From b83bb8991533f7b79221b5e42677a7e61769b685 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Wed, 20 Apr 2016 16:07:21 +0200
Subject: [PATCH] ansible-inventories/arocom#74 Enhance redirects

---
 defaults/main.yml     |  1 +
 tasks/configure.yml   |  1 +
 templates/haproxy_cfg | 54 ++++++++++++++++++++++++++++---------------
 3 files changed, 38 insertions(+), 18 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 78b961f..1b6a229 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -5,3 +5,4 @@ proxy_blacklist_ips: []
 proxy_timeout_connect: '5s'
 proxy_timeout_client: '20s'
 proxy_timeout_server: '45s'
+proxy_redirect_aliase: false
diff --git a/tasks/configure.yml b/tasks/configure.yml
index 41c31c4..ae1d271 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -45,6 +45,7 @@
             group=root
             mode=644
   #when: scope == 'all'
+  tags: Config
   notify: 'Proxy | Restart HAProxy'
 
 - name: "Proxy | Install update php script"
diff --git a/templates/haproxy_cfg b/templates/haproxy_cfg
index 804d4da..bb42b3c 100644
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -54,8 +54,22 @@ frontend http_in
   bind *:80
   acl blockedip src  -i -f /etc/haproxy/blacklist
   http-request deny if blockedip
+{% for host in groups['all'] %}
+{% for redirect in hostvars[host].proxy_redirect|default([]) %}
+  redirect prefix http://{{redirect.to}} if { hdr(host) -i -n {{redirect.from}} }
+{% endfor %}
+{% if proxy_redirect_aliase %}
+{% for drupal in hostvars[host].drupal_settings|default([]) %}
+{% for domain in drupal.domains|default([]) %}
+{% for alias in domain.aliases|default([]) %}
+  redirect prefix http://{{domain.domain}} if { hdr(host) -i -n {{alias}} }
+{% endfor %}
+{% endfor %}
+{% endfor %}
+{% endif %}
+{% endfor %}
 {% if kibana_users is defined %}
-  acl kibana_present hdr_dom(host) -i '{{ kibana_domain|default(inventory_hostname) }}'
+  acl kibana_present hdr(host) -i -n '{{ kibana_domain|default(inventory_hostname) }}'
   use_backend backend_redirect_ssl if kibana_present
 {% endif %}
 {% if varnish_host|default(false) %}
@@ -63,18 +77,13 @@ frontend http_in
   use_backend backend_varnish if static_content
 {% endif %}
 {% for host in groups['all'] %}
-{% for redirect in hostvars[host].proxy_redirect|default([]) %}
-  redirect prefix http://{{redirect.to}} if { hdr_dom(host) -i {{redirect.from}} }
-{% endfor %}
-{% endfor %}
-{% for host in groups['all'] %}
-  acl domain_in_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.list
+  acl domain_in_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
   use_backend backend_{{host}} if domain_in_{{host}}
 {% if hostvars[host].proxy_crm_domains is defined %}
-  acl crm_domain_in_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.crm.list
+  acl crm_domain_in_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.crm.list
   use_backend backend_{{host}} if crm_domain_in_{{host}}
 {% endif %}
-  acl redirect_ssl_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.ssl.list
+  acl redirect_ssl_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.ssl.list
   use_backend backend_redirect_ssl if redirect_ssl_{{host}}
 {% endfor %}
 {% for cert in proxy_certificates %}
@@ -83,8 +92,22 @@ frontend https_in_{{ cert.ip }}
   bind {{ cert.ip }}:443 ssl crt /etc/haproxy/certs/{{ cert.file }} no-sslv3
   acl blockedip src  -i -f /etc/haproxy/blacklist
   http-request deny if blockedip
+{% for host in groups['all'] %}
+{% for redirect in hostvars[host].proxy_redirect|default([]) %}
+  redirect prefix http://{{redirect.to}} if { hdr(host) -i -n {{redirect.from}} }
+{% endfor %}
+{% if proxy_redirect_aliase %}
+{% for drupal in hostvars[host].drupal_settings|default([]) %}
+{% for domain in drupal.domains|default([]) %}
+{% for alias in domain.aliases|default([]) %}
+  redirect prefix https://{{domain.domain}} if { hdr(host) -i -n {{alias}} }
+{% endfor %}
+{% endfor %}
+{% endfor %}
+{% endif %}
+{% endfor %}
 {% if kibana_users is defined %}
-  acl kibana_present hdr_dom(host) -i '{{ kibana_domain|default(inventory_hostname) }}'
+  acl kibana_present hdr(host) -i -n '{{ kibana_domain|default(inventory_hostname) }}'
   use_backend backend_kibana if kibana_present
 {% endif %}
 {% if varnish_host|default(false) %}
@@ -92,17 +115,12 @@ frontend https_in_{{ cert.ip }}
   use_backend backend_varnish if static_content
 {% endif %}
 {% for host in groups['all'] %}
-{% for redirect in hostvars[host].proxy_redirect|default([]) %}
-  redirect prefix https://{{redirect.to}} if { hdr_dom(host) -i {{redirect.from}} }
-{% endfor %}
-{% endfor %}
-{% for host in groups['all'] %}
-  acl ssl_domain_in_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.ssl.list
+  acl ssl_domain_in_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.ssl.list
   use_backend backend_{{host}} if ssl_domain_in_{{host}}
-  acl redirect_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.list
+  acl redirect_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
   use_backend backend_redirect if redirect_{{host}}
 {% if hostvars[host].proxy_crm_domains is defined %}
-  acl crm_redirect_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.list
+  acl crm_redirect_{{host}} hdr(host) -i -n -f /etc/haproxy/{{host}}.list
   use_backend backend_redirect if crm_redirect_{{host}}
 {% endif %}
 {% endfor %}
-- 
GitLab