From ebadd0e2349c5157e4d461b7ad12b931e78266f1 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Sat, 28 Jul 2018 13:41:04 +0200
Subject: [PATCH] Support custom items for blacklists

---
 tasks/blacklists.yml        | 15 +++++++++++++++
 tasks/configure.yml         | 13 -------------
 tasks/main.yml              |  7 ++++++-
 templates/blacklist.agent   |  5 +++++
 templates/blacklist.ip      |  5 +++++
 templates/blacklist.referer |  5 +++++
 6 files changed, 36 insertions(+), 14 deletions(-)
 create mode 100644 tasks/blacklists.yml

diff --git a/tasks/blacklists.yml b/tasks/blacklists.yml
new file mode 100644
index 0000000..9cc0294
--- /dev/null
+++ b/tasks/blacklists.yml
@@ -0,0 +1,15 @@
+---
+# file: roles/haproxy/tasks/blacklists.yml
+
+- name: "Update blacklists"
+  template:
+    src: '{{ item }}'
+    dest: '/etc/haproxy/{{ item }}'
+    owner: 'root'
+    group: 'root'
+    mode: '644'
+  with_items:
+    - 'blacklist.ip'
+    - 'blacklist.referer'
+    - 'blacklist.agent'
+  notify: "Check HAProxy Config"
diff --git a/tasks/configure.yml b/tasks/configure.yml
index 09b168f..daa142e 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -72,19 +72,6 @@
   with_items: '{{ groups.webserver|default([]) }}'
   changed_when: false
 
-- name: "Update blacklists"
-  template:
-    src='{{ item }}'
-    dest='/etc/haproxy/{{ item }}'
-    owner='root'
-    group='root'
-    mode='644'
-  with_items:
-    - 'blacklist.ip'
-    - 'blacklist.referer'
-    - 'blacklist.agent'
-  notify: "Check HAProxy Config"
-
 - name: "Update private ips"
   template:
     src='privatelist.ip.jinja2'
diff --git a/tasks/main.yml b/tasks/main.yml
index 8d30eb1..8e91062 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -9,7 +9,12 @@
 
   - import_tasks: install.yml
   - import_tasks: configure.yml
-    tags: 'Config'
+    tags:
+      - 'Config'
+  - import_tasks: blacklists.yml
+    tags:
+      - 'Config'
+      - 'Blacklists'
 
   when: '"haproxy" not in excluded_roles'
 
diff --git a/templates/blacklist.agent b/templates/blacklist.agent
index cabc010..a54ecab 100644
--- a/templates/blacklist.agent
+++ b/templates/blacklist.agent
@@ -1,3 +1,8 @@
+{% if ansible_local is defined and ansible_local.blacklist is defined %}
+{% for line in ansible_local.blacklist.agent|default([]) %}
+{{line}}
+{% endfor %}
+{% endif %}
 {% for line in proxy_blacklist.agent|default([]) %}
 {{line}}
 {% endfor %}
diff --git a/templates/blacklist.ip b/templates/blacklist.ip
index 0208f40..672e165 100644
--- a/templates/blacklist.ip
+++ b/templates/blacklist.ip
@@ -1,3 +1,8 @@
+{% if ansible_local is defined and ansible_local.blacklist is defined %}
+{% for line in ansible_local.blacklist.ip|default([]) %}
+{{line}}
+{% endfor %}
+{% endif %}
 {% for line in proxy_blacklist.ip|default([]) %}
 {{line}}
 {% endfor %}
diff --git a/templates/blacklist.referer b/templates/blacklist.referer
index 6f24a2a..1e8fa99 100644
--- a/templates/blacklist.referer
+++ b/templates/blacklist.referer
@@ -1,3 +1,8 @@
+{% if ansible_local is defined and ansible_local.blacklist is defined %}
+{% for line in ansible_local.blacklist.referer|default([]) %}
+{{line}}
+{% endfor %}
+{% endif %}
 {% for line in proxy_blacklist.referer|default([]) %}
 {{line}}
 {% endfor %}
-- 
GitLab