haproxy-wi/app/scripts/ansible/roles/haproxy/tasks/main.yml

---      
- name: check if HAProxy is installed Ubuntu
  package_facts:
    manager: "auto"
  

- name: populate service facts
  service_facts:

  
- name: install HAProxy {{HAPVER}}
  yum:
    name: 
      - http://repo.haproxy-wi.org/haproxy-{{HAPVER}}.el6.x86_64.rpm
      - socat
    state: present
  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ansible_facts['distribution_major_version']|int == 6 and HAPVER|length > 0
  register: install_result
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"
    
    
- name: install HAProxy {{HAPVER}}
  yum:
    name: 
      - http://repo.haproxy-wi.org/haproxy-{{HAPVER}}.el7.x86_64.rpm
      - socat
    state: present
  when: ((ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ansible_facts['distribution_major_version']|int == 7) and HAPVER|length > 0
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"
    
    
- name: set_fact from wi`
  set_fact:
    haproxy_from_wi: "yes"
  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ansible_facts['distribution_major_version']|int == 7 and HAPVER|length > 0
  
  
- name: install the latest version of HAProxy
  yum:
    name: 
      - haproxy
      - socat
    state: latest
  when: ((ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ansible_facts['distribution_major_version']|int != 7) or ("'FAILED' in install_result.stderr")
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"

    
- name: Install HAProxy
  apt:
    name: 
      - haproxy
      - socat
    state: present
  when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'Ubuntu'
  environment:
    http_proxy: "{{PROXY}}"
    https_proxy: "{{PROXY}}"
    
    
- name: Change wrong HAProxy service file
  template:
    src: haproxy.service.j2
    dest: /usr/lib/systemd/system/haproxy.service
    mode: 0644
  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and haproxy_from_wi is defined
  
  
- name: Enable and start service HAProxy
  systemd:
    name: haproxy
    daemon_reload: yes
    state: started
    enabled: yes
    force: no
  ignore_errors: yes
  when: "'haproxy' in ansible_facts.packages"
  

- name: Exiting  
  meta: end_play
  when: "'haproxy' in ansible_facts.packages"
    
    
- name: Get HAProxy version.
  command: haproxy -v
  register: haproxy_version_result
  changed_when: false
  check_mode: false
  
  
- name: Set HAProxy version.
  set_fact:
    haproxy_version: "{{ '1.5' if '1.5.' in haproxy_version_result.stdout else '1.6' }}"
    
    
- name: Open stat port for firewalld
  firewalld:
    port: "{{ item }}/tcp"
    state: enabled
    permanent: yes
    immediate: yes
  ignore_errors: yes
  when: ansible_facts.services["firewalld.service"]['state'] == "running"
  with_items:  [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}" ]
  
  
- name: Open stat port for iptables
  iptables:
    chain: INPUT
    destination_port: "{{ item }}"
    jump: ACCEPT
    protocol: tcp
  ignore_errors: yes
  with_items:  [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}" ]
  
  
- name: Copy HAProxy configuration in place.
  template:
    src: haproxy.cfg.j2
    dest: /etc/haproxy/haproxy.cfg
    mode: 0644
    validate: haproxy -f %s -c -q
  notify: restart haproxy
  
  
- name: Enable and start service HAProxy
  systemd:
    name: haproxy
    daemon_reload: yes
    state: started
    enabled: yes
    force: no
  ignore_errors: yes
  
  
- name: Add syn_flood tasks
  include: syn_flood.yml
  when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)