diff options
Diffstat (limited to 'mcp/reclass/classes/system/haproxy/proxy/listen/oss')
6 files changed, 218 insertions, 0 deletions
diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml new file mode 100644 index 000000000..e5c25cfbd --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/devops_portal.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_devops_portal_bind_host: ${_param:haproxy_bind_address} + haproxy_devops_portal_bind_port: 8800 + haproxy_devops_portal_ssl: + enabled: false + haproxy: + proxy: + listen: + devops_portal: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_devops_portal_bind_host} + port: ${_param:haproxy_devops_portal_bind_port} + ssl: ${_param:haproxy_devops_portal_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 18800 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 18800 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 18800 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml new file mode 100644 index 000000000..2f5d1ee40 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/elasticsearch.yml @@ -0,0 +1,38 @@ +parameters: + _param: + haproxy_elasticsearch_bind_host: ${_param:haproxy_bind_address} + haproxy_elasticsearch_bind_port: 9200 + haproxy_elasticsearch_exposed_port: 19200 + haproxy_elasticsearch_ssl: + enabled: false + haproxy: + proxy: + listen: + elasticsearch: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_elasticsearch_bind_host} + port: ${_param:haproxy_elasticsearch_bind_port} + ssl: ${_param:haproxy_elasticsearch_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_elasticsearch_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml new file mode 100644 index 000000000..1bc1f44c9 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/postgresql.yml @@ -0,0 +1,32 @@ +parameters: + _param: + haproxy_postgresql_bind_host: ${_param:haproxy_bind_address} + haproxy_postgresql_bind_port: 5432 + haproxy_postgresql_exposed_port: 15432 + haproxy_postgresql_ssl: + enabled: false + haproxy: + proxy: + listen: + postgresql: + mode: tcp + balance: source + options: + - tcp-check + binds: + - address: ${_param:haproxy_postgresql_bind_host} + port: ${_param:haproxy_postgresql_bind_port} + ssl: ${_param:haproxy_postgresql_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: check port ${_param:haproxy_postgresql_exposed_port} + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: backup check port ${_param:haproxy_postgresql_exposed_port} + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_postgresql_exposed_port} + params: backup check port ${_param:haproxy_postgresql_exposed_port} diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml new file mode 100644 index 000000000..db33352ca --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/pushkin.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_pushkin_bind_host: ${_param:haproxy_bind_address} + haproxy_pushkin_bind_port: 8887 + haproxy_pushkin_exposed_port: 18887 + haproxy_pushkin_ssl: + enabled: false + haproxy: + proxy: + listen: + pushkin: + mode: http + options: + - httpchk GET /apps + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + sticks: + - http-check expect status 200 + binds: + - address: ${_param:haproxy_pushkin_bind_host} + port: ${_param:haproxy_pushkin_bind_port} + ssl: ${_param:haproxy_pushkin_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_pushkin_exposed_port} + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml new file mode 100644 index 000000000..fbabb381d --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/rundeck.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_rundeck_bind_host: ${_param:haproxy_bind_address} + haproxy_rundeck_bind_port: 4440 + haproxy_rundeck_ssl: + enabled: false + haproxy: + proxy: + listen: + rundeck: + mode: http + options: + - forwardfor + - httpchk + - httpclose + - httplog + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + binds: + - address: ${_param:haproxy_rundeck_bind_host} + port: ${_param:haproxy_rundeck_bind_port} + ssl: ${_param:haproxy_rundeck_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: 14440 + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: 14440 + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: 14440 + params: backup check diff --git a/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml new file mode 100644 index 000000000..549869996 --- /dev/null +++ b/mcp/reclass/classes/system/haproxy/proxy/listen/oss/security_monkey.yml @@ -0,0 +1,37 @@ +parameters: + _param: + haproxy_security_monkey_bind_host: ${_param:haproxy_bind_address} + haproxy_security_monkey_bind_port: 5001 + haproxy_security_monkey_exposed_port: 15001 + haproxy_security_monkey_ssl: + enabled: false + haproxy: + proxy: + listen: + security_monkey: + mode: http + options: + - httpchk GET / + balance: source + http_request: + - action: "add-header X-Forwarded-Proto https" + condition: "if { ssl_fc }" + sticks: + - http-check expect status 404 + binds: + - address: ${_param:haproxy_security_monkey_bind_host} + port: ${_param:haproxy_security_monkey_bind_port} + ssl: ${_param:haproxy_security_monkey_ssl} + servers: + - name: ${_param:cluster_node01_name} + host: ${_param:cluster_node01_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: check + - name: ${_param:cluster_node02_name} + host: ${_param:cluster_node02_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check + - name: ${_param:cluster_node03_name} + host: ${_param:cluster_node03_address} + port: ${_param:haproxy_security_monkey_exposed_port} + params: backup check |