mirror of
https://gitgud.io/fatchan/haproxy-protection.git
synced 2024-10-18 10:24:05 +00:00
Cleanup server registration and fix for Haproxy 3.0 because newline delimited commands are rejected. Now must be separated by semicolon.
This commit is contained in:
parent
f7dc984d60
commit
a0ff482b17
@ -20,30 +20,28 @@ function setup_servers()
|
|||||||
local counter = 1
|
local counter = 1
|
||||||
-- NOTE: using tcp socket to interact with runtime API because lua can't add servers
|
-- NOTE: using tcp socket to interact with runtime API because lua can't add servers
|
||||||
local tcp = core.tcp();
|
local tcp = core.tcp();
|
||||||
tcp:settimeout(1);
|
tcp:settimeout(10);
|
||||||
tcp:connect("127.0.0.1", 2000); --TODO: configurable port
|
tcp:connect("127.0.0.1", 2000); --TODO: configurable port
|
||||||
while line do
|
while line do
|
||||||
local domain, backend_host = line:match("([^%s]+)%s+([^%s]+)")
|
local domain, backend_host = line:match("([^%s]+)%s+([^%s]+)")
|
||||||
print("reading line hosts.map: domain="..domain..",backend_host="..backend_host)
|
|
||||||
local new_map_value = server_prefix..counter
|
local new_map_value = server_prefix..counter
|
||||||
local existing_map_value = backends_map:lookup(domain)
|
local existing_map_value = backends_map:lookup(domain)
|
||||||
if existing_map_value ~= nil then
|
if existing_map_value ~= nil then
|
||||||
print("existing_map_value: "..existing_map_value)
|
|
||||||
current_backends = utils.split(existing_map_value, ",")
|
current_backends = utils.split(existing_map_value, ",")
|
||||||
if not utils.contains(current_backends, new_map_value) then
|
if not utils.contains(current_backends, new_map_value) then
|
||||||
new_map_value = new_map_value .. "," .. existing_map_value
|
new_map_value = new_map_value .. "," .. existing_map_value
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
print("setting entry hosts.map: domain="..domain..",new_map_value="..new_map_value)
|
print("setting hosts.map "..domain.." "..new_map_value)
|
||||||
core.set_map("/etc/haproxy/map/backends.map", domain, new_map_value)
|
core.set_map("/etc/haproxy/map/backends.map", domain, new_map_value)
|
||||||
local server_name = "servers/websrv"..counter
|
local server_name = "servers/websrv"..counter
|
||||||
--NOTE: if you have a proper CA setup,
|
--NOTE: if you have a proper CA setup,
|
||||||
if verify_backend_ssl ~= nil then
|
if verify_backend_ssl ~= nil then
|
||||||
tcp:send(string.format("add server %s %s check ssl verify required ca-file ca-certificates.crt sni req.hdr(Host)\n", server_name, backend_host))
|
tcp:send(string.format("add server %s %s check ssl verify required ca-file ca-certificates.crt sni req.hdr(Host);", server_name, backend_host))
|
||||||
else
|
else
|
||||||
tcp:send(string.format("add server %s %s\n", server_name, backend_host))
|
tcp:send(string.format("add server %s %s;", server_name, backend_host))
|
||||||
end;
|
end
|
||||||
tcp:send(string.format("enable server %s\n", server_name))
|
tcp:send(string.format("enable server %s;", server_name))
|
||||||
line = handle:read("*line")
|
line = handle:read("*line")
|
||||||
counter = counter + 1
|
counter = counter + 1
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user