Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - mj84

Pages1
#1
Development and Code Review / Ansible role + modules for HAProxy management through API
August 27, 2019, 06:50:05 PM
Hi folks,

as my original post got somewhat lost in the 19.7 section, and I figured that this topic rather belongs here, I decided to re-create a thread here.

I have started using OPNsense a few months ago and I'm quite impressed by almost every aspect of the product so far!
My OPNsense cluster is mainly serving as a Reverse Proxy / Loadbalancer using the HAProxy module, so I wanted to search for a way for easier configuration management.

As I am a heavy user of Ansible, I have started developing Ansible modules and a corresponding Ansible role definition for managing OPNsense's HAProxy configuration more easily.
My goal is for this project to be feature-complete, so every aspect of HAProxy on OPNsense shall be reflected in these Ansible modules.

This means that these OPNsense HAProxy object types can be managed:

  • ACLs (Conditions)
  • Actions (Rules)
  • Backend Pools
  • CPUs (CPU Affinity Rules)
  • Errorfiles (Error Messages)
  • Frontends (Public Services)
  • Groups
  • Healthchecks (Health Monitors)
  • LUA services
  • Maps (Map Files)
  • Servers
  • Users

I have created a GitHub repo for this project here: https://github.com/mj84/ansible-opnsense-haproxy

Any questions or input are very welcome :)

As you can see, most of the data types are already implemented, but
As of 2019-09-03 all datatypes are implemented and seem to be working.
There is still some refactoring to be done, so variable names etc. might change but variable names should be stable. Also, the documentation is still missing for the most parts.
As soon as I have implemented the remaining datatypes, I will provide a fully documented task file and examples for a playbook.

I will try to keep this post updated as I implement the remaining datatypes and update the documentation.

Cheers,
Markus
#2
19.7 Legacy Series / Ansible role + modules for HAProxy management through API
August 14, 2019, 12:06:28 AM
Hi folks,

I have started using OPNsense a few months ago and I'm quite impressed by almost every aspect of the product so far!
My OPNsense cluster is mainly serving as a Reverse Proxy / Loadbalancer using the HAProxy module, so I wanted to search for a way for easier configuration management.

As I am a heavy user of Ansible, I have started developing Ansible modules and a corresponding Ansible role definition for managing OPNsense's HAProxy configuration more easily.
My goal is for this project to be feature-complete, so every aspect of HAProxy on OPNsense shall be reflected in these Ansible modules.

For now, the following OPNsense HAProxy object types can be managed:

  • ACLs (Conditions)
  • Actions (Rules)
  • Errorfiles (Error Messages)
  • Groups
  • LUA services
  • Maps (Map Files)
  • Servers
  • Users

These datatypes are still to come:

  • Backend Pools
  • CPUs (CPU Affinity Rules)
  • Frontends (Public Services)
  • Healthchecks (Health Monitors)

I have created a GitHub repo for this project here: https://github.com/mj84/ansible-opnsense-haproxy

Any questions or input are very welcome :)

Please note that this is still under heavy development, and there is quite a bit of refactoring to be done, so variable names etc. will change for sure.

I will try to keep this post updated as I implement the remaining datatypes and update the documentation.

Cheers,
Markus
Pages1