initial commit

main
dschier 1 year ago
commit cd36f1b885
  1. 1
      .vagrant/machines/lb01/libvirt/action_provision
  2. 1
      .vagrant/machines/lb01/libvirt/box_meta
  3. 1
      .vagrant/machines/lb01/libvirt/creator_uid
  4. 1
      .vagrant/machines/lb01/libvirt/id
  5. 1
      .vagrant/machines/lb01/libvirt/index_uuid
  6. 27
      .vagrant/machines/lb01/libvirt/private_key
  7. 1
      .vagrant/machines/lb01/libvirt/synced_folders
  8. 1
      .vagrant/machines/lb01/libvirt/vagrant_cwd
  9. 3
      .vagrant/provisioners/ansible/inventory/vagrant_ansible_inventory
  10. 9
      .vagrant/rgloader/loader.rb
  11. 29
      Vagrantfile
  12. 4
      defaults/main.yml
  13. 2
      handlers/main.yml
  14. 1
      meta/main.yml
  15. 2
      requirements.yml
  16. 40
      tasks/main.yml
  17. 46
      templates/haproxy.conf.j2
  18. 2
      tests/inventory
  19. 10
      tests/test.yml

@ -0,0 +1 @@
1.5:cf74901d-39d5-47cd-adcd-bbdc44a88332

@ -0,0 +1 @@
{"name":"fedora/34-cloud-base","version":"34.20210423.0","provider":"libvirt","directory":"boxes/fedora-VAGRANTSLASH-34-cloud-base/34.20210423.0/libvirt"}

@ -0,0 +1 @@
cf74901d-39d5-47cd-adcd-bbdc44a88332

@ -0,0 +1 @@
35f14c8cc4fd4d869900e2af32a30b55

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAoskrvpVXkG3L7i1361m1abG623R1B9MVzNjggqUi25xIz+ma
AbyVfbmrt86JwhzkOAc0mi+npO28EHOClCsv+NgNLQcD13odKsijKPbK5JN6C7VC
+g6TEQwk83mmLQ2nZGAAnk8cXAfq0swA1YqbbWKRT9UN72bvn22wBt5VZVrUtizc
ldAvDXjY6syqGoZQpb2Iq2e3q5GaeL7Z3rTMJBuKSK1DvTviy7sFeh9bkAlrRE3K
htPp+WEYsqEbqe9bFOoZkaapu6TN7CqbbR7TI0Zhhv6t3Vn6u+qtwXcolOWVu+CV
iOJJl59L12kCEjMTlv46eVV63nCtD4Lof6v+SwIDAQABAoIBABDVTrG5jcGAqRrr
FsB+mVThrRnuc/+oI1P4hVbdLrqY8aqWVHejga3rmkc6k2JATJVCoXzkOqjCcLUe
zLz3rlFEPjCOziXlGckH0F93DcoPOgql5tQm16xmnheTV8zG4a1uhAHa2mrl4rGD
qP5sA+CO1cn0lSlRcqwA0rgTG6+MR71H9bl3IKr9ZDIkTSycK3Bu5Gh05aHhVUZf
RrTLJZXqf0bN0AV97GMu3Mr4hiBaO/4xWs3T8foCEeImS/KO/i5s9KySWhIBxwV5
gSne9rzmh2HwPi+gmS6B33omE78h59eqAMLMy9ajPbeBho9eA5Iz9RPaJRueyPkd
6TNnxEkCgYEA071KhpGH0Wk7ZpgEwN1iwjLgxqIMyU/LdcsTTPPu4BqnhqVt4w1/
Q5gVHX//BR5uZVCcFx2bxJwl40CY11Px54mTMTf/h831ma8f1YYKEAlplkLHCGKA
ym6DcNJSEVGP7Xz2zhGLlzofxG5CzaFL17DlKN94jQDTyE5C3wCtubcCgYEAxNA/
8RqmpY92LWblZrrqg7xSZQ88jog8fGcV/ziYRpSwJPtCcaxz1ZfuSJyCIg4Eej6W
p3ee+fZxuNFoLG4OC1hznNsuh/HYalKNyjHe1Z2mFdqmn8fhIOyL6v/vCf8DWMil
ZAMyoqwaxST03lGHScqw82Nry4mHt54fukUy8A0CgYAxOnBKSymdqW6zEqMASDh+
2B9kbyaz40Z1k4pgONKP7gKHDo023dt51rEKE8kx4npeOdigkzS1CGzSoiEm5xB1
+YlsRw21AFCas5meJjTOt7GByvLFY0l4RytuHqgP+LuSxpwHGxMuTMg3/j6v2lFs
y2bsEtDPT6LtjiyD9n9tjwKBgHy8f8oPWg8UHZIo5Lt3O6rCcHYccgTj03IE46wd
8mTJV9oYZMQmyENXR249wzxSJgRUJqd86QUDbI/2KFAAcGZAaQXA5HzEiqTYLYU4
lkJM6DZxnakmxUhYo1UNYDK1rSlYAXqhjDYNXeoUwh0lDtl13TBkkq0tPRbi4Ljt
opsBAoGAYo1vAHqSU04IpM2mqSekFvT5Pj27nQEfy0o2JzipFJq/7sdPSPykEyCj
eFE03YjY7JPvkcz2mM2ng+0N1rfLl2h4tX0ncx2T/4vEqrvmlpEUd+o1UR7vYhN2
gpo+WqJRoBbykitMgfioeXDVa5HpLJUdv7o+/X/E9lfO7xjN2qI=
-----END RSA PRIVATE KEY-----

@ -0,0 +1 @@
{"rsync":{"/vagrant":{"type":"rsync","guestpath":"/vagrant","hostpath":"/var/home/dschier/Projects/dschier/haproxy","disabled":false,"__vagrantfile":true,"owner":"vagrant","group":"vagrant"},"/etc/ansible/roles/haproxy":{"type":"rsync","guestpath":"/etc/ansible/roles/haproxy","hostpath":"/var/home/dschier/Projects/dschier/haproxy","disabled":false,"__vagrantfile":true,"owner":"vagrant","group":"vagrant"}}}

@ -0,0 +1 @@
/var/home/dschier/Projects/dschier/haproxy

@ -0,0 +1,3 @@
# Generated by Vagrant
lb01 ansible_ssh_host=192.168.122.12 ansible_ssh_port=22 ansible_ssh_user='vagrant' ansible_ssh_private_key_file='/var/home/dschier/Projects/dschier/haproxy/.vagrant/machines/lb01/libvirt/private_key'

@ -0,0 +1,9 @@
# This file loads the proper rgloader/loader.rb file that comes packaged
# with Vagrant so that encoded files can properly run with Vagrant.
if ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"]
require File.expand_path(
"rgloader/loader", ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"])
else
raise "Encoded files can't be read outside of the Vagrant installer."
end

29
Vagrantfile vendored

@ -0,0 +1,29 @@
# Vagrantfile for gerri server
Vagrant.configure("2") do |config|
# Virtualization
config.vm.provider "libvirt" do |lv|
lv.cpus = 4
lv.memory = 4096
end
config.vm.provider "virtualbox" do |vb|
vb.cpus = 4
vb.memory = 4096
end
config.vm.synced_folder ".", "/etc/ansible/roles/haproxy", type: "rsync"
# Provision
config.vm.provision "test", type: "ansible", run: "once" do |test|
test.playbook = "tests/test.yml"
end
# Instance
config.vm.define "lb01" do |lb01|
lb01.vm.box = "fedora/34-cloud-base"
lb01.vm.hostname = "lb01"
end
end

@ -0,0 +1,4 @@
---
# defaults file for haproxy
haproxy_workaround: false

@ -0,0 +1,2 @@
---
# handlers file for haproxy

@ -0,0 +1 @@
dependencies: []

@ -0,0 +1,2 @@
collections:
- name: "ansible.posix"

@ -0,0 +1,40 @@
---
# tasks file for haproxy
- name: "Manage haproxy Packages"
ansible.builtin.package:
name: "haproxy"
state: "present"
become: true
- name: "Manage haproxy Configuration"
ansible.builtin.template:
src: "haproxy.conf.j2"
dest: "/etc/haproxy/haproxy.conf"
owner: "root"
group: "root"
mode: 0644
become: true
- name: "Manage haproxy SELinux booleans"
ansible.posix.seboolean:
name: "haproxy_connect_any"
persistent: true
state: 1
become: true
when:
- " ! haproxy_workaround | bool"
- name: "Manage haproxy SELinux booleans"
ansible.builtin.command:
cmd: "setsebool -P haproxy_connect_any 1"
become: true
when:
- "haproxy_workaround | bool"
- name: "Manage haproxy Services"
ansible.builtin.service:
name: "haproxy.service"
state: "started"
enabled: true
become: true

@ -0,0 +1,46 @@
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
# utilize system-wide crypto-policies
ssl-default-bind-ciphers PROFILE=SYSTEM
ssl-default-server-ciphers PROFILE=SYSTEM
defaults
mode tcp
frontend api
bind *:6443
default_backend api
frontend app_http
bind *:80
default_backend app_http
frontend app_https
bind *:443
default_backend app_https
backend api
balance roundrobin
server server1 localhost:8080 check
backend app_http
balance roundrobin
server server1 localhost:8080 check
backend app_https
balance roundrobin
server server1 localhost:8080 check

@ -0,0 +1,2 @@
localhost

@ -0,0 +1,10 @@
---
- hosts: "localhost"
tasks:
- name: "Import haproxy Role"
ansible.builtin.import_role:
name: "haproxy"
vars:
- haproxy_workaround: false
Loading…
Cancel
Save