From e230bae808187ba7f9ef3dd8ac9a986dee6c47cf Mon Sep 17 00:00:00 2001 From: ace Date: Sun, 12 Mar 2023 20:44:33 +0300 Subject: [PATCH] fix selinux and make default config working with haproxy up to v2.6.10 --- defaults/main.yaml | 2 -- tasks/main.yaml | 20 +++++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/defaults/main.yaml b/defaults/main.yaml index 409e98a..21fda4a 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -14,7 +14,6 @@ haproxy_default_config: daemon: chroot: /var/lib/haproxy maxconn: 200000 - nbproc: "{{ '2' if ansible_facts['processor_nproc'] > 1 }}" user: haproxy group: haproxy pidfile: /var/run/haproxy.pid @@ -22,7 +21,6 @@ haproxy_default_config: - "127.0.0.1 local0" stats: - "socket /var/lib/haproxy/stats mode 0660 level admin" - - "bind-process {{ '2' if ansible_facts['processor_nproc'] > 1 }}" 'tune.ssl.default-dh-param': 2048 defaults: log: diff --git a/tasks/main.yaml b/tasks/main.yaml index 120e209..6a9541c 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -4,21 +4,23 @@ name: haproxy state: present -- name: Install python2-cryptography - package: - name: python2-cryptography +- name: Install python2-cryptography and libsemanage-python + yum: + name: + - python2-cryptography + - libsemanage-python when: - ansible_facts['os_family'] == 'RedHat' - ansible_facts['distribution_major_version'] <= '7' - - haproxy_self_signed_cert -- name: Install python3-cryptography - package: - name: python3-cryptography +- name: Install python3-cryptography and python3-libsemanage + dnf: + name: + - python3-cryptography + - python3-libsemanage when: - ansible_facts['os_family'] == 'RedHat' - - ansible_facts['distribution_major_version'] == '8' or ansible_facts['distribution_major_version'] == '9' - - haproxy_self_signed_cert + - ansible_facts['distribution_major_version'] >= '8' - name: Set haproxy_connect_any flag on and keep it persistent across reboots ansible.posix.seboolean: