Allow to disable the haproxy whitelist file

olexiyb · Jun 11, 2018 · 9e49b07 · 9e49b07
1 parent b52ff7a
commit 9e49b07
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/group_vars/all/lb.yml b/group_vars/all/lb.yml
@@ -29,9 +29,9 @@ haproxy_min_version: 3
 # A list of IPs to whitelist on haproxy
 # The IPs in this list will override command
 # limitations and rate limiting rules.
-# If you comment this line, the list of IPs below
-# will be written to the haproxy config and managed
-# in the haroxy config file only.
+# If you comment this line, or set the value to `False`,
+# the list of IPs below will be written to the haproxy
+# config and managed in the haroxy config file only.
 haproxy_whitelist_file: /etc/haproxy/whitelist.lst
 
 # A list of IPs to whitelist on haproxy

diff --git a/roles/loadbalancer/templates/haproxy.cfg.j2 b/roles/loadbalancer/templates/haproxy.cfg.j2
@@ -42,7 +42,7 @@ frontend iri_front
     option log-separate-errors
     option http-buffer-request
 
-{% if haproxy_whitelist_file is defined %} 
+{% if haproxy_whitelist_file is defined and haproxy_whitelist_file|bool != False %}
     acl whitelist src -f {{ haproxy_whitelist_file }}
 {% else %}
     acl whitelist src {{ haproxy_whitelist | join(" ") }}
@@ -109,7 +109,7 @@ backend iri_back
     timeout server-fin 5m
     filter compression
 
-{% if haproxy_whitelist_file is defined %}
+{% if haproxy_whitelist_file is defined and haproxy_whitelist_file|bool != False %}
     acl whitelist src -f {{ haproxy_whitelist_file }}
 {% else %}
     acl whitelist src {{ haproxy_whitelist | join(" ") }}