From d81d0a73070856a91088d8bc9a8fc7cbeff1cfd7 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Sun, 18 Sep 2022 22:37:56 +0200
Subject: [PATCH] haproxy config with better names

---
 etc/haproxy/haproxy.cfg | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/etc/haproxy/haproxy.cfg b/etc/haproxy/haproxy.cfg
index d466921..424d5df 100644
--- a/etc/haproxy/haproxy.cfg
+++ b/etc/haproxy/haproxy.cfg
@@ -144,7 +144,7 @@ frontend external
 
     http-response add-header X-Boost-Step1 "haproxy-external; client-https" if  { ssl_fc }
     http-response add-header X-Boost-Step1 "haproxy-external; client-http"  if !{ ssl_fc }
-    http-response set-header X-Boost-Server {{ ansible_hostname }}
+    http-response set-header X-Boost-Server my-hostname
 
     # Debug: Enable this to add a full log line in the response
     ### http-response add-header X-Haproxy-Log-external "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
@@ -160,15 +160,15 @@ frontend external
     use_backend letsencrypt if letsencrypt
 
 # BEGIN frontend_external section for site 'example'
-    acl example_domains hdr(host) -i example.com
-    acl example_domains2 hdr(host) -i example.org www.example.org
+    acl example_com_domains hdr(host) -i example.com
+    acl example_com_domains2 hdr(host) -i example.org www.example.org
     ### acl example_maintenance_ips src -f /etc/haproxy/example/maintenance_ips
 
     # Redirect to HTTPS without Let's Encrypt certificate
-    ### redirect scheme https code 301 if example_domains !{ ssl_fc }
+    ### redirect scheme https code 301 if example_com_domains !{ ssl_fc }
 
     # Redirect to HTTPS with Let's Encrypt certificate (exclude LE challenge from redirection)
-    ### redirect scheme https code 301 if example_domains !{ ssl_fc } !letsencrypt
+    ### redirect scheme https code 301 if example_com_domains !{ ssl_fc } !letsencrypt
 
     # Redirect a domain to another without Let's encrypt certificate
     ### redirect prefix https://example-to.org code 301 if { hdr(host) -i example-from.org }
@@ -177,20 +177,20 @@ frontend external
     ### redirect prefix https://example-to.org code 301 if { hdr(host) -i example-from.org } !letsencrypt
     
     # HSTS (31536000 seconds = 1 year)
-    ### http-response set-header Strict-Transport-Security max-age=31536000 if example_domains
+    ### http-response set-header Strict-Transport-Security max-age=31536000 if example_com_domains
 
-    # custom directives, all conditionned by at least the "example_domains" ACL
-    ### http-request deny if example_domains { src 1.2.3.4 }
+    # custom directives, all conditionned by at least the "example_com_domains" ACL
+    ### http-request deny if example_com_domains { src 1.2.3.4 }
 
-    # routing directives, all conditionned by (at least) the "example_domains" ACL
+    # routing directives, all conditionned by (at least) the "example_com_domains" ACL
     # Maintenance mode (### -> uncomment BUT define example_maintenance_ips acl before)
-    ### use_backend example_maintenance if example_domains !example_maintenance_ips !maintenance_ips
+    ### use_backend example_maintenance if example_com_domains !example_maintenance_ips !maintenance_ips
  
     # Use Varnish if available
-    use_backend varnish if example_domains varnish_available varnish_http_verb
+    use_backend varnish if example_com_domains varnish_available varnish_http_verb
 
     # … or use normal backend
-    use_backend example if example_domains
+    use_backend example_com if example_com_domains
 # END frontend_external section for site 'example'
 
     default_backend goto_internal
@@ -228,10 +228,10 @@ frontend internal
     # END HTTP tagging
 
 # BEGIN frontend_internal section for site 'example'
-    acl example_domains hdr(host) -i example.com
+    acl example_com_domains hdr(host) -i example.com
 
-    # routing directives, all conditionned by (at least) the "example_domains" ACL
-    use_backend example if example_domains
+    # routing directives, all conditionned by (at least) the "example_com_domains" ACL
+    use_backend example_com if example_com_domains
 # END frontend_internal section for site 'example'
 
 
@@ -240,7 +240,7 @@ backend varnish
     server varnish_sock /run/varnish.sock check observe layer7 maxconn 3000 inter 1s send-proxy-v2
 
 # BEGIN backend section for site 'example'
-backend example
+backend example_com
     errorfile 503 /etc/haproxy/sites/example/maintenance.http
     http-response set-header X-Boost-Proto https if  { ssl_bc }
     http-response set-header X-Boost-Proto http  if !{ ssl_bc }