From f6ffb1ceeff3c32d104890658331d4fa3103ebea Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Fri, 17 Jan 2020 22:56:45 +0000
Subject: [PATCH] Template haproxy better

---
 ansible/group_vars/all/haproxy.yml      |  3 ++
 ansible/roles/gateway/files/haproxy.cfg | 16 +++++-----
 ansible/roles/gateway/tasks/haproxy.yml | 40 +++++++++++++------------
 3 files changed, 31 insertions(+), 28 deletions(-)

diff --git a/ansible/group_vars/all/haproxy.yml b/ansible/group_vars/all/haproxy.yml
index d248b04..c7d1a4a 100644
--- a/ansible/group_vars/all/haproxy.yml
+++ b/ansible/group_vars/all/haproxy.yml
@@ -1,4 +1,7 @@
 haproxy:
+  exposed_ports:
+    - 8448
+    - 4242
   stats_pass: !vault |
     $ANSIBLE_VAULT;1.1;AES256
     61356632383432353833616431393962613037646634656133316135363465313962663061633830
diff --git a/ansible/roles/gateway/files/haproxy.cfg b/ansible/roles/gateway/files/haproxy.cfg
index a5781c2..28c586d 100644
--- a/ansible/roles/gateway/files/haproxy.cfg
+++ b/ansible/roles/gateway/files/haproxy.cfg
@@ -40,7 +40,7 @@ defaults
 listen https
 	bind *:443
 	mode tcp
-	server default {{ wireguard.intersect.ip }}:443 check send-proxy
+	server default {{ wireguard.clients.intersect.ip }}:443 send-proxy
 
 listen http
 	bind *:80
@@ -48,15 +48,13 @@ listen http
 	stats show-node
 	stats uri /haproxy
 	stats auth stats:{{ haproxy.stats_pass }}
-	server default {{ wireguard.intersect.ip }}:80 check
+	server default {{ wireguard.clients.intersect.ip }}:80 check
 
+{% for port in haproxy.exposed_ports %}
 
-listen matrix
-	bind *:8448
+listen expose_{{ port }}
+	bind *:{{ port }}
 	mode tcp
-	server default {{ wireguard.clients.intersect.ip }}:8448 check
+	server default {{ wireguard.clients.intersect.ip }}:{{ port }}
 
-listen gitea
-	bind *:3022
-	mode tcp
-	server default {{ wireguard.clients.intersect.ip }}:3022 check
+{% endfor %}
diff --git a/ansible/roles/gateway/tasks/haproxy.yml b/ansible/roles/gateway/tasks/haproxy.yml
index c3854a5..f0dacd2 100644
--- a/ansible/roles/gateway/tasks/haproxy.yml
+++ b/ansible/roles/gateway/tasks/haproxy.yml
@@ -1,21 +1,23 @@
-# - name: Install Haproxy
-#   apt:
-#     name: haproxy
-#   become: true
-#   become_user: root
+- name: Install Haproxy
+  apt:
+    name: haproxy
+  become: true
+  become_user: root
 
-# - name: Haproxy config
-#   template:
-#     src: files/haproxy.cfg
-#     dest: /etc/haproxy/haproxy.cfg
-#     validate: /usr/sbin/haproxy -c -- %s
-#     backup: yes
-#   become: true
-#   become_user: root
-#   register: haproxy_config
+- name: Haproxy config
+  template:
+    src: files/haproxy.cfg
+    dest: /etc/haproxy/haproxy.cfg
+    validate: /usr/sbin/haproxy -c -- %s
+    backup: yes
+  become: true
+  become_user: root
+  register: haproxy_config
 
-# - name: Restart Haproxy
-#   service:
-#     name: haproxy
-#     state: reloaded
-#   when: haproxy_config.changed
+- name: Restart Haproxy
+  service:
+    name: haproxy
+    state: restarted
+  become: true
+  become_user: root
+  when: haproxy_config.changed