commit
cd36f1b885
19 changed files with 182 additions and 0 deletions
@ -0,0 +1 @@ |
||||
1.5:cf74901d-39d5-47cd-adcd-bbdc44a88332 |
@ -0,0 +1 @@ |
||||
{"name":"fedora/34-cloud-base","version":"34.20210423.0","provider":"libvirt","directory":"boxes/fedora-VAGRANTSLASH-34-cloud-base/34.20210423.0/libvirt"} |
@ -0,0 +1 @@ |
||||
1000 |
@ -0,0 +1 @@ |
||||
cf74901d-39d5-47cd-adcd-bbdc44a88332 |
@ -0,0 +1 @@ |
||||
35f14c8cc4fd4d869900e2af32a30b55 |
@ -0,0 +1,27 @@ |
||||
-----BEGIN RSA PRIVATE KEY----- |
||||
MIIEogIBAAKCAQEAoskrvpVXkG3L7i1361m1abG623R1B9MVzNjggqUi25xIz+ma |
||||
AbyVfbmrt86JwhzkOAc0mi+npO28EHOClCsv+NgNLQcD13odKsijKPbK5JN6C7VC |
||||
+g6TEQwk83mmLQ2nZGAAnk8cXAfq0swA1YqbbWKRT9UN72bvn22wBt5VZVrUtizc |
||||
ldAvDXjY6syqGoZQpb2Iq2e3q5GaeL7Z3rTMJBuKSK1DvTviy7sFeh9bkAlrRE3K |
||||
htPp+WEYsqEbqe9bFOoZkaapu6TN7CqbbR7TI0Zhhv6t3Vn6u+qtwXcolOWVu+CV |
||||
iOJJl59L12kCEjMTlv46eVV63nCtD4Lof6v+SwIDAQABAoIBABDVTrG5jcGAqRrr |
||||
FsB+mVThrRnuc/+oI1P4hVbdLrqY8aqWVHejga3rmkc6k2JATJVCoXzkOqjCcLUe |
||||
zLz3rlFEPjCOziXlGckH0F93DcoPOgql5tQm16xmnheTV8zG4a1uhAHa2mrl4rGD |
||||
qP5sA+CO1cn0lSlRcqwA0rgTG6+MR71H9bl3IKr9ZDIkTSycK3Bu5Gh05aHhVUZf |
||||
RrTLJZXqf0bN0AV97GMu3Mr4hiBaO/4xWs3T8foCEeImS/KO/i5s9KySWhIBxwV5 |
||||
gSne9rzmh2HwPi+gmS6B33omE78h59eqAMLMy9ajPbeBho9eA5Iz9RPaJRueyPkd |
||||
6TNnxEkCgYEA071KhpGH0Wk7ZpgEwN1iwjLgxqIMyU/LdcsTTPPu4BqnhqVt4w1/ |
||||
Q5gVHX//BR5uZVCcFx2bxJwl40CY11Px54mTMTf/h831ma8f1YYKEAlplkLHCGKA |
||||
ym6DcNJSEVGP7Xz2zhGLlzofxG5CzaFL17DlKN94jQDTyE5C3wCtubcCgYEAxNA/ |
||||
8RqmpY92LWblZrrqg7xSZQ88jog8fGcV/ziYRpSwJPtCcaxz1ZfuSJyCIg4Eej6W |
||||
p3ee+fZxuNFoLG4OC1hznNsuh/HYalKNyjHe1Z2mFdqmn8fhIOyL6v/vCf8DWMil |
||||
ZAMyoqwaxST03lGHScqw82Nry4mHt54fukUy8A0CgYAxOnBKSymdqW6zEqMASDh+ |
||||
2B9kbyaz40Z1k4pgONKP7gKHDo023dt51rEKE8kx4npeOdigkzS1CGzSoiEm5xB1 |
||||
+YlsRw21AFCas5meJjTOt7GByvLFY0l4RytuHqgP+LuSxpwHGxMuTMg3/j6v2lFs |
||||
y2bsEtDPT6LtjiyD9n9tjwKBgHy8f8oPWg8UHZIo5Lt3O6rCcHYccgTj03IE46wd |
||||
8mTJV9oYZMQmyENXR249wzxSJgRUJqd86QUDbI/2KFAAcGZAaQXA5HzEiqTYLYU4 |
||||
lkJM6DZxnakmxUhYo1UNYDK1rSlYAXqhjDYNXeoUwh0lDtl13TBkkq0tPRbi4Ljt |
||||
opsBAoGAYo1vAHqSU04IpM2mqSekFvT5Pj27nQEfy0o2JzipFJq/7sdPSPykEyCj |
||||
eFE03YjY7JPvkcz2mM2ng+0N1rfLl2h4tX0ncx2T/4vEqrvmlpEUd+o1UR7vYhN2 |
||||
gpo+WqJRoBbykitMgfioeXDVa5HpLJUdv7o+/X/E9lfO7xjN2qI= |
||||
-----END RSA PRIVATE KEY----- |
@ -0,0 +1 @@ |
||||
{"rsync":{"/vagrant":{"type":"rsync","guestpath":"/vagrant","hostpath":"/var/home/dschier/Projects/dschier/haproxy","disabled":false,"__vagrantfile":true,"owner":"vagrant","group":"vagrant"},"/etc/ansible/roles/haproxy":{"type":"rsync","guestpath":"/etc/ansible/roles/haproxy","hostpath":"/var/home/dschier/Projects/dschier/haproxy","disabled":false,"__vagrantfile":true,"owner":"vagrant","group":"vagrant"}}} |
@ -0,0 +1 @@ |
||||
/var/home/dschier/Projects/dschier/haproxy |
@ -0,0 +1,3 @@ |
||||
# Generated by Vagrant |
||||
|
||||
lb01 ansible_ssh_host=192.168.122.12 ansible_ssh_port=22 ansible_ssh_user='vagrant' ansible_ssh_private_key_file='/var/home/dschier/Projects/dschier/haproxy/.vagrant/machines/lb01/libvirt/private_key' |
@ -0,0 +1,9 @@ |
||||
# This file loads the proper rgloader/loader.rb file that comes packaged |
||||
# with Vagrant so that encoded files can properly run with Vagrant. |
||||
|
||||
if ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"] |
||||
require File.expand_path( |
||||
"rgloader/loader", ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"]) |
||||
else |
||||
raise "Encoded files can't be read outside of the Vagrant installer." |
||||
end |
@ -0,0 +1,29 @@ |
||||
# Vagrantfile for gerri server |
||||
|
||||
Vagrant.configure("2") do |config| |
||||
|
||||
# Virtualization |
||||
config.vm.provider "libvirt" do |lv| |
||||
lv.cpus = 4 |
||||
lv.memory = 4096 |
||||
end |
||||
|
||||
config.vm.provider "virtualbox" do |vb| |
||||
vb.cpus = 4 |
||||
vb.memory = 4096 |
||||
end |
||||
|
||||
config.vm.synced_folder ".", "/etc/ansible/roles/haproxy", type: "rsync" |
||||
|
||||
# Provision |
||||
config.vm.provision "test", type: "ansible", run: "once" do |test| |
||||
test.playbook = "tests/test.yml" |
||||
end |
||||
|
||||
# Instance |
||||
config.vm.define "lb01" do |lb01| |
||||
lb01.vm.box = "fedora/34-cloud-base" |
||||
lb01.vm.hostname = "lb01" |
||||
end |
||||
|
||||
end |
@ -0,0 +1,4 @@ |
||||
--- |
||||
# defaults file for haproxy |
||||
|
||||
haproxy_workaround: false |
@ -0,0 +1,2 @@ |
||||
--- |
||||
# handlers file for haproxy |
@ -0,0 +1 @@ |
||||
dependencies: [] |
@ -0,0 +1,2 @@ |
||||
collections: |
||||
- name: "ansible.posix" |
@ -0,0 +1,40 @@ |
||||
--- |
||||
# tasks file for haproxy |
||||
|
||||
- name: "Manage haproxy Packages" |
||||
ansible.builtin.package: |
||||
name: "haproxy" |
||||
state: "present" |
||||
become: true |
||||
|
||||
- name: "Manage haproxy Configuration" |
||||
ansible.builtin.template: |
||||
src: "haproxy.conf.j2" |
||||
dest: "/etc/haproxy/haproxy.conf" |
||||
owner: "root" |
||||
group: "root" |
||||
mode: 0644 |
||||
become: true |
||||
|
||||
- name: "Manage haproxy SELinux booleans" |
||||
ansible.posix.seboolean: |
||||
name: "haproxy_connect_any" |
||||
persistent: true |
||||
state: 1 |
||||
become: true |
||||
when: |
||||
- " ! haproxy_workaround | bool" |
||||
|
||||
- name: "Manage haproxy SELinux booleans" |
||||
ansible.builtin.command: |
||||
cmd: "setsebool -P haproxy_connect_any 1" |
||||
become: true |
||||
when: |
||||
- "haproxy_workaround | bool" |
||||
|
||||
- name: "Manage haproxy Services" |
||||
ansible.builtin.service: |
||||
name: "haproxy.service" |
||||
state: "started" |
||||
enabled: true |
||||
become: true |
@ -0,0 +1,46 @@ |
||||
#--------------------------------------------------------------------- |
||||
# Global settings |
||||
#--------------------------------------------------------------------- |
||||
global |
||||
log 127.0.0.1 local2 |
||||
|
||||
chroot /var/lib/haproxy |
||||
pidfile /var/run/haproxy.pid |
||||
maxconn 4000 |
||||
user haproxy |
||||
group haproxy |
||||
daemon |
||||
|
||||
# turn on stats unix socket |
||||
stats socket /var/lib/haproxy/stats |
||||
|
||||
# utilize system-wide crypto-policies |
||||
ssl-default-bind-ciphers PROFILE=SYSTEM |
||||
ssl-default-server-ciphers PROFILE=SYSTEM |
||||
|
||||
defaults |
||||
mode tcp |
||||
|
||||
frontend api |
||||
bind *:6443 |
||||
default_backend api |
||||
|
||||
frontend app_http |
||||
bind *:80 |
||||
default_backend app_http |
||||
|
||||
frontend app_https |
||||
bind *:443 |
||||
default_backend app_https |
||||
|
||||
backend api |
||||
balance roundrobin |
||||
server server1 localhost:8080 check |
||||
|
||||
backend app_http |
||||
balance roundrobin |
||||
server server1 localhost:8080 check |
||||
|
||||
backend app_https |
||||
balance roundrobin |
||||
server server1 localhost:8080 check |
@ -0,0 +1,2 @@ |
||||
localhost |
||||
|
@ -0,0 +1,10 @@ |
||||
--- |
||||
- hosts: "localhost" |
||||
|
||||
tasks: |
||||
|
||||
- name: "Import haproxy Role" |
||||
ansible.builtin.import_role: |
||||
name: "haproxy" |
||||
vars: |
||||
- haproxy_workaround: false |
Loading…
Reference in new issue