diff options
| -rw-r--r-- | data/templates/load-balancing/haproxy.cfg.j2 | 2 | ||||
| -rw-r--r-- | interface-definitions/load-balancing-haproxy.xml.in | 12 | ||||
| -rwxr-xr-x | src/conf_mode/load-balancing-haproxy.py | 2 |
3 files changed, 15 insertions, 1 deletions
diff --git a/data/templates/load-balancing/haproxy.cfg.j2 b/data/templates/load-balancing/haproxy.cfg.j2 index 3799071b2..f8e1587f8 100644 --- a/data/templates/load-balancing/haproxy.cfg.j2 +++ b/data/templates/load-balancing/haproxy.cfg.j2 @@ -146,7 +146,7 @@ backend {{ back }} {% if back_config.server is vyos_defined %} {% set ssl_back = 'ssl ca-file /run/haproxy/' ~ back_config.ssl.ca_certificate ~ '.pem' if back_config.ssl.ca_certificate is vyos_defined else '' %} {% for server, server_config in back_config.server.items() %} - server {{ server }} {{ server_config.address }}:{{ server_config.port }} {{ 'check' if server_config.check is vyos_defined }} {{ ssl_back }} + server {{ server }} {{ server_config.address }}:{{ server_config.port }}{{ ' check' if server_config.check is vyos_defined }}{{ ' send-proxy' if server_config.send_proxy is vyos_defined }}{{ ' send-proxy-v2' if server_config.send_proxy_v2 is vyos_defined }} {{ ssl_back }} {% endfor %} {% endif %} {% if back_config.timeout.check is vyos_defined %} diff --git a/interface-definitions/load-balancing-haproxy.xml.in b/interface-definitions/load-balancing-haproxy.xml.in index e295dcb63..f955a2fb7 100644 --- a/interface-definitions/load-balancing-haproxy.xml.in +++ b/interface-definitions/load-balancing-haproxy.xml.in @@ -131,6 +131,18 @@ </properties> </leafNode> #include <include/port-number.xml.i> + <leafNode name="send-proxy"> + <properties> + <help>Send a Proxy Protocol version 1 header (text format)</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="send-proxy-v2"> + <properties> + <help>Send a Proxy Protocol version 2 header (binary format)</help> + <valueless/> + </properties> + </leafNode> </children> </tagNode> <node name="ssl"> diff --git a/src/conf_mode/load-balancing-haproxy.py b/src/conf_mode/load-balancing-haproxy.py index 938af6cda..b29fdffc7 100755 --- a/src/conf_mode/load-balancing-haproxy.py +++ b/src/conf_mode/load-balancing-haproxy.py @@ -95,6 +95,8 @@ def verify(lb): if 'address' not in bk_server_conf or 'port' not in bk_server_conf: raise ConfigError(f'"backend {back} server {bk_server} address and port" must be configured!') + if {'send_proxy', 'send_proxy_v2'} <= set(bk_server_conf): + raise ConfigError(f'Cannot use both "send-proxy" and "send-proxy-v2" for server "{bk_server}"') def generate(lb): if not lb: |