ansible-debops-infrastructure

DebOps and Ansible scripts to manage my infrastructure
git clone git://git.erethon.com/ansible-debops-infrastructure
Log | Files | Refs
commit 2284efc8c90b293d51119b1a97df3e2d1314c5f7
parent 4775644da9dae27a32f6ff7c4fd97a8c50e7b0ff
Author: Dionysis Grigoropoulos <dgrig@erethon.com>
Date:   Tue, 11 Dec 2018 21:44:07 +0200

haproxy: Add settings for buildbot.erethon.com

Diffstat:

ansible/inventory/host_vars/spinny/haproxy.yml | 7++++++-


ansible/roles/haproxy/templates/haproxy.cfg.j2 | 10++++++++++


2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/ansible/inventory/host_vars/spinny/haproxy.yml b/ansible/inventory/host_vars/spinny/haproxy.yml
@@ -3,7 +3,12 @@
 prosody__public_ip: '163.172.24.171'
 prosody__private_ip: '192.168.122.2'
 static__private_ip: '192.168.122.2'
+buildbot__private_ip: '192.168.122.57'
 
 certs__names: ['f.erethon.com', 'chat.erethon.com', 'grafana.erethon.com',
                'capitalism.erethon.com', 'blog.erethon.com', 'erethon.com',
-               'www.plothopes.com', 'about.erethon.com', 'git.erethon.com']
+               'www.plothopes.com', 'about.erethon.com', 'git.erethon.com',
+               'buildbot.erethon.com']
+
+buildbot__username: '{{ lookup("password", secret + "/credentials/spinny.erethon.com/haproxy/username") }}'
+buildbot__password: '{{ lookup("password", secret + "/credentials/spinny.erethon.com/haproxy/password") }}'
diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2
@@ -28,6 +28,9 @@ defaults
     errorfile 503 /etc/haproxy/errors/503.http
     errorfile 504 /etc/haproxy/errors/504.http
 
+userlist buildbotusers
+    user {{ buildbot__username }} password {{ buildbot__password }}
+
 frontend prosody_muc
     bind {{ prosody__public_ip }}:5269
     mode tcp
@@ -53,6 +56,7 @@ frontend ssl
     use_backend f.erethon.com if { hdr(host) -i f.erethon.com }
     use_backend grafana.erethon.com if { hdr(host) -i grafana.erethon.com }
     use_backend static if { hdr(host) -i capitalism.erethon.com -i hacked.erethon.com -i erethon.com -i www.erethon.com -i blog.erethon.com -i about.erethon.com -i git.erethon.com }
+    use_backend buildbot if { hdr(host) -i buildbot.erethon.com }
 
 backend plothopes
     mode http
@@ -70,6 +74,12 @@ backend static
     mode http
     server webd {{ static__private_ip }}:80
 
+backend buildbot
+    mode http
+    acl authbuildbotusers http_auth(buildbotusers)
+    http-request auth realm buildbotrealm if !authbuildbotusers
+    server obsd001 {{ buildbot__private_ip }}:8010
+
 backend local
     mode http
     server local 127.0.0.1:8080