67 lines
1.5 KiB
Markdown
67 lines
1.5 KiB
Markdown
Role Name
|
|
=========
|
|
|
|
A role that installs Haproxy, <https://www.haproxy.org>.
|
|
|
|
Role Variables
|
|
--------------
|
|
|
|
The most important variables are listed below:
|
|
|
|
``` yaml
|
|
haproxy_latest_release: True
|
|
haproxy_version: 2.0
|
|
haproxy_repo_key: 'http://haproxy.debian.net/bernat.debian.org.gpg'
|
|
haproxy_debian_latest_repo: "deb http://haproxy.debian.net {{ ansible_lsb.codename }}-backports-{{ haproxy_version }} main"
|
|
haproxy_ubuntu_latest_repo: "ppa:vbernat/haproxy-{{ haproxy_version }}"
|
|
haproxy_pkg_state: latest
|
|
haproxy_enabled: True
|
|
haproxy_k_bind_non_local_ip: True
|
|
|
|
haproxy_default_port: 80
|
|
haproxy_terminate_tls: False
|
|
haproxy_ssl_port: 443
|
|
haproxy_admin_port: 8880
|
|
haproxy_admin_socket: /run/haproxy/admin.sock
|
|
|
|
haproxy_letsencrypt_managed: True
|
|
haproxy_cert_dir: '{{ pki_dir }}/haproxy'
|
|
|
|
haproxy_nagios_check: False
|
|
# It's a percentage
|
|
haproxy_nagios_check_w: 70
|
|
haproxy_nagios_check_c: 90
|
|
|
|
haproxy_check_interval: 3s
|
|
haproxy_backend_maxconn: 2048
|
|
|
|
haproxy_sysctl_conntrack_max: 131072
|
|
```
|
|
|
|
Additional tasks
|
|
------------
|
|
|
|
The user of this role will need to write a haproxy.cfg template and install it with a dedicated task. Something like
|
|
|
|
```yaml
|
|
- name: Configure haproxy
|
|
template: src=haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg owner=root group=haproxy mode=0440
|
|
notify: Reload haproxy
|
|
tags: [ 'haproxy', 'haproxy_conf' ]
|
|
```
|
|
|
|
Dependencies
|
|
------------
|
|
|
|
* letsencrypt-acme-sh
|
|
|
|
License
|
|
-------
|
|
|
|
EUPL-1.2
|
|
|
|
Author Information
|
|
------------------
|
|
|
|
Andrea Dell'Amico, <andrea.dellamico@isti.cnr.it>
|