From 5e708914b762d0c3e3304381811e41378eabd2be Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Fri, 26 Jan 2018 13:50:57 +0100
Subject: [PATCH] Allow haproxy_private to be limited to certain domains only

---
 tasks/configure.yml          | 2 +-
 templates/haproxy_cfg.jinja2 | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tasks/configure.yml b/tasks/configure.yml
index 9d62797..55c4a0c 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -102,7 +102,7 @@
     owner='root'
     group='root'
     mode='644'
-  when: haproxy_private is defined and haproxy_private.domain
+  when: haproxy_private is defined and haproxy_private.domain is defined
   notify: "Check HAProxy Config"
 
 - name: "Create config file"
diff --git a/templates/haproxy_cfg.jinja2 b/templates/haproxy_cfg.jinja2
index c252b7b..33cd2fb 100644
--- a/templates/haproxy_cfg.jinja2
+++ b/templates/haproxy_cfg.jinja2
@@ -64,7 +64,7 @@ frontend http_in
 {% if haproxy_private.domain is defined %}
   acl privatedomain hdr(host) -i -n -f /etc/haproxy/privatelist.domain
 {% else %}
-  acl privatedomain if true
+  acl privatedomain hdr_cnt(X_Dummy) eq 0
 {% endif %}
   acl privateip src -f /etc/haproxy/privatelist.ip
   acl private_auth http_auth(notprivate) if !privateip
@@ -191,7 +191,7 @@ frontend https_in_{{ cert.ip }}
 {% if haproxy_private.domain is defined %}
   acl privatedomain hdr(host) -i -n -f /etc/haproxy/privatelist.domain
 {% else %}
-  acl privatedomain if true
+  acl privatedomain hdr_cnt(X_Dummy) eq 0
 {% endif %}
   acl privateip src -f /etc/haproxy/privatelist.ip
   acl private_auth http_auth(notprivate) if !privateip
-- 
GitLab