General cleanup and adding mapping options

2022-08-27 07:42:36 -06:00 · 2022-08-27 07:42:36 -06:00 · 719f723ba5
commit 719f723ba5
parent a73ce9e155
7 changed files with 98 additions and 26 deletions
--- a/roles/haproxy/tasks/main.yml
+++ b/roles/haproxy/tasks/main.yml
@ -25,7 +25,16 @@
    autoconnect: yes
    type: vlan
    state: present
-  when: (haproxy_keepalived_adapter_vlan is defined) and (haproxy_keepalived_ip is defined)
+  when: (haproxy_keepalived_adapter_vlan != "") and (haproxy_keepalived_ip is defined)
+
+- name: Add IP
+  nmcli:
+    conn_name: "{{ haproxy_keepalived_adapter }}"
+    ip4: "{{ haproxy_keepalived_ip }}"
+    autoconnect: yes
+    type: ethernet
+    state: present
+  when: (haproxy_keepalived_adapter_vlan == "") and (haproxy_keepalived_ip is defined)

 - name: Enable firewall rule for vrrp
  firewalld:
@ -92,9 +101,21 @@
    - "maps/*"
  notify: reload haproxy

+- name: Ensure ssl directory exists
+  file: 
+    path: "/etc/haproxy/ssl" 
+    state: directory
+
+- name: Deploy host cert for haproxy use
+  file:
+    src: "/etc/ssl/{{ ansible_hostname }}/live/merged.pem"
+    dest: "/etc/haproxy/ssl/{{ ansible_hostname }}.pem"
+    state: link
+  when: haproxy_local_cert == true
+
 - name: Update HAProxy configuration
  template:
-    src: haproxy.cfg.j2
+    src: "{{ haproxy_config_file }}"
    dest: /etc/haproxy/haproxy.cfg
    mode: 0644
    validate: haproxy -f %s -c -q