Add the acl whitelist in haproxy backend config

olexiyb · Jun 11, 2018 · 1e58ac4 · 1e58ac4
1 parent 6ea8ccc
commit 1e58ac4
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/roles/loadbalancer/templates/haproxy.cfg.j2 b/roles/loadbalancer/templates/haproxy.cfg.j2
@@ -42,8 +42,7 @@ frontend iri_front
     option log-separate-errors
     option http-buffer-request
 
-    # Define source whitelist
-{% if haproxy_whitelist_file is defined %} 
+    # Define source whitelist{% if haproxy_whitelist_file is defined %} 
     acl whitelist src -f {{ haproxy_whitelist_file }}
 {% else %}
     acl whitelist src {{ haproxy_whitelist | join(" ") }}
@@ -110,6 +109,12 @@ backend iri_back
     timeout server-fin 5m
     filter compression
 
+# Define source whitelist{% if haproxy_whitelist_file is defined %}
+    acl whitelist src -f {{ haproxy_whitelist_file }}
+{% else %}
+    acl whitelist src {{ haproxy_whitelist | join(" ") }}
+{% endif %}
+
     stick-table type ip size 200k expire 30s store conn_rate(3s),http_req_rate(10s),conn_cur,sess_rate(3s)
 
     # dynamic stuff for frontend + raise gpc0 counter