- name: Install socat for haproxy management package: name: socat state: present - name: Ensure registry volume directories exists file: state: directory path: "/var/haproxy/{{ item }}" owner: 1000 group: 1000 loop: - etc - run - dev - name: Ensure haproxy config template available assert: that: - haproxy_config_template is defined - name: Write rsyslog file copy: src: rsyslog.d/49-haproxy.conf dest: /etc/rsyslog.d/ owner: root group: root mode: 0644 register: _rsyslog_added - name: Restart rsyslog if config updates service: name: rsyslog state: restarted when: _rsyslog_added.changed - name: Add haproxy log rotation include_role: name: logrotate vars: logrotate_file_name: '/var/log/haproxy.log' - name: Write haproxy config file template: src: '{{ haproxy_config_template }}' dest: /var/haproxy/etc/haproxy.cfg owner: 1000 group: 1000 mode: 0644 notify: Reload haproxy # Copy in testing CA so the container can see it. When running under # Zuul this CA is created by the test framework. We use it to # validate the https check path - name: Check for OpenDev Infra CA (test only) stat: path: /etc/opendev-ca/ca.crt register: _opendev_ca_crt - name: Copy in OpenDev Infra CA (test only) copy: src: /etc/opendev-ca/ca.crt dest: /var/haproxy/etc/ when: _opendev_ca_crt.stat.exists - name: Ensure docker compose configuration directory file: path: /etc/haproxy-docker state: directory owner: root group: root mode: 0755 - name: Install docker-compose configuration template: src: docker-compose.yaml.j2 dest: /etc/haproxy-docker/docker-compose.yaml owner: root group: root mode: 0644 notify: Reload haproxy - name: Run docker-compose pull shell: cmd: docker-compose pull chdir: /etc/haproxy-docker/ - name: Run docker-compose up shell: cmd: docker-compose up -d chdir: /etc/haproxy-docker/ - name: Run docker prune to cleanup unneeded images shell: cmd: docker image prune -f