Rename haproxy_tls_vip_binds to haproxy_vip_binds
Effectively haproxy_tls_vip_binds was influencing not only TLS-related binds but also non-TLS ones. It's naming was picked in a misleading way from start, as a lot of logic for the variable was around TLS implementation. Though it has a global effect and this should be reflected in it's name. Change-Id: I2f28d0ab033eff96cc2bc09db917bedb387013e8
This commit is contained in:
parent
8018155a3d
commit
7e4ecd10b3
defaults
handlers
releasenotes/notes
templates
vars
@ -287,13 +287,13 @@ haproxy_bind_internal_lb_vip_interface:
|
||||
|
||||
# Option to override haproxy frontend binds
|
||||
# Example:
|
||||
# haproxy_tls_vip_binds:
|
||||
# haproxy_vip_binds:
|
||||
# - address: '*'
|
||||
# interface: bond0
|
||||
# - address: '192.168.0.10'
|
||||
# pki_san_records:
|
||||
# - internal.cloud
|
||||
haproxy_tls_vip_binds: "{{ _haproxy_tls_vip_binds }}"
|
||||
haproxy_vip_binds: "{{ haproxy_tls_vip_binds | default(_haproxy_vip_binds) }}"
|
||||
|
||||
# Make the log socket available to the chrooted filesystem
|
||||
haproxy_log_socket: "/dev/log"
|
||||
|
@ -21,7 +21,7 @@
|
||||
item_interface: "{{ item['interface'] | default('') }}"
|
||||
item_name: "{{ ('interface' in item and item['interface'] is truthy) | ternary(item['address'] ~ '-' ~ item_interface, item['address']) }}"
|
||||
item_base_path: "{{ haproxy_ssl_cert_path ~ '/haproxy_' ~ ansible_facts['hostname'] ~ '-' ~ item_name }}"
|
||||
with_items: "{{ haproxy_tls_vip_binds }}"
|
||||
with_items: "{{ haproxy_vip_binds }}"
|
||||
listen:
|
||||
- haproxy cert installed
|
||||
|
||||
|
@ -0,0 +1,7 @@
|
||||
---
|
||||
deprecations:
|
||||
- |
|
||||
Variable ``haproxy_tls_vip_binds`` has been renamed to
|
||||
``haproxy_vip_binds`` to better reflect variable purpose.
|
||||
Old variable name is still respected but it's usage is
|
||||
descouraged and old naming will be removed in the future.
|
@ -15,7 +15,7 @@
|
||||
{% if service.haproxy_bind is defined %}
|
||||
{% set vip_binds = service.haproxy_bind %}
|
||||
{% else %}
|
||||
{% set vip_binds = haproxy_tls_vip_binds + extra_lb_vip_addresses %}
|
||||
{% set vip_binds = haproxy_vip_binds + extra_lb_vip_addresses %}
|
||||
{% endif %}
|
||||
|
||||
{% if not service.haproxy_backend_only | default(false) %}
|
||||
|
@ -13,7 +13,7 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
_haproxy_tls_vip_binds: |
|
||||
_haproxy_vip_binds: |
|
||||
{% set vip_binds = [{'address': haproxy_bind_external_lb_vip_address, 'interface': haproxy_bind_external_lb_vip_interface}] %}
|
||||
{% if haproxy_bind_internal_lb_vip_address != haproxy_bind_external_lb_vip_address or
|
||||
haproxy_bind_external_lb_vip_interface != haproxy_bind_internal_lb_vip_interface %}
|
||||
@ -26,7 +26,7 @@ _haproxy_tls_vip_binds: |
|
||||
|
||||
_haproxy_pki_certificates: |
|
||||
{% set _pki_certs = [] %}
|
||||
{% for vip in haproxy_tls_vip_binds %}
|
||||
{% for vip in haproxy_vip_binds %}
|
||||
{% set _vip_interface = vip['interface'] | default('') %}
|
||||
{% set san = ['DNS:' ~ ansible_facts['hostname'], 'DNS:' ~ ansible_facts['fqdn']] %}
|
||||
{% if vip['address'] != '*' %}
|
||||
@ -55,7 +55,7 @@ _haproxy_pki_certificates: |
|
||||
|
||||
_haproxy_pki_install_certificates: |
|
||||
{% set _pki_install = [] %}
|
||||
{% for vip in haproxy_tls_vip_binds %}
|
||||
{% for vip in haproxy_vip_binds %}
|
||||
{% set _vip_interface = vip['interface'] | default('') %}
|
||||
{% set _cert_basename = '/haproxy_' ~ ansible_facts['hostname'] ~ '-' ~ (_vip_interface is truthy) | ternary(
|
||||
vip['address'] ~ '-' ~ _vip_interface, vip['address'])
|
||||
|
Loading…
x
Reference in New Issue
Block a user