ansible-galaxy/haproxy
1
0
Fork 0
mirror of https://gitea.0xace.cc/ansible-galaxy/haproxy.git synced 2024-11-25 00:16:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

split variables for RedHat and Debain os family

Browse Source
This commit is contained in:
ace 2023-04-16 03:27:24 +03:00
parent e230bae808
commit 412846751a
Signed by: ace
GPG Key ID: 2C08973DD37A76FD
9 changed files with 326 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
handlers/main.yaml
View File

@ -1,7 +1,14 @@
---
- name: Reload HAProxy
systemd:
name: haproxy
name: "{{ haproxy_unit_name }}"
state: reloaded
daemon_reload: yes
when: haproxy_enable_and_start.changed
- name: Restart HAProxy
systemd:
name: "{{ haproxy_unit_name }}"
state: reloaded
daemon_reload: yes
when: haproxy_enable_and_start.changed

124
tasks/Debian.yaml Normal file
View File

@ -0,0 +1,124 @@
---
- name: Gather packages
package_facts:
manager: auto
- name: Set fact about HAProxy package
set_fact:
haproxy_installed_package: "{{ ansible_facts.packages[haproxy_package_name][0]['name'] }}"
when: haproxy_package_name in ansible_facts.packages
- name: Print installed HAProxy version
debug:
msg: "{{ ansible_facts.packages[haproxy_package_name][0]['version'] }}"
verbosity: 2
when: haproxy_installed_package is defined
- name: Mask HAProxy before install
ansible.builtin.systemd:
name: "{{ haproxy_unit_name }}"
masked: yes
when: haproxy_package_name not in ansible_facts.packages or ansible_facts.packages[haproxy_package_name][0]['version'] != (haproxy_version|string + "-" + haproxy_version_build|string)
- name: "Install {{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
apt:
name: "{{ haproxy_package }}"
update_cache: yes
register: haproxy_setup
when: haproxy_package_name not in ansible_facts.packages
- name: "Update {{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
apt:
name: "{{ haproxy_package }}"
update_cache: yes
register: haproxy_update
notify: Restart HAProxy
when:
- haproxy_package_name in ansible_facts.packages
- ansible_facts.packages[haproxy_package_name][0]['version'] != (haproxy_version|string + "-" + haproxy_version_build|string)
- name: Install python3-cryptography
package:
name: python3-cryptography
- block:
- name: Check net.ipv4.ip_nonlocal_bind
ansible.posix.sysctl:
name: net.ipv4.ip_nonlocal_bind
value: '1'
sysctl_set: no
state: present
register: sysctl_result
- name: Set net.ipv4.ip_nonlocal_bind = 1
ansible.posix.sysctl:
name: net.ipv4.ip_nonlocal_bind
value: '1'
sysctl_set: yes
state: present
reload: yes
sysctl_file: /etc/sysctl.d/99-haproxy.conf
when: sysctl_result.changed
- name: Apply default config
block:
- name: Merge config for HAProxy
set_fact:
haproxy_combined_config: "{{ haproxy_config | default({}) | combine(haproxy_default_config, recursive=true) }}"
- name: Add HAProxy config
template:
src: "haproxy.cfg.j2"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when:
- haproxy_config_override is not defined
- haproxy_config_base64_override is not defined
- name: Override with config in plain text
block:
- set_fact:
haproxy_config: "{{ haproxy_config_override }}"
- name: Override HAParoxy config in plain text
copy:
content: "{{ haproxy_config }}"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when: haproxy_config_override is defined
- name: Override with base64 config
block:
- set_fact:
haproxy_config: "{{ haproxy_config_base64_override | b64decode }}"
- name: Override HAParoxy with config in base64
copy:
content: "{{ haproxy_config }}"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when: haproxy_config_base64_override is defined
- name: Add maps for HAProxy
include_tasks: map.yaml
when: haproxy_map is defined
- name: Add lua code for HAProxy
include_tasks: lua.yaml
when: haproxy_lua is defined
- name: Add certificate for HAProxy
include_tasks: cert.yaml
when: haproxy_ssl
- name: Enable and start HAProxy service
systemd:
name: "{{ haproxy_unit_name }}"
state: started
enabled: yes
daemon_reload: yes
masked: no
register: haproxy_enable_and_start

144
tasks/RedHat.yaml Normal file
View File

@ -0,0 +1,144 @@
---
- name: Gather packages
package_facts:
manager: auto
- name: Set fact about HAProxy package
set_fact:
haproxy_installed_package: "{{ ansible_facts.packages[haproxy_package_name][0]['name'] }}"
when: haproxy_package_name in ansible_facts.packages
- name: Print installed HAProxy version
debug:
msg: "{{ ansible_facts.packages[haproxy_package_name][0]['version'] }}"
verbosity: 2
when: haproxy_installed_package is defined
- name: Mask HAProxy before install
ansible.builtin.systemd:
name: "{{ haproxy_unit_name }}"
masked: yes
when: haproxy_package_name not in ansible_facts.packages or ansible_facts.packages[haproxy_package_name][0]['version'] != (haproxy_version|string + "-" + haproxy_version_build|string)
- name: "Install {{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
dnf:
name: "{{ haproxy_package }}"
update_cache: yes
register: haproxy_setup
when: haproxy_package_name not in ansible_facts.packages
- name: "Update {{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
dnf:
name: "{{ haproxy_package }}"
update_cache: yes
register: haproxy_update
notify: Restart HAProxy
when:
- haproxy_package_name in ansible_facts.packages
- ansible_facts.packages[haproxy_package_name][0]['version'] != (haproxy_version|string + "-" + haproxy_version_build|string)
- name: Install python2-cryptography
package:
name: python2-cryptography
when:
- ansible_facts['os_family'] == 'RedHat'
- ansible_facts['distribution_major_version'] <= '7'
- haproxy_self_signed_cert
- name: Install python3-cryptography
package:
name: python3-cryptography
when:
- ansible_facts['os_family'] == 'RedHat'
- ansible_facts['distribution_major_version'] == '8' or ansible_facts['distribution_major_version'] == '9'
- haproxy_self_signed_cert
- name: Set haproxy_connect_any flag on and keep it persistent across reboots
ansible.posix.seboolean:
name: haproxy_connect_any
state: yes
persistent: yes
notify:
- Reload HAProxy
when: ansible_selinux is defined and ansible_selinux != False and ansible_selinux.status == 'enabled'
- block:
- name: Check net.ipv4.ip_nonlocal_bind
ansible.posix.sysctl:
name: net.ipv4.ip_nonlocal_bind
value: '1'
sysctl_set: no
state: present
register: sysctl_result
- name: Set net.ipv4.ip_nonlocal_bind = 1
ansible.posix.sysctl:
name: net.ipv4.ip_nonlocal_bind
value: '1'
sysctl_set: yes
state: present
reload: yes
sysctl_file: /etc/sysctl.d/99-haproxy.conf
when: sysctl_result.changed
- name: Apply default config
block:
- name: Merge config for HAProxy
set_fact:
haproxy_combined_config: "{{ haproxy_config | default({}) | combine(haproxy_default_config, recursive=true) }}"
- name: Add HAProxy config
template:
src: "haproxy.cfg.j2"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when:
- haproxy_config_override is not defined
- haproxy_config_base64_override is not defined
- name: Override with config in plain text
block:
- set_fact:
haproxy_config: "{{ haproxy_config_override }}"
- name: Override HAParoxy config in plain text
copy:
content: "{{ haproxy_config }}"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when: haproxy_config_override is defined
- name: Override with base64 config
block:
- set_fact:
haproxy_config: "{{ haproxy_config_base64_override | b64decode }}"
- name: Override HAParoxy with config in base64
copy:
content: "{{ haproxy_config }}"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when: haproxy_config_base64_override is defined
- name: Add maps for HAProxy
include_tasks: map.yaml
when: haproxy_map is defined
- name: Add lua code for HAProxy
include_tasks: lua.yaml
when: haproxy_lua is defined
- name: Add certificate for HAProxy
include_tasks: cert.yaml
when: haproxy_ssl
- name: Enable and start HAProxy service
systemd:
name: haproxy
state: started
enabled: yes
daemon_reload: yes
register: haproxy_enable_and_start

128
tasks/main.yaml
View File

@ -1,113 +1,21 @@
---
- name: Install HAProxy
package:
name: haproxy
state: present
- name: Make sure handlers are flushed immediately
meta: flush_handlers
- name: Install python2-cryptography and libsemanage-python
yum:
name:
- python2-cryptography
- libsemanage-python
when:
- ansible_facts['os_family'] == 'RedHat'
- ansible_facts['distribution_major_version'] <= '7'
- name: Load a variable file based on the OS type
include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- "{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yaml"
- "{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yaml"
- "{{ ansible_facts['os_family'] }}-{{ ansible_facts['distribution_major_version'] }}.yaml"
- "{{ ansible_facts['os_family'] }}-{{ ansible_facts['distribution_version'] }}.yaml"
- "{{ ansible_facts['distribution'] }}.yaml"
- "{{ ansible_facts['os_family'] }}.yaml"
paths:
- "vars"
tags: haproxy_vars
- name: Install python3-cryptography and python3-libsemanage
dnf:
name:
- python3-cryptography
- python3-libsemanage
when:
- ansible_facts['os_family'] == 'RedHat'
- ansible_facts['distribution_major_version'] >= '8'
- name: Set haproxy_connect_any flag on and keep it persistent across reboots
ansible.posix.seboolean:
name: haproxy_connect_any
state: yes
persistent: yes
notify:
- Reload HAProxy
when: ansible_selinux is defined and ansible_selinux != False and ansible_selinux.status == 'enabled'
- block:
- name: Check net.ipv4.ip_nonlocal_bind
ansible.posix.sysctl:
name: net.ipv4.ip_nonlocal_bind
value: '1'
sysctl_set: no
state: present
register: sysctl_result
- name: Set net.ipv4.ip_nonlocal_bind = 1
ansible.posix.sysctl:
name: net.ipv4.ip_nonlocal_bind
value: '1'
sysctl_set: yes
state: present
reload: yes
sysctl_file: /etc/sysctl.d/99-haproxy.conf
when: sysctl_result.changed
- name: Apply default config
block:
- name: Merge config for HAProxy
set_fact:
haproxy_combined_config: "{{ haproxy_config | default({}) | combine(haproxy_default_config, recursive=true) }}"
- name: Add HAProxy config
template:
src: "haproxy.cfg.j2"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when:
- haproxy_config_override is not defined
- haproxy_config_base64_override is not defined
- name: Override with config in plain text
block:
- set_fact:
haproxy_config: "{{ haproxy_config_override }}"
- name: Override HAParoxy config in plain text
copy:
content: "{{ haproxy_config }}"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when: haproxy_config_override is defined
- name: Override with base64 config
block:
- set_fact:
haproxy_config: "{{ haproxy_config_base64_override | b64decode }}"
- name: Override HAParoxy with config in base64
copy:
content: "{{ haproxy_config }}"
dest: "/etc/haproxy/haproxy.cfg"
notify:
- Reload HAProxy
when: haproxy_config_base64_override is defined
- name: Add maps for HAProxy
include_tasks: map.yaml
when: haproxy_map is defined
- name: Add lua code for HAProxy
include_tasks: lua.yaml
when: haproxy_lua is defined
- name: Add certificate for HAProxy
include_tasks: cert.yaml
when: haproxy_ssl
- name: Enable and start HAProxy service
systemd:
name: haproxy
state: started
enabled: yes
daemon_reload: yes
register: haproxy_enable_and_start
- name: Include HAProxy install
include_tasks: "{{ ansible_facts['os_family'] }}.yaml"

6
vars/Debian-11.yaml Normal file
View File

@ -0,0 +1,6 @@
haproxy_package_name: "haproxy"
haproxy_version: "2.6.9"
haproxy_version_build: "1~bpo11+1"
haproxy_package: "{{ haproxy_package_name }}={{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_package_name_regex: "{{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_unit_name: "{{ haproxy_package_name }}"

7
vars/RedHat-8.yaml Normal file
View File

@ -0,0 +1,7 @@
haproxy_package_name: "haproxy"
haproxy_version: "1.8.27"
haproxy_version_build: "5"
haproxy_package: "{{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_package_name_regex: "{{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_unit_name: "{{ haproxy_package_name }}"

7
vars/RedHat-9.yaml Normal file
View File

@ -0,0 +1,7 @@
haproxy_package_name: "haproxy"
haproxy_version: "2.4.17"
haproxy_version_build: "3"
haproxy_package: "{{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_package_name_regex: "{{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_unit_name: "{{ haproxy_package_name }}"

6
vars/Ubuntu-20.04.yaml Normal file
View File

@ -0,0 +1,6 @@
haproxy_package_name: "haproxy"
haproxy_version: "2.0.29"
haproxy_version_build: "0ubuntu1.3"
haproxy_package: "{{ haproxy_package_name }}={{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_package_name_regex: "{{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_unit_name: "{{ haproxy_package_name }}"

6
vars/Ubuntu-22.04.yaml Normal file
View File

@ -0,0 +1,6 @@
haproxy_package_name: "haproxy"
haproxy_version: "2.4.18"
haproxy_version_build: "0ubuntu1.3"
haproxy_package: "{{ haproxy_package_name }}={{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_package_name_regex: "{{ haproxy_package_name }}-{{ haproxy_version }}-{{ haproxy_version_build }}"
haproxy_unit_name: "{{ haproxy_package_name }}"