forked from ISTI-ansible-roles/ansible-roles
library/roles/haproxy: Support floating IPs via net.ipv4.ip_nonlocal_bind. Enabled by default.
This commit is contained in:
Andrea Dell'Amico
parent
0653dfd8d0
commit
4c6df5199e
|
|
@ -6,6 +6,7 @@ haproxy_debian_latest_repo: "deb http://haproxy.debian.net {{ ansible_lsb.codena
|
|||
haproxy_ubuntu_latest_repo: "ppa:vbernat/haproxy-{{ haproxy_version }}"
|
||||
haproxy_pkg_state: latest
|
||||
haproxy_enabled: True
|
||||
haproxy_k_bind_non_local_ip: True
|
||||
|
||||
haproxy_default_port: 80
|
||||
haproxy_terminate_tls: False
|
||||
|
|
|
|||
|
|
@ -40,20 +40,15 @@
|
|||
register: install_haproxy
|
||||
tags: haproxy
|
||||
|
||||
- name: Ensure that haproxy is enabled and started
|
||||
service: name=haproxy state=started enabled=yes
|
||||
when: haproxy_enabled
|
||||
ignore_errors: True
|
||||
tags: haproxy
|
||||
- name: Enable kernel binding non local IP addresses
|
||||
sysctl: name={{ item }} value=1 reload=yes state=present
|
||||
with_items:
|
||||
- net.ipv4.ip_nonlocal_bind
|
||||
when: haproxy_k_bind_non_local_ip
|
||||
|
||||
- name: Haproxy puts a new rsyslog directive. Restart rsyslog to activate it. Reload is not sufficient
|
||||
service: name=rsyslog state=restarted
|
||||
when:
|
||||
- haproxy_enabled
|
||||
- ( install_haproxy | changed )
|
||||
tags: haproxy
|
||||
- name: Disable kernel binding non local IP addresses
|
||||
sysctl: name={{ item }} value=0 reload=yes state=present
|
||||
with_items:
|
||||
- net.ipv4.ip_nonlocal_bind
|
||||
when: not haproxy_k_bind_non_local_ip
|
||||
|
||||
- name: Ensure that haproxy is stopped and disabled if needed
|
||||
service: name=haproxy state=stopped enabled=no
|
||||
when: not haproxy_enabled
|
||||
tags: haproxy
|
||||
|
|
|
|||
|
|
@ -8,3 +8,21 @@
|
|||
when:
|
||||
- haproxy_letsencrypt_managed
|
||||
- letsencrypt_acme_install is defined
|
||||
|
||||
- name: Ensure that haproxy is enabled and started
|
||||
service: name=haproxy state=started enabled=yes
|
||||
when: haproxy_enabled
|
||||
ignore_errors: True
|
||||
tags: haproxy
|
||||
|
||||
- name: Haproxy puts a new rsyslog directive. Restart rsyslog to activate it. Reload is not sufficient
|
||||
service: name=rsyslog state=restarted
|
||||
when:
|
||||
- haproxy_enabled
|
||||
- ( install_haproxy | changed )
|
||||
tags: haproxy
|
||||
|
||||
- name: Ensure that haproxy is stopped and disabled if needed
|
||||
service: name=haproxy state=stopped enabled=no
|
||||
when: not haproxy_enabled
|
||||
tags: haproxy
|
||||
|
|
|
|||
Loading…
Reference in New Issue