From ce77fac3af314b9d51e1d094183f7005ef31f9ab Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Thu, 25 Oct 2018 16:54:36 +0200
Subject: [PATCH] ansible-inventories/zehnder#1833 Build logic for special host
 routing

---
 templates/haproxy_cfg.jinja2 | 26 ++++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/templates/haproxy_cfg.jinja2 b/templates/haproxy_cfg.jinja2
index 9f8559e..dd930d0 100644
--- a/templates/haproxy_cfg.jinja2
+++ b/templates/haproxy_cfg.jinja2
@@ -153,6 +153,15 @@ frontend http_in
   use_backend backend_redirect_ssl if kibana_present
 {% endif %}
 {% if 'webserver' in groups %}
+{% for host in groups['webserver']|sort %}
+  http-request set-header x-routing-host {{ host }} if !letsencrypt_challenge { hdr(x-routing-host) undefined } { hdr(host) -i -n -f /etc/haproxy/{{host}}.list }
+{% endfor %}
+{% for host in groups['webserver']|sort %}
+{% if hostvars[host].routing_special_host is defined %}
+  http-request set-header x-routing-host {{ hostvars[host].routing_special_host }} if !letsencrypt_challenge !{ hdr(x-routing-special-host) -m found } { hdr(x-routing-host) {{ host }} }
+  http-request set-header x-routing-host {{ host }} if !letsencrypt_challenge { hdr(x-routing-special-host) -m found } { hdr(x-routing-host) {{ hostvars[host].routing_special_host }} }
+{% endif %}
+{% endfor %}
 {% for host in groups['webserver']|sort %}
   acl redirect_ssl_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.ssl.list
   use_backend backend_redirect_ssl if redirect_ssl_{{host}}
@@ -174,11 +183,6 @@ frontend http_in
 {% for host in groups['webserver']|sort %}
   use_backend backend_{{ host }}_bigpipe if domain_uses_bigpipe { hdr(x-routing-host) {{ host }} }
   use_backend backend_{{ host }} if { hdr(x-routing-host) {{ host }} }
-{% endfor %}
-{% for host in groups['webserver']|sort %}
-  acl domain_in_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
-  use_backend backend_{{host}}_bigpipe if domain_uses_bigpipe domain_in_{{host}}
-  use_backend backend_{{host}} if domain_in_{{host}}
 {% for rule in hostvars[host].proxy_special_rules|default([]) %}
   acl proxy_special_rules_{{host}}_{{rule}} {{ hostvars[host].proxy_special_rules[rule] }}
   use_backend backend_{{host}} if proxy_special_rules_{{host}}_{{rule}}
@@ -294,6 +298,15 @@ frontend https_in_{{ cert.ip }}
   acl crm_redirect_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
   use_backend backend_redirect if crm_redirect_{{host}}
 {% endfor %}
+{% for host in groups['webserver']|sort %}
+  http-request set-header x-routing-host {{ host }} if { hdr(x-routing-host) undefined } { hdr(host) -i -n -f /etc/haproxy/{{host}}.ssl.list }
+{% endfor %}
+{% for host in groups['webserver']|sort %}
+{% if hostvars[host].routing_special_host is defined %}
+  http-request set-header x-routing-host {{ hostvars[host].routing_special_host }} if !{ hdr(x-routing-special-host) -m found } { hdr(x-routing-host) {{ host }} }
+  http-request set-header x-routing-host {{ host }} if { hdr(x-routing-special-host) -m found } { hdr(x-routing-host) {{ hostvars[host].routing_special_host }} }
+{% endif %}
+{% endfor %}
 {% endif %}
   acl domain_uses_bigpipe hdr(host) -i -n -f /etc/haproxy/use_bigpipe.list
 {% if varnish_host|default(false) %}
@@ -309,9 +322,6 @@ frontend https_in_{{ cert.ip }}
   use_backend backend_{{ host }}_https if { hdr(x-routing-host) {{ host }} }
 {% endfor %}
 {% for host in groups['webserver']|sort %}
-  acl ssl_domain_in_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.ssl.list
-  use_backend backend_{{host}}_https_bigpipe if domain_uses_bigpipe ssl_domain_in_{{host}}
-  use_backend backend_{{host}}_https if ssl_domain_in_{{host}}
   acl redirect_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
   use_backend backend_redirect if redirect_{{host}}
 {% for rule in hostvars[host].proxy_special_rules|default([]) %}
-- 
GitLab