diff options
| author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-05-19 09:57:11 +0000 |
|---|---|---|
| committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-05-19 09:57:11 +0000 |
| commit | e201bd35511e1a000ffa21a4194d234634cfd76c (patch) | |
| tree | dc5a8d347868a518c0bc35b0c3cee7e1d86c021b /src/conf_mode/load-balancing-haproxy.py | |
| parent | e164b6e4654eba24d7d4a6aadae69da67661858f (diff) | |
| download | vyos-1x-e201bd35511e1a000ffa21a4194d234634cfd76c.tar.gz vyos-1x-e201bd35511e1a000ffa21a4194d234634cfd76c.zip | |
T5222: Refactoring load-balancing reverse-proxy
Improve and refactoring "load-balancing reverse-proxy"
- replace 'reverse-proxy server <tag>'
=> 'reverse-proxy service <tag>'
- replace 'reverse-proxy global-parameters tls <xxx>'
=> 'reverse-proxy global-parameters tls-version-min xxx'
=> 'reverse-proxy global-parameters ssl-bind-ciphers xxx'
- replace 'reverse-proxy service https rule <tag> set server 'xxx'
=> 'reverse-proxy service https rule <tag> set backend 'xxx'
'service https rule <tag> domain-name xxx' set as multinode
Diffstat (limited to 'src/conf_mode/load-balancing-haproxy.py')
| -rwxr-xr-x | src/conf_mode/load-balancing-haproxy.py | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/src/conf_mode/load-balancing-haproxy.py b/src/conf_mode/load-balancing-haproxy.py index d2b895fbe..938af6cda 100755 --- a/src/conf_mode/load-balancing-haproxy.py +++ b/src/conf_mode/load-balancing-haproxy.py @@ -74,15 +74,12 @@ def verify(lb): if not lb: return None - if 'backend' not in lb or 'server' not in lb: - raise ConfigError(f'"server" and "backend" must be configured!') + if 'backend' not in lb or 'service' not in lb: + raise ConfigError(f'"service" and "backend" must be configured!') - for front, front_config in lb['server'].items(): + for front, front_config in lb['service'].items(): if 'port' not in front_config: - raise ConfigError(f'"{front} server port" must be configured!') - # We can use redirect to HTTPS without backend section - if 'backend' not in front_config and 'redirect_http_to_https' not in front_config: - raise ConfigError(f'"{front} backend" must be configured!') + raise ConfigError(f'"{front} service port" must be configured!') # Check if bind address:port are used by another service tmp_address = front_config.get('address', '0.0.0.0') @@ -117,7 +114,7 @@ def generate(lb): os.mkdir(load_balancing_dir) # SSL Certificates for frontend - for front, front_config in lb['server'].items(): + for front, front_config in lb['service'].items(): if 'ssl' in front_config: cert_file_path = os.path.join(load_balancing_dir, 'cert.pem') cert_key_path = os.path.join(load_balancing_dir, 'cert.pem.key') |