|
haproxy_check_timeout: 2s
|
|
haproxy_maxconns: 4096
|
|
|
|
haproxy_sysctl_conntrack_max: 131072
|
|
|