From 0f238f83699bdfacd4b323b35a64d000e2805db9 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Fri, 7 Apr 2017 10:13:11 +0200
Subject: [PATCH] ansible-inventories/tineon#317 Define extra ACL in proxy for
 Ophinex

---
 templates/haproxy_cfg.jinja2 | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/templates/haproxy_cfg.jinja2 b/templates/haproxy_cfg.jinja2
index ed5373d..bc8ef97 100644
--- a/templates/haproxy_cfg.jinja2
+++ b/templates/haproxy_cfg.jinja2
@@ -286,6 +286,9 @@ backend backend_{{host}}
 {% if host == inventory_hostname or host == 'localhost' %}
   http-response deny
 {% else %}
+{% for line in hostvars[host]['proxy_backend_extra_lines']|default([]) %}
+  {{ line }}
+{% endfor %}
   server server_{{host}} {{hostvars[host]['static_ipv4']}}:80 check maxconn {{hostvars[host]['proxy_maxconn']|default(proxy_maxconn)}}
 {% endif %}
 
@@ -293,6 +296,9 @@ backend backend_{{host}}_bigpipe
 {% if host == inventory_hostname or host == 'localhost' %}
   http-response deny
 {% else %}
+{% for line in hostvars[host]['proxy_backend_extra_lines']|default([]) %}
+  {{ line }}
+{% endfor %}
   no option http-buffer-request
   server server_{{host}} {{hostvars[host]['static_ipv4']}}:80 check maxconn {{hostvars[host]['proxy_maxconn']|default(proxy_maxconn)}}
 {% endif %}
@@ -301,6 +307,9 @@ backend backend_{{host}}_https
 {% if host == inventory_hostname or host == 'localhost' %}
   http-response deny
 {% else %}
+{% for line in hostvars[host]['proxy_backend_extra_lines']|default([]) %}
+  {{ line }}
+{% endfor %}
   http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
   server server_{{host}} {{hostvars[host]['static_ipv4']}}:80 check maxconn {{hostvars[host]['proxy_maxconn']|default(proxy_maxconn)}}
 {% endif %}
@@ -309,6 +318,9 @@ backend backend_{{host}}_https_bigpipe
 {% if host == inventory_hostname or host == 'localhost' %}
   http-response deny
 {% else %}
+{% for line in hostvars[host]['proxy_backend_extra_lines']|default([]) %}
+  {{ line }}
+{% endfor %}
   no option http-buffer-request
   http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
   server server_{{host}} {{hostvars[host]['static_ipv4']}}:80 check maxconn {{hostvars[host]['proxy_maxconn']|default(proxy_maxconn)}}
-- 
GitLab