---
# file: roles/haproxy/tasks/configure.yml
- name: "Backup current settings"
archive:
path=/etc/haproxy
dest=/var/backups/haproxy-{{ lookup('pipe','date +%Y%m%d-%H%M%S') }}.tgz
- name: "Install SSL certificates"
copy:
src='{{inventory_dir}}/files/ssl/{{item.file}}'
dest='/etc/haproxy/certs'
with_items: '{{ proxy_certificates }}'
when: not item.letsencrypt|default(false)
notify: "Check HAProxy Config"
- name: "Create host lists"
template:
src='host_list'
dest='/etc/haproxy/{{item}}.list'
owner='root'
group='root'
mode='644'
with_items: '{{ groups.webserver }}'
notify: "Check HAProxy Config"
- name: "Create host ssl lists"
template:
src='host_ssl_list'
dest='/etc/haproxy/{{item}}.ssl.list'
owner='root'
group='root'
mode='644'
with_items: '{{ groups.webserver }}'
notify: "Check HAProxy Config"
- name: "Create host path lists"
file:
dest='/etc/haproxy/{{item}}.path.list'
owner='root'
group='root'
mode='644'
state='touch'
with_items: '{{ groups.webserver }}'
changed_when: false
- name: "Create use bigpipe host lists"
template:
src='use_bigpipe_list'
dest='/etc/haproxy/use_bigpipe.list'
owner='root'
group='root'
mode='644'
notify: "Check HAProxy Config"
- name: "Create ignore varnish host lists"
template:
src='ignore_varnish_list'
dest='/etc/haproxy/ignore_varnish.list'
owner='root'
group='root'
mode='644'
notify: "Check HAProxy Config"
- name: "Create empty crm lists files"
file:
dest='/etc/haproxy/{{item}}.crm.list'
owner='root'
group='root'
mode='644'
state='touch'
with_items: '{{ groups.webserver }}'
changed_when: false
- name: "Update blacklists"
template:
src='{{ item }}'
dest='/etc/haproxy/{{ item }}'
owner='root'
group='root'
mode='644'
with_items:
- 'blacklist.ip'
- 'blacklist.referer'
- 'blacklist.agent'
notify: "Check HAProxy Config"
- name: "Create config file"
template:
src='haproxy_cfg.jinja2'
dest='/etc/haproxy/haproxy.cfg'
owner='root'
group='root'
mode='644'
notify: "Check HAProxy Config"