From 9210f0ea75198ed1efda73dcbcffd1e12fba26ff Mon Sep 17 00:00:00 2001
From: pierreozoux <pierre@ozoux.net>
Date: Mon, 27 Oct 2014 11:40:36 +0000
Subject: [PATCH] Splits haproxy-confd in 2 images

---
 confd/conf.d/crt-list.toml       |  7 ++++
 confd/conf.d/haproxy.toml        |  7 ++++
 confd/templates/crt-list.tmpl    |  7 ++++
 confd/templates/haproxy.cfg.tmpl | 63 ++++++++++++++++++++++++++++++++
 unit-files/haproxy-confd.service | 21 +++++++++++
 unit-files/haproxy.service       |  4 +-
 6 files changed, 107 insertions(+), 2 deletions(-)
 create mode 100644 confd/conf.d/crt-list.toml
 create mode 100644 confd/conf.d/haproxy.toml
 create mode 100644 confd/templates/crt-list.tmpl
 create mode 100644 confd/templates/haproxy.cfg.tmpl
 create mode 100644 unit-files/haproxy-confd.service

diff --git a/confd/conf.d/crt-list.toml b/confd/conf.d/crt-list.toml
new file mode 100644
index 0000000..ef435f2
--- /dev/null
+++ b/confd/conf.d/crt-list.toml
@@ -0,0 +1,7 @@
+[template]
+src  = "crt-list.tmpl"
+dest = "/etc/haproxy/crt-list"
+keys = [
+  "/services"
+]
+reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"
diff --git a/confd/conf.d/haproxy.toml b/confd/conf.d/haproxy.toml
new file mode 100644
index 0000000..d355421
--- /dev/null
+++ b/confd/conf.d/haproxy.toml
@@ -0,0 +1,7 @@
+[template]
+src  = "haproxy.cfg.tmpl"
+dest = "/etc/haproxy/haproxy.cfg"
+keys = [
+  "/services"
+]
+reload_cmd = "/docker kill --signal=\"SIGUSR1\" haproxy"
diff --git a/confd/templates/crt-list.tmpl b/confd/templates/crt-list.tmpl
new file mode 100644
index 0000000..391fa95
--- /dev/null
+++ b/confd/templates/crt-list.tmpl
@@ -0,0 +1,7 @@
+{{range $app := lsdir "/services"}}
+{{$hostnames := printf "/services/%s/*" $app}}
+  {{range gets $hostnames}}
+    {{$hostname := .Key}}
+/etc/haproxy/approved-certs/{{base $hostname}}.pem {{base $hostname}}
+  {{end}}
+{{end}}
diff --git a/confd/templates/haproxy.cfg.tmpl b/confd/templates/haproxy.cfg.tmpl
new file mode 100644
index 0000000..bf6aab8
--- /dev/null
+++ b/confd/templates/haproxy.cfg.tmpl
@@ -0,0 +1,63 @@
+{{$default_service_value := getv "/services/default"}}
+{{$default_service := json $default_service_value}}
+{{$default_url := printf "/services/%s/%s" $default_service.app $default_service.hostname}}
+{{$default_value := getv $default_url}}
+{{$default := json $default_value}}
+{{$default := json $default_value}}
+global
+  maxconn 4096
+  user haproxy
+  group haproxy
+
+defaults
+  mode http
+  option httplog
+  option dontlognull
+  retries 3
+  timeout connect 5000
+  timeout client 50000
+  timeout server 50000
+
+frontend https-in
+mode http
+  bind *:443 ssl crt-list /etc/haproxy/crt-list crt /etc/haproxy/approved-certs/{{$default_service.hostname}}.pem
+  reqadd X-Forwarded-Proto:\ https
+{{range $app := lsdir "/services"}}
+{{$hostnames := printf "/services/%s/*" $app}}
+  {{range gets $hostnames}}
+    {{$hostname := .Key}}
+    {{$data := json .Value}}
+# {{base $hostname}}:
+  acl https_{{base $hostname}} hdr(host) -i {{base $hostname}}
+  use_backend {{base $hostname}} if https_{{base $hostname}}
+  {{end}}
+{{end}}
+
+default_backend {{$default_service.hostname}}
+
+frontend http-in
+  bind *:80
+{{range $app := lsdir "/services"}}
+{{$hostnames := printf "/services/%s/*" $app}}
+  {{range gets $hostnames}}
+    {{$hostname := .Key}}
+    {{$data := json .Value}}
+# {{base $hostname}}:
+  acl is_{{base $hostname}} hdr(host) -i {{base $hostname}}
+  use_backend {{base $hostname}} if is_{{base $hostname}}
+  {{end}}
+{{end}}
+
+{{range $app := lsdir "/services"}}
+{{$hostnames := printf "/services/%s/*" $app}}
+  {{range gets $hostnames}}
+    {{$hostname := .Key}}
+    {{$data := json .Value}}
+# {{base $hostname}}:
+backend {{base $hostname}}
+  cookie SERVERID insert nocache indirect
+  option httpclose
+  option forwardfor
+  server Server {{$data.ip}}:{{$data.port}} cookie Server
+  {{end}}
+{{end}}
diff --git a/unit-files/haproxy-confd.service b/unit-files/haproxy-confd.service
new file mode 100644
index 0000000..99ff82e
--- /dev/null
+++ b/unit-files/haproxy-confd.service
@@ -0,0 +1,21 @@
+[Unit]
+Description=%p
+After=docker.service
+Requires=docker.service
+
+[Service]
+Restart=always
+TimeoutStartSec=0
+ExecStartPre=-/usr/bin/docker kill %p
+ExecStartPre=-/usr/bin/docker rm %p
+ExecStart=/usr/bin/docker run\
+--name %p\
+-v /data/server-wide/haproxy/:/etc/haproxy/\
+-v /data/indiehosters/confd/:/etc/confd/\
+-v /var/run/docker.sock:/var/run/docker.sock\
+indiehosters/confd
+ExecReload=/usr/bin/docker restart %p
+ExecStop=/usr/bin/docker stop %p
+
+[Install]
+WantedBy=multi-user.target
diff --git a/unit-files/haproxy.service b/unit-files/haproxy.service
index 8331b4b..93b9830 100644
--- a/unit-files/haproxy.service
+++ b/unit-files/haproxy.service
@@ -10,10 +10,10 @@ ExecStartPre=-/usr/bin/docker kill %p
 ExecStartPre=-/usr/bin/docker rm %p
 ExecStart=/usr/bin/docker run\
 --name %p\
+-v /data/server-wide/haproxy:/etc/haproxy\
 -p 80:80\
 -p 443:443\
--v /data/server-wide/haproxy/approved-certs/:/etc/haproxy/approved-certs\
-indiehosters/haproxy-confd
+indiehosters/haproxy
 ExecReload=/usr/bin/docker restart %p
 ExecStop=/usr/bin/docker stop %p
 
-- 
GitLab