Allow haproxy_private to be limited to certain domains only

5e708914 · jurgenhaas · 4809be21 · 5e708914 · 5e708914
Commit 5e708914 authored 7 years ago by jurgenhaas
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -102,7 +102,7 @@
    owner='root'
    group='root'
    mode='644'
-  when: haproxy_private is defined and haproxy_private.domain
+  when: haproxy_private is defined and haproxy_private.domain is defined
  notify: "Check HAProxy Config"
 - name: "Create config file"

--- a/templates/haproxy_cfg.jinja2
+++ b/templates/haproxy_cfg.jinja2
@@ -64,7 +64,7 @@ frontend http_in
 {% if haproxy_private.domain is defined %}
  acl privatedomain hdr(host) -i -n -f /etc/haproxy/privatelist.domain
 {% else %}
-  acl privatedomain if true
+  acl privatedomain hdr_cnt(X_Dummy) eq 0
 {% endif %}
  acl privateip src -f /etc/haproxy/privatelist.ip
  acl private_auth http_auth(notprivate) if !privateip
@@ -191,7 +191,7 @@ frontend https_in_{{ cert.ip }}
 {% if haproxy_private.domain is defined %}
  acl privatedomain hdr(host) -i -n -f /etc/haproxy/privatelist.domain
 {% else %}
-  acl privatedomain if true
+  acl privatedomain hdr_cnt(X_Dummy) eq 0
 {% endif %}
  acl privateip src -f /etc/haproxy/privatelist.ip
  acl private_auth http_auth(notprivate) if !privateip