From 0c25142b2eb043c2d7700d82e1d7f2fcb3eaf05f Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Mon, 19 Sep 2016 11:25:14 +0200
Subject: [PATCH] ansible-inventories/arocom#172 Deny requests for
 domaintrade.org/domains

---
 templates/haproxy_cfg | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/templates/haproxy_cfg b/templates/haproxy_cfg
index ba761a4..cb58244 100644
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -66,7 +66,11 @@ frontend http_in
 {% for redirect in hostvars[host].proxy_redirect|default([]) %}
 {% for from in redirect.from %}
 {% for path in redirect.paths|default([]) %}
+{% if path.deny|default(false) %}
+  http-request deny if { hdr(host) -i -n {{from}}{% if path.from is defined %} } { path_beg /{{path.from}}{% endif %} }
+{% else %}
   redirect location {{ redirect.protocol|default('https') }}://{{redirect.to}}/{{path.to|default('')}} code 301 if { hdr(host) -i -n {{from}}{% if path.from is defined %} } { path_beg /{{path.from}}{% endif %} }
+{% endif %}
 {% endfor %}
   redirect prefix {{ redirect.protocol|default('https') }}://{{redirect.to}} code 301 if { hdr(host) -i -n {{from}} }
 {% endfor %}
@@ -129,7 +133,11 @@ frontend https_in_{{ cert.ip }}
 {% for redirect in hostvars[host].proxy_redirect|default([]) %}
 {% for from in redirect.from %}
 {% for path in redirect.paths|default([]) %}
+{% if path.deny|default(false) %}
+  http-request deny if { hdr(host) -i -n {{from}}{% if path.from is defined %} } { path_beg /{{path.from}}{% endif %} }
+{% else %}
   redirect location {{ redirect.protocol|default('https') }}://{{redirect.to}}/{{path.to|default('')}} code 301 if { hdr(host) -i -n {{from}}{% if path.from is defined %} } { path_beg /{{path.from}}{% endif %} }
+{% endif %}
 {% endfor %}
   redirect prefix {{ redirect.protocol|default('https') }}://{{redirect.to}} code 301 if { hdr(host) -i -n {{from}} }
 {% endfor %}
-- 
GitLab