Puppet Class: opnsense::client::haproxy

Defined in:
manifests/client/haproxy.pp

Summary

Use exported resources to collect haproxy configurations from clients.

Overview

This will create resources for haproxy configurations into puppetdb for automatically configuring them on one or more opnsense firewall.

Examples:

class { 'opnsense::client::haproxy':
  servers  => {
    "server1" => {
      "devices"     => ["localhost"],
      "description" => "first local server",
      "address"     => "127.0.0.1",
      "port"        => "8091",
    },
    "server2" => {
      "devices"     => ["localhost"],
      "description" => "second local server",
      "address"     => "127.0.0.1",
      "port"        => "8092",
    },
  },
  backends => {
    "localhost_backend" => {
      "devices"        => ["localhost"],
      "description"    => "local server backend",
      "mode"           => "http",
      "linked_servers" => ["server1", "server2"],
    }
  },
  frontends => {
    "localhost_frontend" => {
      "devices"           => ["localhost"],
      "description"       => "local frontend",
      "bind"              => "127.0.0.1:8090",
      "ssl_enabled"       => true,
      "ssl_certificates"  => ["60cc4641eb577"],
      "default_backend"   => "localhost_backend",
    }
  },
}

Parameters:

  • servers (Hash)

    HaProxy servers that are associated with this client.

  • backends (Hash)

    HaProxy backends that are associated with this client.

  • frontends (Hash)

    Firewall rules that are associated with this client.



49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'manifests/client/haproxy.pp', line 49

class opnsense::client::haproxy (
  Hash $servers,
  Hash $backends,
  Hash $frontends,
) {
  $servers.map |$server_name, $server_options| {
    $server_options['devices'].each |$device_name| {
      $server_options_filtered = delete($server_options, ['devices', 'description'])
      @@opnsense_haproxy_server { "${server_name}@${device_name}":
        description => "${facts['networking']['fqdn']} - ${server_options['description']}",
        *           => $server_options_filtered,
        tag         => $device_name,
      }
    }
  }

  $backends.map |$backend_name, $backend_options| {
    $backend_options['devices'].each |$device_name| {
      $backend_options_filtered = delete($backend_options, ['devices', 'description'])
      @@opnsense_haproxy_backend { "${backend_name}@${device_name}":
        description => "${facts['networking']['fqdn']} - ${backend_options['description']}",
        *           => $backend_options_filtered,
        tag         => $device_name,
      }
    }
  }

  $frontends.map |$frontend_name, $frontend_options| {
    $frontend_options['devices'].each |$device_name| {
      $frontend_options_filtered = delete($frontend_options, ['devices', 'description'])
      @@opnsense_haproxy_frontend { "${frontend_name}@${device_name}":
        description => "${facts['networking']['fqdn']} - ${frontend_options['description']}",
        *           => $frontend_options_filtered,
        tag         => $device_name,
      }
    }
  }
}