OPNsense Forum

English Forums => Development and Code Review => Topic started by: mj84 on August 27, 2019, 06:50:05 pm

Title: Ansible role + modules for HAProxy management through API
Post by: mj84 on August 27, 2019, 06:50:05 pm

Hi folks,

as my original post (https://forum.opnsense.org/index.php?topic=13821.msg63600#msg63600) got somewhat lost in the 19.7 section, and I figured that this topic rather belongs here, I decided to re-create a thread here.

I have started using OPNsense a few months ago and I'm quite impressed by almost every aspect of the product so far!
My OPNsense cluster is mainly serving as a Reverse Proxy / Loadbalancer using the HAProxy module, so I wanted to search for a way for easier configuration management.

As I am a heavy user of Ansible, I have started developing Ansible modules and a corresponding Ansible role definition for managing OPNsense's HAProxy configuration more easily.
My goal is for this project to be feature-complete, so every aspect of HAProxy on OPNsense shall be reflected in these Ansible modules.

This means that these OPNsense HAProxy object types can be managed:

• ACLs (Conditions)
• Actions (Rules)
• Backend Pools
• CPUs (CPU Affinity Rules)
• Errorfiles (Error Messages)
• Frontends (Public Services)
• Groups
• Healthchecks (Health Monitors)
• LUA services
• Maps (Map Files)
• Servers
• Users

I have created a GitHub repo for this project here: https://github.com/mj84/ansible-opnsense-haproxy

Any questions or input are very welcome :)

As you can see, most of the data types are already implemented, but
As of 2019-09-03 all datatypes are implemented and seem to be working.
There is still some refactoring to be done, so variable names etc. might change but variable names should be stable. Also, the documentation is still missing for the most parts.
As soon as I have implemented the remaining datatypes, I will provide a fully documented task file and examples for a playbook.

I will try to keep this post updated as I implement the remaining datatypes and update the documentation.

Cheers,
Markus

Title: Re: Ansible role + modules for HAProxy management through API
Post by: mj84 on August 27, 2019, 06:50:17 pm

Changelog:
2019-08-14: Initial post
2019-08-14: Servers can now be managed
2019-08-14: Lua scripts can now be managed
2019-08-15: Groups and Mapfiles can now be managed
2019-08-27: Frontends can now be managed
2019-09-01: Backends can now be managed
2019-09-03: CPUs and Healthchecks can now be managed, we are feature-complete :)
                   Also, i have completed the tasks file, so everything can be managed through Ansible variables
2019-09-04: Complete rewrite of ACL module