Try SpotterManage pfSense haproxy backend servers
| "added in version" 0.1.0 of pfsensible.haproxy"
Authors: Frederic Bor (@f-bor)
preview | supported by community
Install with ansible-galaxy collection install pfsensible.haproxy:==0.1.0
collections:
- name: pfsensible.haproxy
version: 0.1.0Manage pfSense haproxy servers
- name: Add backend server
pfsense_haproxy_backend_server:
backend: exchange
name: exchange.acme.org
address: exchange.acme.org
port: 443
state: present
- name: Remove backend server
pfsense_haproxy_backend_server:
backend: exchange
name: exchange.acme.org
state: absent
ca:
description: SSL servers only, set the CA authority to check the server certificate
against.
required: false
type: str
crl:
description: SSL servers only, set the CRL to check revoked certificates.
required: false
type: str
ssl:
description: Should haproxy encrypt the traffic to the backend with SSL (commonly
used with mode http on frontend and a port 443 on backend).
required: false
type: bool
mode:
choices:
- active
- backup
- disabled
- inactive
default: active
description: How to use the server.
required: false
type: str
name:
description: The server name.
required: true
type: str
port:
description: The port of the backend.
required: false
type: int
state:
choices:
- present
- absent
default: present
description: State in which to leave the backend server
type: str
cookie:
description: Persistence only, Used to identify server when cookie persistence is
configured for the backend.
required: false
type: str
weight:
description: 'A weight between 0 and 256, this setting can be used when multiple servers
on different hardware need to be balanced with a different part the traffic. A server
with weight 0 wont get new traffic. Default if empty: 1
'
required: false
type: int
address:
description: IP or hostname of the backend (only resolved on start-up.)
required: false
type: str
backend:
description: The backend name.
required: true
type: str
maxconn:
description: Tuning, If the number of incoming concurrent requests goes higher than
this value, they will be queued
required: false
type: int
advanced:
description: Allows for adding custom HAProxy settings to the server. These are passed
as written, use escaping where needed.
required: false
type: str
checkssl:
description: This can be used with for example a LDAPS health-checks where LDAPS is
passed along with mode TCP
required: false
type: bool
forwardto:
description: The name of the frontend to forward. When None, forwards to address and
port
required: false
type: str
clientcert:
description: SSL servers only, This certificate will be sent if the server send a
client certificate request.
required: false
type: str
istemplate:
description: If set, configures this server item as a template to provision servers
from dns/srv responses.
required: false
type: str
verifyhost:
description: SSL servers only, when set, must match the hostnames in the subject and
subjectAlternateNames of the certificate provided by the server.
required: false
type: str
sslserververify:
description: SSL servers only, The server certificate will be verified against the
CA and CRL certificate configured below.
required: false
type: bool
commands:
description: the set of commands that would be pushed to the remote device (if pfSense
had a CLI)
returned: always
sample:
- create haproxy_backend_server 'exchange.acme.org' on 'exchange', status='active',
address='exchange.acme.org', port=443
- delete haproxy_backend_server 'exchange.acme.org' on 'exchange'
type: list