configure.yml

---
# file: roles/haproxy/tasks/configure.yml

- name: "Backup current settings"
  archive:
    path=/etc/haproxy
    dest=/var/backups/haproxy-{{ lookup('pipe','date +%Y%m%d-%H%M%S') }}.tgz

- name: "Install SSL certificates"
  copy:
    src='{{inventory_dir}}/files/ssl/{{item.file}}'
    dest='/etc/haproxy/certs'
  with_items: '{{ proxy_certificates }}'
  when: not item.letsencrypt|default(false)
  notify: "Check HAProxy Config"

- name: "Create host lists"
  template:
    src='host_list'
    dest='/etc/haproxy/{{item}}.list'
    owner='root'
    group='root'
    mode='644'
  with_items: '{{ groups.webserver }}'
  notify: "Check HAProxy Config"

- name: "Create host ssl lists"
  template:
    src='host_ssl_list'
    dest='/etc/haproxy/{{item}}.ssl.list'
    owner='root'
    group='root'
    mode='644'
  with_items: '{{ groups.webserver }}'
  notify: "Check HAProxy Config"

- name: "Create host path lists"
  file:
    dest='/etc/haproxy/{{item}}.path.list'
    owner='root'
    group='root'
    mode='644'
    state='touch'
  with_items: '{{ groups.webserver }}'
  changed_when: false

- name: "Create use bigpipe host lists"
  template:
    src='use_bigpipe_list'
    dest='/etc/haproxy/use_bigpipe.list'
    owner='root'
    group='root'
    mode='644'
  notify: "Check HAProxy Config"

- name: "Create ignore varnish host lists"
  template:
    src='ignore_varnish_list'
    dest='/etc/haproxy/ignore_varnish.list'
    owner='root'
    group='root'
    mode='644'
  notify: "Check HAProxy Config"

- name: "Create empty crm lists files"
  file:
    dest='/etc/haproxy/{{item}}.crm.list'
    owner='root'
    group='root'
    mode='644'
    state='touch'
  with_items: '{{ groups.webserver }}'
  changed_when: false

- name: "Update blacklists"
  template:
    src='{{ item }}'
    dest='/etc/haproxy/{{ item }}'
    owner='root'
    group='root'
    mode='644'
  with_items:
    - 'blacklist.ip'
    - 'blacklist.referer'
    - 'blacklist.agent'
  notify: "Check HAProxy Config"

- name: "Create config file"
  template:
    src='haproxy_cfg.jinja2'
    dest='/etc/haproxy/haproxy.cfg'
    owner='root'
    group='root'
    mode='644'
  notify: "Check HAProxy Config"