ansible-roles/haproxy
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add haproxy repo, custom config files & readme

Browse Source
This commit is contained in:
Ludovic Cartier
2025-09-23 14:59:37 +02:00
parent 58ef95e654
commit 141ec62e2c
8 changed files with 123 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,5 @@
{
"yaml.schemas": {
"https://raw.githubusercontent.com/ansible/ansible-lint/main/src/ansiblelint/schemas/ansible.json": "file:///Users/ludal/Repositories/brainsys/ansible-roles/haproxy/tasks/requirements.yml"
}
}

63
README.md
View File

@@ -1,2 +1,65 @@
# haproxy # haproxy
The present role:
- install HAProxy
- push a default configuration file
- generate a self-signed certificate
By default, HAProxy will be installed from Debian backports repository, but you can optionnaly choose to install it from HAPRoxy's Debian repository (and choose the version).
Configuration file could also be overrided.
## Optional: Use HAProxy's official Debian repository
You can enable installation from the official [HAProxy Debian repository](https://haproxy.debian.net/) by setting the following variable in your playbook or inventory:
```yaml
haproxy_use_debian_repo: true
```
You can also override the following variables if needed:
```yaml
haproxy_debian_repo_url: 'http://haproxy.debian.net'
haproxy_debian_repo_distribution: '{{ ansible_distribution_release }}'
haproxy_debian_repo_component: 'main'
haproxy_debian_repo_key_url: 'https://haproxy.debian.net/bernat.debian.org.gpg'
haproxy_version: '3.2' # default version
```
The apt source line will look like:
```
deb [signed-by=/usr/share/keyrings/haproxy.debian.net.gpg] http://haproxy.debian.net bookworm-backports-3.2 main
```
By default, the role installs HAProxy from Debian backports. If you enable the repository, it will be added and HAProxy will be installed from there.
## Overriding the HAProxy configuration file
If you want to use your own configuration file (outside the role), set the variable `haproxy_custom_configuration_file` to the path of your file. The role will copy it to `/etc/haproxy/haproxy.cfg` instead of rendering the template.
Example:
```yaml
haproxy_custom_configuration_file: '/path/to/my/haproxy.cfg'
```
If not set, the default template `haproxy.cfg.j2` will be used.
You can enable installation from the official [HAProxy Debian repository](https://haproxy.debian.net/) by setting the following variable in your playbook or inventory:
```yaml
haproxy_use_debian_repo: true
```
You can also override the following variables if needed:
```yaml
haproxy_debian_repo_url: 'http://haproxy.debian.net'
haproxy_debian_repo_distribution: '{{ ansible_distribution_release }}'
haproxy_debian_repo_component: 'main'
haproxy_debian_repo_key_url: 'https://haproxy.debian.net/haproxy-archive-keyring.gpg'
```
By default, the role installs HAProxy from Debian backports. If you enable the repository, it will be added and HAProxy will be installed from there.

8
defaults/main.yml
View File

@@ -9,3 +9,11 @@ haproxy_ssl_self_signed_domains:
haproxy_accept_warnings: yes haproxy_accept_warnings: yes
haproxy_bind_ip: '*' haproxy_bind_ip: '*'
# Optional: Use HAProxy's official Debian repository
haproxy_use_debian_repo: false
haproxy_debian_repo_url: 'http://haproxy.debian.net'
haproxy_debian_repo_distribution: '{{ ansible_distribution_release }}'
haproxy_debian_repo_component: 'main'
haproxy_debian_repo_key_url: 'https://haproxy.debian.net/haproxy-archive-keyring.gpg'
haproxy_version: '3.2'

15
tasks/configure.yml
View File

@@ -22,7 +22,19 @@
notify: notify:
- haproxy restart - haproxy restart
- name: haproxy | copy configuration file - name: haproxy | copy custom configuration file
copy:
src: "{{ haproxy_custom_configuration_file }}"
dest: '/etc/haproxy/haproxy.cfg'
owner: root
group: root
mode: '0440'
validate: 'haproxy -f %s -c {% if haproxy_accept_warnings %}-q{% endif %}'
when: haproxy_custom_configuration_file is defined
notify:
- haproxy reload
- name: haproxy | copy default configuration file
template: template:
src: haproxy.cfg.j2 src: haproxy.cfg.j2
dest: '/etc/haproxy/haproxy.cfg' dest: '/etc/haproxy/haproxy.cfg'
@@ -30,5 +42,6 @@
group: root group: root
mode: '0440' mode: '0440'
validate: 'haproxy -f %s -c {% if haproxy_accept_warnings %}-q{% endif %}' validate: 'haproxy -f %s -c {% if haproxy_accept_warnings %}-q{% endif %}'
when: haproxy_custom_configuration_file is not defined
notify: notify:
- haproxy reload - haproxy reload

7
tasks/install.yml
View File

@@ -1,7 +0,0 @@
---
- name: haproxy | installation
apt:
name: haproxy
state: present
default_release: "{{ ansible_distribution_release }}-backports"

12
tasks/requirements.yml → tasks/install_from_backports.yml
View File

@@ -1,11 +1,13 @@
--- ---
- name: haproxy | add backports repository - name: haproxy | add Debian backports repository
apt_repository: apt_repository:
repo: deb http://deb.debian.org/debian {{ ansible_distribution_release }}-backports main repo: deb http://deb.debian.org/debian {{ ansible_distribution_release }}-backports main
state: present state: present
filename: "{{ ansible_distribution_release }}-backports" filename: "{{ ansible_distribution_release }}-backports"
- name: haproxy | update apt cache
apt:
update_cache: yes update_cache: yes
cache_valid_time: 86400
- name: haproxy | installation
apt:
name: haproxy
state: present
default_release: "{{ ansible_distribution_release }}-backports"

20
tasks/install_from_haproxy.yml Normal file
View File

@@ -0,0 +1,20 @@
---
- name: haproxy | add HAProxy Debian repository key
ansible.builtin.get_url:
url: "{{ haproxy_debian_repo_key_url }}"
dest: /etc/apt/keyrings/haproxy-archive-keyring.gpg
mode: '0644'
- name: haproxy | add HAProxy Debian repository
ansible.builtin.apt_repository:
repo: "deb [signed-by=/etc/apt/keyrings/haproxy-archive-keyring.gpg] {{ haproxy_debian_repo_url }} {{ haproxy_debian_repo_distribution }}-backports-{{ haproxy_version }} {{ haproxy_debian_repo_component }}"
state: present
filename: 'haproxy'
update_cache: yes
- name: haproxy | install HAProxy from HAProxy Debian repo
ansible.builtin.apt:
name: haproxy
state: present
update_cache: yes
default_release: "{{ haproxy_debian_repo_distribution }}-backports-{{ haproxy_version }}"

11
tasks/main.yml
View File

@@ -1,10 +1,11 @@
--- ---
- name: haproxy | requirements - name: haproxy | install from backports
include_tasks: requirements.yml include_tasks: install_from_backports.yml
when: not haproxy_use_debian_repo | bool
- name: haproxy | installation - name: haproxy | install from HAProxy repo
include_tasks: install.yml include_tasks: install_from_haproxy.yml
when: haproxy_use_debian_repo | bool
- name: haproxy | configuration - name: haproxy | configuration
include_tasks: configure.yml include_tasks: configure.yml