haproxy/map.jinja - salt-formulas/haproxy - Gitiles

 {% set stats_socket_default = '/run/haproxy/admin.sock' %}
 {% set cpu_map_pillar = salt['pillar.get'](key='haproxy:proxy:cpu_map', default={}) %}
 {% set cpu_map_default = [] %}

 {% if cpu_map_pillar|length > 0 %}
     {%- for process, cpu in cpu_map_pillar.items() %}
         {{ cpu_map_default.append(process|string+' '+cpu|string) }}
     {%- endfor %}
 {% endif %}

 {% set global_parameters = {
     'chroot': '/var/lib/haproxy',
     'daemon': true,
     'group': 'haproxy',
     'cpu-map': cpu_map_pillar,
     'log': [
         '/dev/log local0',
         '/dev/log local1 notice',
     ],
     'log-send-hostname': '',
     'nbproc': salt['pillar.get'](key='haproxy:proxy:nbproc', default=''),
     'pidfile': '/var/run/haproxy.pid',
     'user': 'haproxy',
     'stats': [
         'socket ' + salt['pillar.get'](key='haproxy:proxy:stats_socket', default=stats_socket_default) + ' mode 660 level admin',
         'timeout 30s',
         'bind-process ' + salt['pillar.get'](key='haproxy:proxy:stats_bind_process', default=''),
     ],
     'maxconn': 25000,
     'spread-checks': 4,
     'tune_bufsize': 32768,
     'tune_maxrewrite': 1024,
     }
 %}

 {% set proxy = salt['grains.filter_by']({
     'Debian': {
         'pkgs': ['haproxy'],
         'service': 'haproxy',
         'stats_socket': stats_socket_default,
         'global': global_parameters,
         'forwardfor': {
             'enabled': true,
             'except': '127.0.0.1',
         },
     },
     'RedHat': {
         'pkgs': ['haproxy'],
         'service': 'haproxy',
         'stats_socket': stats_socket_default,
         'global': global_parameters,
         'forwardfor': {
             'enabled': true,
             'except': '127.0.0.1',
         },
     },
 }, merge=salt['pillar.get']('haproxy:proxy')) %}

 {% set invalid_section_options = {
     'frontend': [
         'abortonclose',
         'accept-invalid-http-response',
         'allbackups',
         'checkcache',
         'external-check',
         'httpchk',
         'ldap-check',
         'log-health-checks',
         'mysql-check',
         'persist',
         'pgsql-check',
         'prefer-last-server',
         'redis-check',
         'redispatch',
         'smtpchk',
         'srvtcpka',
         'ssl-hello-chk',
         'tcp-check',
         'tcp-smart-connect',
         'tcpka',
         'tcplog',
         'transparent',
     ],
     'backend': [
         'accept-invalid-http-request',
         'clitcpka',
         'contstats',
         'dontlog-normal',
         'dontlognull',
         'http-ignore-probes',
         'http-use-proxy-header',
         'log-separate-errors',
         'logasap',
         'socket-stats',
         'tcp-smart-accept',
         'tcpka',
         'tcplog',
     ],
 }
 %}
	{% set stats_socket_default = '/run/haproxy/admin.sock' %}
	{% set cpu_map_pillar = salt['pillar.get'](key='haproxy:proxy:cpu_map', default={}) %}
	{% set cpu_map_default = [] %}

	{% if cpu_map_pillar\|length > 0 %}
	{%- for process, cpu in cpu_map_pillar.items() %}
	{{ cpu_map_default.append(process\|string+' '+cpu\|string) }}
	{%- endfor %}
	{% endif %}

	{% set global_parameters = {
	'chroot': '/var/lib/haproxy',
	'daemon': true,
	'group': 'haproxy',
	'cpu-map': cpu_map_pillar,
	'log': [
	'/dev/log local0',
	'/dev/log local1 notice',
	],
	'log-send-hostname': '',
	'nbproc': salt['pillar.get'](key='haproxy:proxy:nbproc', default=''),
	'pidfile': '/var/run/haproxy.pid',
	'user': 'haproxy',
	'stats': [
	'socket ' + salt['pillar.get'](key='haproxy:proxy:stats_socket', default=stats_socket_default) + ' mode 660 level admin',
	'timeout 30s',
	'bind-process ' + salt['pillar.get'](key='haproxy:proxy:stats_bind_process', default=''),
	],
	'maxconn': 25000,
	'spread-checks': 4,
	'tune_bufsize': 32768,
	'tune_maxrewrite': 1024,
	}
	%}

	{% set proxy = salt['grains.filter_by']({
	'Debian': {
	'pkgs': ['haproxy'],
	'service': 'haproxy',
	'stats_socket': stats_socket_default,
	'global': global_parameters,
	'forwardfor': {
	'enabled': true,
	'except': '127.0.0.1',
	},
	},
	'RedHat': {
	'pkgs': ['haproxy'],
	'service': 'haproxy',
	'stats_socket': stats_socket_default,
	'global': global_parameters,
	'forwardfor': {
	'enabled': true,
	'except': '127.0.0.1',
	},
	},
	}, merge=salt['pillar.get']('haproxy:proxy')) %}

	{% set invalid_section_options = {
	'frontend': [
	'abortonclose',
	'accept-invalid-http-response',
	'allbackups',
	'checkcache',
	'external-check',
	'httpchk',
	'ldap-check',
	'log-health-checks',
	'mysql-check',
	'persist',
	'pgsql-check',
	'prefer-last-server',
	'redis-check',
	'redispatch',
	'smtpchk',
	'srvtcpka',
	'ssl-hello-chk',
	'tcp-check',
	'tcp-smart-connect',
	'tcpka',
	'tcplog',
	'transparent',
	],
	'backend': [
	'accept-invalid-http-request',
	'clitcpka',
	'contstats',
	'dontlog-normal',
	'dontlognull',
	'http-ignore-probes',
	'http-use-proxy-header',
	'log-separate-errors',
	'logasap',
	'socket-stats',
	'tcp-smart-accept',
	'tcpka',
	'tcplog',
	],
	}
	%}