summaryrefslogtreecommitdiff
path: root/data/templates/load-balancing
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-05-19 20:51:58 +0200
committerGitHub <noreply@github.com>2023-05-19 20:51:58 +0200
commit63380de9b57e2ad6f2634ce967e16275f418f186 (patch)
tree645c7f26b72aa75bbe8851911890e0ae95845249 /data/templates/load-balancing
parenta66648596dc126b7bed37d8119ee8faa14909613 (diff)
parente9dce894eec252ae9224257a26f23c0b70fba4fd (diff)
downloadvyos-1x-63380de9b57e2ad6f2634ce967e16275f418f186.tar.gz
vyos-1x-63380de9b57e2ad6f2634ce967e16275f418f186.zip
Merge pull request #2013 from sever-sever/T5222
T5222: reverse-proxy fix listen-address template and add smoketest
Diffstat (limited to 'data/templates/load-balancing')
-rw-r--r--data/templates/load-balancing/haproxy.cfg.j210
1 files changed, 8 insertions, 2 deletions
diff --git a/data/templates/load-balancing/haproxy.cfg.j2 b/data/templates/load-balancing/haproxy.cfg.j2
index 1a8ce13f8..f8e1587f8 100644
--- a/data/templates/load-balancing/haproxy.cfg.j2
+++ b/data/templates/load-balancing/haproxy.cfg.j2
@@ -51,7 +51,13 @@ defaults
{% for front, front_config in service.items() %}
frontend {{ front }}
{% set ssl_front = 'ssl crt /run/haproxy/' ~ front_config.ssl.certificate ~ '.pem' if front_config.ssl.certificate is vyos_defined else '' %}
- bind {{ front_config.listen_address if front_config.listen_address if vyos_defined else '*' }}:{{ front_config.port }} {{ ssl_front }}
+{% if front_config.listen_address is vyos_defined %}
+{% for address in front_config.listen_address %}
+ bind {{ address | bracketize_ipv6 }}:{{ front_config.port }} {{ ssl_front }}
+{% endfor %}
+{% else %}
+ bind :::{{ front_config.port }} v4v6 {{ ssl_front }}
+{% endif %}
{% if front_config.redirect_http_to_https is vyos_defined %}
http-request redirect scheme https unless { ssl_fc }
{% endif %}
@@ -140,7 +146,7 @@ backend {{ back }}
{% if back_config.server is vyos_defined %}
{% set ssl_back = 'ssl ca-file /run/haproxy/' ~ back_config.ssl.ca_certificate ~ '.pem' if back_config.ssl.ca_certificate is vyos_defined else '' %}
{% for server, server_config in back_config.server.items() %}
- server {{ server }} {{ server_config.address }}:{{ server_config.port }} {{ 'check' if server_config.check is vyos_defined }} {{ ssl_back }}
+ server {{ server }} {{ server_config.address }}:{{ server_config.port }}{{ ' check' if server_config.check is vyos_defined }}{{ ' send-proxy' if server_config.send_proxy is vyos_defined }}{{ ' send-proxy-v2' if server_config.send_proxy_v2 is vyos_defined }} {{ ssl_back }}
{% endfor %}
{% endif %}
{% if back_config.timeout.check is vyos_defined %}