From 4c466870ece0b1c2a6b67108d878a8fd41646801 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Thu, 28 Jul 2016 11:30:45 +0200
Subject: [PATCH] Check for http/https redirects early in the process

---
 templates/haproxy_cfg | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/templates/haproxy_cfg b/templates/haproxy_cfg
index c87b983..f355dbe 100644
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -84,6 +84,10 @@ frontend http_in
   acl kibana_present hdr(host) -i -n '{{ kibana_domain|default(inventory_hostname) }}'
   use_backend backend_redirect_ssl if kibana_present
 {% endif %}
+{% for host in groups['all'] %}
+  acl redirect_ssl_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.ssl.list
+  use_backend backend_redirect_ssl if redirect_ssl_{{host}}
+{% endfor %}
   acl domain_uses_bigpipe hdr(host) -i -n -f /etc/haproxy/use_bigpipe.list
 {% if varnish_host|default(false) %}
   acl domain_ignores_varnish hdr(host) -i -n -f /etc/haproxy/ignore_varnish.list
@@ -99,8 +103,6 @@ frontend http_in
   acl crm_domain_in_{{host}} hdr_dom(host) -i -n -f /etc/haproxy/{{host}}.crm.list
   use_backend backend_{{host}} if crm_domain_in_{{host}}
 {% endif %}
-  acl redirect_ssl_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.ssl.list
-  use_backend backend_redirect_ssl if redirect_ssl_{{host}}
 {% endfor %}
 {% for cert in proxy_certificates %}
 
@@ -141,6 +143,10 @@ frontend https_in_{{ cert.ip }}
 {% for external in cert.external|default([]) %}
   acl is_{{ external.key }} {{ external.acl }}
   use_backend backend_{{ external.key }} if is_{{ external.key }}
+{% endfor %}
+{% for host in groups['all'] %}
+  acl crm_redirect_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
+  use_backend backend_redirect if crm_redirect_{{host}}
 {% endfor %}
   acl domain_uses_bigpipe hdr(host) -i -n -f /etc/haproxy/use_bigpipe.list
 {% if varnish_host|default(false) %}
@@ -156,8 +162,6 @@ frontend https_in_{{ cert.ip }}
   acl redirect_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
   use_backend backend_redirect if redirect_{{host}}
 {% if hostvars[host].proxy_crm_domains is defined %}
-  acl crm_redirect_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
-  use_backend backend_redirect if crm_redirect_{{host}}
 {% endif %}
 {% endfor %}
 {% for external in cert.external|default([]) %}
-- 
GitLab