- Notifications
You must be signed in to change notification settings - Fork248
Development repository for the haproxy cookbook
License
sous-chefs/haproxy
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Installs and configures HAProxy.
This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visitsous-chefs.org or come chat with us on the Chef Community Slack in#sous-chefs.
- HAProxy
stable
orLTS
- Chef 13.9+
This cookbook officially supports and is tested against the following platforms:
- debian: 9 & 10
- ubuntu: 20.04 & 21.04
- centos: 7 & 8
- centos-stream: 8
- fedora: latest
- amazonlinux: 2
PRs are welcome to add support for additional platforms.
Please check for working examples inthe test cookbook.
HAProxy has many configurable options available, this cookbook makes the most popular options available as resource properties.
If you wish to use a HAProxy property that is not listed theextra_options
hash is available to take in any number of additional values.
For example, the ability to disable listeners is not provided out of the box. Further examples can be found in eithertest/fixtures/recipes
orspec/test/recipes
. If you have questions on how this works or would like to add more examples so it is easier to understand, please come talk to us on theChef Community Slack on the #sous-chefs channel.
haproxy_listen'disabled'dobind'0.0.0.0:1337'mode'http'extra_options('disabled':'')end
Theextra_options
hash is ofString => String
orString => Array
. When anArray
value is provided. The values are looped over mapping the key to each value in the config.
For example:
haproxy_listen'default'doextra_options('http-request'=>['set-header X-Public-User yes','del-header X-Bad-Header'])end
Becomes:
listendefault ... http-request set-header X-Public-User yes http-request del-header X-Bad-Header
- haproxy_acl
- haproxy_backend
- haproxy_cache
- haproxy_config_defaults
- haproxy_config_global
- haproxy_fastcgi
- haproxy_frontend
- haproxy_install
- haproxy_listen
- haproxy_mailer
- haproxy_peer
- haproxy_resolver
- haproxy_service
- haproxy_use_backend
- haproxy_userlist
Thehaproxy.cfg
file has a few specific rule orderings that will generate validation errors if not loaded properly. If using any combination of the below rules, avoid the errors by loading the rules viaextra_options
to specify the top down order as noted below in config file.
tcp-request connection tcp-request session tcp-request content monitor fail http-request reqxxx (any req excluding reqadd, e.g. reqdeny, reqallow) reqadd redirect use_backend
extra_options('tcp-request'=>'connection set-src src,ipmask(24)','reqdeny'=>'^Host:\ .*\.local','reqallow'=>'^Host:\ www\.','use_backend'=>'dynamic')
http-request reqxxx (any req excluding reqadd, e.g. reqdeny, reqallow) reqadd redirect
extra_options('http-request'=>'set-path /%[hdr(host)]%[path]','reqdeny'=>'^Host:\ .*\.local','reqallow'=>'^Host:\ www\.','redirect'=>'dynamic')
This project exists thanks to all the people whocontribute.
Thank you to all our backers!
Support this project by becoming a sponsor. Your logo will show up here with a link to your website.
About
Development repository for the haproxy cookbook