Update haproxy role and make it more generic

Signed-off-by: Eric D. Helms <[email protected]>
theforeman · Jan 9, 2025 · e052274 · e052274
1 parent e7a0f21
commit e052274
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 91 deletions.
diff --git a/playbooks/haproxy.yml b/playbooks/haproxy.yml
@@ -0,0 +1,4 @@
+- hosts: all
+  become: true
+  roles:
+    - haproxy
diff --git a/roles/haproxy/defaults/main.yml b/roles/haproxy/defaults/main.yml
@@ -0,0 +1 @@
+haproxy_targets: []
diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml
@@ -1,28 +1,25 @@
 ---
-- name: discover foreman proxies
-  setup:
-  delegate_to: "{{ item }}"
-  delegate_facts: yes
-  with_items:
-    - "{{ foreman_proxies }}"
 - name: install haproxy
-  package:
+  ansible.builtin.package:
     name: haproxy
     state: present
+
 - name: set haproxy_connect_any
-  seboolean:
+  ansible.builtin.seboolean:
     name: haproxy_connect_any
     state: yes
     persistent: yes
+
 - name: configure haproxy
-  template:
+  ansible.builtin.template:
     dest: /etc/haproxy/haproxy.cfg
     src: haproxy.cfg.j2
     validate: haproxy -c -f %s
   notify:
     - restart haproxy
+
 - name: enable haproxy
-  service:
+  ansible.builtin.service:
     name: haproxy
     state: started
     enabled: yes
diff --git a/roles/haproxy/templates/haproxy.cfg.j2 b/roles/haproxy/templates/haproxy.cfg.j2
@@ -61,8 +61,8 @@ frontend https
 backend f-proxy-https
    option tcp-check
    balance source
-{% for host in foreman_proxies %}
-   server f-proxy-https-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:443 check
+{% for host in haproxy_targets %}
+   server f-proxy-https-{{loop.index}} {{ host }}:443 check
 {% endfor %}
 
 #http
@@ -75,25 +75,10 @@ frontend http
 backend f-proxy-http
    option tcp-check
    balance roundrobin
-{% for host in foreman_proxies %}
-   server f-proxy-http-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:80 check
+{% for host in haproxy_targets %}
+   server f-proxy-http-{{loop.index}} {{ host }}:80 check
 {% endfor %}
 
-#amqp
-frontend amqp
-   bind *:5647
-   mode tcp
-   option              	tcplog
-   default_backend f-proxy-amqp
-
-backend f-proxy-amqp
-   option tcp-check
-   balance roundrobin
-{% for host in foreman_proxies %}
-   server f-proxy-amqp-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:5647 check
-{% endfor %}
-
-
 #anaconda
 frontend anaconda
    bind *:8000
@@ -104,74 +89,20 @@ frontend anaconda
 backend f-proxy-anaconda
    option tcp-check
    balance roundrobin
-{% for host in foreman_proxies %}
-   server f-proxy-anaconda-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:8000 check
-{% endfor %}
-
-#puppet
-frontend puppet
-   bind *:8140
-   mode tcp
-   option              	tcplog
-   default_backend f-proxy-puppet
-
-backend f-proxy-puppet
-   option tcp-check
-   balance roundrobin
-{% for host in foreman_proxies %}
-   server f-proxy-puppet-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:8140 check
+{% for host in haproxy_targets %}
+   server f-proxy-anaconda-{{loop.index}} {{ host }}:8000 check
 {% endfor %}
 
-#puppet-ca
-frontend puppet-ca
-   bind *:8141
-   mode tcp
-   option              	tcplog
-   default_backend f-proxy-puppet-ca
-
-backend f-proxy-puppet-ca
-   option tcp-check
-   balance roundrobin
-   server f-proxy-puppet-ca-1 {{ hostvars[foreman_proxies[0]].ansible_default_ipv4.address }}:8140 check
-
-#rhsm
-frontend rhsm
-   bind *:8443
-   mode tcp
-   option              	tcplog
-   default_backend f-proxy-rhsm
-
-backend f-proxy-rhsm
-   option tcp-check
-   balance roundrobin
-{% for host in foreman_proxies %}
-   server f-proxy-rhsm-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:8443 check
-{% endfor %}
-
-#scap
-frontend scap
+#smart-proxy
+frontend smart-proxy
    bind *:9090
    mode tcp
    option              	tcplog
-   default_backend f-proxy-scap
-
-backend f-proxy-scap
-   option tcp-check
-   balance roundrobin
-{% for host in foreman_proxies %}
-   server f-proxy-scap-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:9090 check
-{% endfor %}
-
-#docker
-frontend docker
-   bind *:5000
-   mode tcp
-   option              	tcplog
-   default_backend f-proxy-docker
+   default_backend f-proxy-smart-proxy
 
-backend f-proxy-docker
+backend f-proxy-smart-proxy
    option tcp-check
    balance roundrobin
-{% for host in foreman_proxies %}
-   server f-proxy-docker-{{loop.index}} {{ hostvars[host].ansible_default_ipv4.address }}:5000 check
+{% for host in haproxy_targets %}
+   server f-proxy-smart-proxy-{{loop.index}} {{ host }}:9090 check
 {% endfor %}