Newer
Older
---
# file: roles/haproxy/tasks/configure.yml
- name: "Proxy | Install SSL certificates"
copy:
src='{{inventory_dir}}/files/ssl/{{item.file}}'
dest='/etc/haproxy/certs'
with_items: '{{ proxy_certificates }}'
when: not item.letsencrypt|default(false)
notify: 'Proxy | Restart HAProxy'
- name: "Proxy | Create host lists"
template:
src='host_list'
dest='/etc/haproxy/{{item}}.list'
owner='root'
group='root'
mode='644'
jurgenhaas
committed
with_items: '{{ groups.webserver }}'
notify: 'Proxy | Restart HAProxy'
- name: "Proxy | Create host ssl lists"
template:
src='host_ssl_list'
dest='/etc/haproxy/{{item}}.ssl.list'
owner='root'
group='root'
mode='644'
jurgenhaas
committed
with_items: '{{ groups.webserver }}'
jurgenhaas
committed
- name: "Proxy | Create host path lists"
file:
dest='/etc/haproxy/{{item}}.path.list'
owner='root'
group='root'
mode='644'
state='touch'
with_items: '{{ groups.webserver }}'
changed_when: false
jurgenhaas
committed
- name: "Proxy | Create use bigpipe host lists"
template:
src='use_bigpipe_list'
dest='/etc/haproxy/use_bigpipe.list'
owner='root'
group='root'
mode='644'
notify: 'Proxy | Restart HAProxy'
- name: "Proxy | Create ignore varnish host lists"
template:
src='ignore_varnish_list'
dest='/etc/haproxy/ignore_varnish.list'
owner='root'
group='root'
mode='644'
notify: 'Proxy | Restart HAProxy'
file:
dest='/etc/haproxy/{{item}}.crm.list'
owner='root'
group='root'
mode='644'
state='touch'
jurgenhaas
committed
with_items: '{{ groups.webserver }}'
changed_when: false
template:
src='haproxy_cfg'
dest='/etc/haproxy/haproxy.cfg'
owner='root'
group='root'
mode='644'
- name: "Proxy | Update blacklists"
template:
src='{{ item }}'
dest='/etc/haproxy/{{ item }}'
owner='root'
group='root'
mode='644'
with_items:
- 'blacklist.ip'
- 'blacklist.referer'
- 'blacklist.agent'