Skip to content
Snippets Groups Projects
Commit e5c1676b authored by jurgenhaas's avatar jurgenhaas
Browse files

Add support for extra lines in proxy config

parent 27ad6e0f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
templates/haproxy_cfg.jinja2
+ 6
0
View file @ e5c1676b
...@@ -85,6 +85,9 @@ frontend http_in ...@@ -85,6 +85,9 @@ frontend http_in
acl private_auth http_auth(notprivate) if !privateip acl private_auth http_auth(notprivate) if !privateip
http-request auth realm notprivate if !letsencrypt_challenge privatedomain !privateip !private_auth http-request auth realm notprivate if !letsencrypt_challenge privatedomain !privateip !private_auth
{% endif %} {% endif %}
{% for line in proxy_extra_lines|default([]) %}
{{ line }}
{% endfor %}
{% for host in groups['all']|sort %} {% for host in groups['all']|sort %}
{% for redirect in hostvars[host].proxy_redirect|default([]) %} {% for redirect in hostvars[host].proxy_redirect|default([]) %}
{% for from in redirect.from %} {% for from in redirect.from %}
...@@ -206,6 +209,9 @@ frontend https_in_{{ cert.ip }} ...@@ -206,6 +209,9 @@ frontend https_in_{{ cert.ip }}
acl private_auth http_auth(notprivate) if !privateip acl private_auth http_auth(notprivate) if !privateip
http-request auth realm notprivate if privatedomain !privateip !private_auth http-request auth realm notprivate if privatedomain !privateip !private_auth
{% endif %} {% endif %}
{% for line in proxy_extra_lines|default([]) %}
{{ line }}
{% endfor %}
acl blockedip src -f /etc/haproxy/blacklist.ip acl blockedip src -f /etc/haproxy/blacklist.ip
http-request deny if blockedip http-request deny if blockedip
acl blockedreferer hdr_sub(referer) -i -f /etc/haproxy/blacklist.referer acl blockedreferer hdr_sub(referer) -i -f /etc/haproxy/blacklist.referer
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment