deploy_haproxy/molecule/with_tls_enabled_vagrant/group_vars/all.yml

---
deploy_haproxy_deploy_method: docker # deployment method, either host or docker
deploy_haproxy_version: "2.8"

deploy_haproxy_env_variables: {}
deploy_haproxy_start_service: true
deploy_haproxy_cert_dir: "/tmp/haproxy-cert"

# docker-only options
deploy_haproxy_extra_container_volumes: []

# Options from the "default" config block in haproxy.cfg
# The default values here are usually set, but you can change any of them.
deploy_haproxy_global:
  - log stdout format raw daemon debug
  - stats socket {{ deploy_haproxy_socket }} level admin
  - chroot {{ deploy_haproxy_chroot }}
  - daemon
  - description hashistack haproxy

deploy_haproxy_defaults:
  - log global
  - mode http
  - option httplog
  - option dontlognull
  - timeout connect 5000
  - timeout client  5000
  - timeout server  5000

deploy_haproxy_frontends:
  - name: default
    options:
      - description default frontend
      - mode http
      - bind :1024
      - default_backend default

deploy_haproxy_backends:
  - name: default
    options:
      - description default backend
      - option forwardfor
      - option httpchk
      - http-check send meth GET uri /
      - server srv_nginx1 172.17.0.2:80 check inter 5s
      - server srv_nginx2 172.17.0.3:80 check inter 5s

# listen configuration blocks
# the default values expose a monitoring listener on all interfaces on port 9000
# /stats returns the haproxy dashboard (please change the user and password in the configuration)
# /health returns a 200 OK response as long as haproxy is alive and well
# /metrics returns prometheus metrics for the haproxy instance
deploy_haproxy_listen:
  - name: monitoring
    options:
      - bind :9000 ssl crt /var/lib/haproxy/certs/cert.pem
      - mode http
      - option httpchk
      - stats enable
      - stats uri /stats
      - stats refresh 30s
      - stats show-desc
      - stats show-legends
      - stats auth admin:password
      - http-check send meth GET uri /health ver HTTP/1.1 hdr Host localhost
      - http-check expect status 200
      - acl health_check_ok nbsrv() ge 1
      - monitor-uri /health
      - http-request use-service prometheus-exporter if { path /metrics }