def generate_backend_catchall_entry(dest_addr,
mode,
port,
server_options,
override_dest_addr=None):
result = None
if mode == 'http':
result = config_format('use-server ' + dest_addr +
' if { hdr_dom(host) -i ' + dest_addr + ' }')
if override_dest_addr == None:
result += config_format('server ' + dest_addr + ' ' + dest_addr +
':' + str(port) + ' ' + server_options +
os.linesep)
else:
result += config_format('server ' + dest_addr + ' ' +
override_dest_addr + ':' + str(port) +
' ' + server_options + os.linesep)
elif mode == 'https':
result = config_format('use-server ' + dest_addr +
' if { req_ssl_sni -i ' + dest_addr + ' }')
result += config_format('server ' + dest_addr + ' ' + dest_addr + ':' +
str(port) + ' ' + server_options + os.linesep)
return result
def generate_frontend_catchall_entry(dest_addr, mode):
if mode == 'http':
return config_format('use_backend b_catchall_' + mode + ' if { hdr_dom(host) -i ' + dest_addr + ' }')
elif mode == 'https':
return config_format('use_backend b_catchall_' + mode + ' if { req_ssl_sni -i ' + dest_addr + ' }')
return None
def generate_frontend_catchall_entry(dest_addr, mode):
if mode == 'http':
return config_format('use_backend b_catchall_' + mode +
' if { hdr_dom(host) -i ' + dest_addr + ' }')
elif mode == 'https':
return config_format('use_backend b_catchall_' + mode +
' if { req_ssl_sni -i ' + dest_addr + ' }')
return None
def generate_global():
result = config_format('global', False)
result += config_format('daemon')
result += config_format('maxconn 20000')
result += config_format('user haproxy')
result += config_format('group haproxy')
result += config_format('stats socket /var/run/haproxy.sock mode 0600 level admin')
result += config_format('log /dev/log local0 debug')
result += config_format('pidfile /var/run/haproxy.pid')
result += config_format('spread-checks 5')
result += os.linesep
return result
def generate_backend_catchall_entry(dest_addr, mode, port, server_options, override_dest_addr = None):
result = None
if mode == 'http':
result = config_format('use-server ' + dest_addr + ' if { hdr_dom(host) -i ' + dest_addr + ' }')
if override_dest_addr == None:
result += config_format('server ' + dest_addr + ' ' + dest_addr + ':' + str(port) + ' ' + server_options + os.linesep)
else:
result += config_format('server ' + dest_addr + ' ' + override_dest_addr + ':' + str(port) + ' ' + server_options + os.linesep)
elif mode == 'https':
result = config_format('use-server ' + dest_addr + ' if { req_ssl_sni -i ' + dest_addr + ' }')
result += config_format('server ' + dest_addr + ' ' + dest_addr + ':' + str(port) + ' ' + server_options + os.linesep)
return result
def generate_global():
result = config_format('global', False)
result += config_format('daemon')
result += config_format('maxconn 20000')
result += config_format('user haproxy')
result += config_format('group haproxy')
result += config_format(
'stats socket /var/run/haproxy.sock mode 0600 level admin')
result += config_format('log /dev/log local0 debug')
result += config_format('pidfile /var/run/haproxy.pid')
result += config_format('spread-checks 5')
result += os.linesep
return result
def generate_stats(stats, bind_ip):
if stats["password"] == "":
stats["password"] = raw_input("Please enter a password for the HAproxy stats: ")
result = config_format('listen stats', False)
result += config_format('bind ' + bind_ip + ':' + str(stats["port"]))
result += config_format('mode http')
result += config_format('stats enable')
result += config_format('stats realm Protected\\ Area')
result += config_format('stats uri /')
result += config_format('stats auth ' + stats["user"] + ':' + stats["password"])
result += os.linesep
return result
def generate_stats(stats, bind_ip):
if stats["password"] == "":
stats["password"] = raw_input(
"Please enter a password for the HAproxy stats: ")
result = config_format('listen stats', False)
result += config_format('bind ' + bind_ip + ':' + str(stats["port"]))
result += config_format('mode http')
result += config_format('stats enable')
result += config_format('stats realm Protected\\ Area')
result += config_format('stats uri /')
result += config_format('stats auth ' + stats["user"] + ':' +
stats["password"])
result += os.linesep
return result
def generate_deadend(mode):
result = config_format('backend b_deadend_' + mode, False)
if mode == 'http':
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('option accept-invalid-http-response')
result += config_format('option http-server-close')
elif mode == 'https':
result += config_format('mode tcp')
result += config_format('option tcplog')
result += os.linesep
return result
def generate_deadend(mode):
result = config_format('backend b_deadend_' + mode, False)
if mode == 'http':
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('option accept-invalid-http-response')
result += config_format('option http-server-close')
elif mode == 'https':
result += config_format('mode tcp')
result += config_format('option tcplog')
result += os.linesep
return result
def generate_backend(proxy_name, mode, dest_addr, port, server_options, is_catchall):
result = config_format('backend b_' + proxy_name + '_' + mode, False)
if mode == 'http':
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('option accept-invalid-http-response')
elif mode == 'https':
result += config_format('mode tcp')
result += config_format('option tcplog')
if not is_catchall:
result += config_format('server ' + dest_addr + ' ' + dest_addr + ':' + str(port) + ' ' + server_options)
return result + os.linesep
def generate_backend(proxy_name, mode, dest_addr, port, server_options,
is_catchall):
result = config_format('backend b_' + proxy_name + '_' + mode, False)
if mode == 'http':
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('option accept-invalid-http-response')
elif mode == 'https':
result += config_format('mode tcp')
result += config_format('option tcplog')
if not is_catchall:
result += config_format('server ' + dest_addr + ' ' + dest_addr + ':' +
str(port) + ' ' + server_options)
return result + os.linesep
def generate_frontend(proxy_name, mode, bind_ip, current_port, is_catchall):
result = config_format('frontend f_' + proxy_name + '_' + mode, False)
result += config_format('bind ' + bind_ip + ':' + str(current_port))
if mode == 'http':
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('capture request header Host len 50')
result += config_format('capture request header User-Agent len 150')
elif mode == 'https':
result += config_format('mode tcp')
result += config_format('option tcplog')
if is_catchall:
result += config_format('tcp-request inspect-delay 5s')
result += config_format('tcp-request content accept if { req_ssl_hello_type 1 }')
if is_catchall:
result += config_format('default_backend b_deadend_' + mode)
else:
result += config_format('default_backend b_' + proxy_name + '_' + mode)
result += os.linesep
return result
def generate_defaults():
result = config_format('defaults', False)
result += config_format('maxconn 19500')
result += config_format('log global')
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('option abortonclose')
result += config_format('option http-server-close')
result += config_format('option persist')
result += config_format('timeout connect 20s')
result += config_format('timeout client 120s')
result += config_format('timeout server 120s')
result += config_format('timeout queue 120s')
result += config_format('timeout check 10s')
result += config_format('retries 3')
result += os.linesep
return result
def generate_frontend(proxy_name, mode, bind_ip, current_port, is_catchall):
result = config_format('frontend f_' + proxy_name + '_' + mode, False)
result += config_format('bind ' + bind_ip + ':' + str(current_port))
if mode == 'http':
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('capture request header Host len 50')
result += config_format('capture request header User-Agent len 150')
elif mode == 'https':
result += config_format('mode tcp')
result += config_format('option tcplog')
if is_catchall:
result += config_format('tcp-request inspect-delay 5s')
result += config_format(
'tcp-request content accept if { req_ssl_hello_type 1 }')
if is_catchall:
result += config_format('default_backend b_deadend_' + mode)
else:
result += config_format('default_backend b_' + proxy_name + '_' + mode)
result += os.linesep
return result
def generate_defaults():
result = config_format('defaults', False)
result += config_format('maxconn 19500')
result += config_format('log global')
result += config_format('mode http')
result += config_format('option httplog')
result += config_format('option abortonclose')
result += config_format('option http-server-close')
result += config_format('option persist')
result += config_format('timeout connect 20s')
result += config_format('timeout client 120s')
result += config_format('timeout server 120s')
result += config_format('timeout queue 120s')
result += config_format('timeout check 10s')
result += config_format('retries 3')
result += os.linesep
return result