feat: add puppetboard backend

- add balancemember to puppetboard nodes
- add be_puppetboard to haproxxy
- add puppetboard.main.unkin.net to haproxy altnames
- add puppetboard to backend mapping
- change way backends are registered in haproxy
This commit is contained in:
2024-04-06 03:38:17 +11:00
parent dc428543cf
commit 105bf1b09d
3 changed files with 65 additions and 12 deletions
@@ -1,5 +1,22 @@
---
haproxy::backend:
# mappings
profiles::haproxy::mappings::list:
- 'puppetboard.main.unkin.net be_puppetboard'
profiles::haproxy::backends:
be_puppetboard:
description: Backend for Puppetboard
collect_exported: false # handled in custom function
options:
balance: roundrobin
option:
- httpchk GET /
- forwardfor
cookie: SRVNAME insert
http-request:
- set-header X-Forwarded-Port %[dst_port]
- add-header X-Forwarded-Proto https if { dst_port 443 }
redirect: 'scheme https if !{ ssl_fc }'
be_letsencrypt:
description: Backend for LetsEncrypt Verifications
collect_exported: true
@@ -11,9 +28,8 @@ haproxy::backend:
options:
balance: roundrobin
option:
- httpchk
- httpchk GET /
- forwardfor
http-check: send meth GET uri /
cookie: SRVNAME insert
http-request:
- set-header X-Forwarded-Port %[dst_port]
@@ -47,3 +63,7 @@ profiles::haproxy::fe_https::http_request:
profiles::haproxy::certlist::enabled: true
profiles::haproxy::certlist::certificates:
- /etc/pki/tls/vault/certificate.pem
# additional altnames
profiles::pki::vault::alt_names:
- puppetboard.main.unkin.net