From 33dbb82bbbdd202a1a895d07fa09ed303168ed80 Mon Sep 17 00:00:00 2001
From: James Gibson <james.gibson@bbc.co.uk>
Date: Mon, 6 Dec 2021 17:22:43 +0000
Subject: [PATCH] Add option to force encryption of all health checks over SSL

This is required if a server only speaks HTTPS

Change-Id: Ib99eed929dfded2bbf11bc1a54c4184edafe8452
---
 templates/service.j2 | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/templates/service.j2 b/templates/service.j2
index 5649a32..6a638cf 100644
--- a/templates/service.j2
+++ b/templates/service.j2
@@ -127,6 +127,9 @@ backend {{ item.service.haproxy_service_name }}-back
 {% set _ = entry.append(item.service.backend_fall|default(item.service.haproxy_backend_nodes | count | string)) %}
 {% if item.service.haproxy_backend_ssl | default(False) %}
 {% set _ = entry.append("ssl") %}
+{% if item.service.haproxy_backend_ssl_check | default(item.service.haproxy_backend_ssl) %}
+{% set _ = entry.append("check-ssl") %}
+{% endif %}
 {% if item.service.haproxy_backend_ca %}
 {% set _ = entry.append("ca-file") %}
 {% set _ = entry.append(item.service.haproxy_backend_ca) %}
@@ -165,6 +168,9 @@ backend {{ item.service.haproxy_service_name }}-back
 {% set _ = entry.append("backup") %}
 {% if item.service.haproxy_backend_ssl | default(False) %}
 {% set _ = entry.append("ssl") %}
+{% if item.service.haproxy_backend_ssl_check | default(item.service.haproxy_backend_ssl) %}
+{% set _ = entry.append("check-ssl") %}
+{% endif %}
 {% if item.service.haproxy_backend_ca %}
 {% set _ = entry.append("ca-file") %}
 {% set _ = entry.append(item.service.haproxy_backend_ca) %}