1 # {{ ansible_managed }}
2 frontend restful-front-1
3 bind {{ external_lb_vip_address }}:61200 ssl crt {{ haproxy_ssl_pem }}
5 option forwardfor except 127.0.0.0/8
6 option http-server-close
7 reqadd X-Forwarded-Proto:\ https
8 rspadd X-Frame-Options:\ SAMEORIGIN
9 rspadd Strict-Transport-Security:\ max-age=15768000
11 default_backend restful-back
13 frontend restful-front-2
14 bind {{ internal_lb_vip_address }}:61200
16 option forwardfor except 127.0.0.0/8
17 option http-server-close
18 rspadd X-Frame-Options:\ SAMEORIGIN
19 rspadd Strict-Transport-Security:\ max-age=15768000
21 default_backend restful-back
27 stick store-request src
28 stick-table type ip size 256k expire 30m
31 {% for con in groups['management'] %}
32 server {{ con }} {{ hostvars[con]['networking']['infra_internal']['ip'] }}:61200 check port 61200 inter 12000 rise 3 fall 3