Premier commit

roles/s-lb-ab/files/haproxy.cfg

@@ -0,0 +1,55 @@
+global
+	log /dev/log	local0
+	log /dev/log	local1 notice
+	chroot /var/lib/haproxy
+	stats socket /run/haproxy/admin.sock mode 660 level admin
+	stats timeout 30s
+	user haproxy
+	group haproxy
+	daemon
+
+	# Default SSL material locations
+	ca-base /etc/ssl/certs
+	crt-base /etc/ssl/private
+
+	# Default ciphers to use on SSL-enabled listening sockets.
+	# For more information, see ciphers(1SSL). This list is from:
+	#  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
+	ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
+	ssl-default-bind-options no-sslv3
+
+defaults
+	log	global
+	mode	http
+	option	httplog
+	option	dontlognull
+        timeout connect 5000
+        timeout client  50000
+        timeout server  50000
+	errorfile 400 /etc/haproxy/errors/400.http
+	errorfile 403 /etc/haproxy/errors/403.http
+	errorfile 408 /etc/haproxy/errors/408.http
+	errorfile 500 /etc/haproxy/errors/500.http
+	errorfile 502 /etc/haproxy/errors/502.http
+	errorfile 503 /etc/haproxy/errors/503.http
+	errorfile 504 /etc/haproxy/errors/504.http
+
+frontend proxypublic
+	bind 192.168.100.10:80
+	default_backend fermeweb
+
+backend fermeweb
+	balance roundrobin
+	option httpclose
+	#option httpchk HEAD / HTTP/1.0
+	server s-lb-web1 192.168.101.1:80 check
+	server s-lb-web2 192.168.101.2:80 check
+
+
+listen stats
+	bind	*:8080
+	stats enable
+	stats uri /haproxy
+	stats auth admin:admin
+
+

roles/s-lb-ab/handlers/main.yml

@@ -0,0 +1,3 @@
+---
+ - name: restart haproxy
+   service: name=haproxy state=restarted

roles/s-lb-ab/tasks/main.yml

@@ -0,0 +1,11 @@
+---
+- name: Installation d'HAproxy
+  apt:
+    name:
+    - haproxy
+    state: present
+
+- name: Copie du fichier de configuration
+  copy: src=haproxy.cfg dest=/etc/haproxy/haproxy.cfg
+  notify:
+    - restart haproxy