feat: add error files

CHANGELOG.md

@@ -7,6 +7,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
 ### Added
 
+- add error files
 - use multiple ssl certificates on one frontend
 
 ## v1.1.0 - 2021-08-15

README.md

@@ -162,6 +162,33 @@ Install and configure haproxy
 		.....
 ```
 
+
+- `haproxy_http_errors` - hash with http error groups
+
+```
+  test:
+    503: test-503
+```
+
+- `haproxy_http_errors_file` - hash with http error files
+
+```
+  test-503: |
+    HTTP/1.1 503 Service Unavailable
+    Cache-Control: no-cache
+    Connection: close
+    Content-Type: text/html
+
+    <!DOCTYPE html>
+    <html lang="en">
+        <body>
+            <main>
+                This is my custom 503 page
+            </main>
+        </body>
+    </html>
+```
+
 ## How to use
 
 ```

defaults/main.yml

@@ -62,3 +62,5 @@ haproxy_ssl_certificates: {}
 haproxy_ips_lists: {}
 haproxy_resolvers: {}
 haproxy_userlists: {}
+haproxy_http_errors: {}
+haproxy_http_error_files: {}

meta/main.yml

@@ -1,6 +1,7 @@
 ---
 galaxy_info:
   role_name: haproxy
+  namespace: nishiki
   author: Adrien Waksberg
   description: Install and configure Haproxy
   company: Adrien Waksberg

molecule/default/converge.yml

@@ -4,6 +4,24 @@
   roles:
     - ansible-role-haproxy
   vars:
+    haproxy_http_errors:
+      test:
+        503: test
+    haproxy_http_error_files:
+      test: |
+        HTTP/1.1 503 Service Unavailable
+        Cache-Control: no-cache
+        Connection: close
+        Content-Type: text/html
+
+        <!DOCTYPE html>
+        <html lang="en">
+            <body>
+                <main>
+                    This is my custom 503 page
+                </main>
+            </body>
+        </html>
     haproxy_ssl_certificates:
       www-example-com: |
         -----BEGIN CERTIFICATE-----
@@ -45,6 +63,7 @@
           - acl_blacklist src -f /etc/haproxy/blacklist.list
           - acl_auth_path path -i /auth/
           - acl_auth http_auth(restricted)
+        errorfiles: test
         http-request:
           - auth realm restricted if acl_auth_path !acl_auth
           - return status 200 content-type "text/plain" string "Good" if acl_auth_path

molecule/default/tests/test_default.py

@@ -49,3 +49,8 @@ def test_auth(host):
   cmd = host.run('curl -v -u admin:badpassword http://127.0.0.1/auth/')
   assert cmd.succeeded
   assert '401 Unauthorized' in cmd.stdout
+
+def test_error_file(host):
+  cmd = host.run('curl -v http://127.0.0.1/')
+  assert cmd.succeeded
+  assert 'This is my custom 503 page' in cmd.stdout

tasks/main.yml

@@ -34,6 +34,27 @@
   notify: reload haproxy
   tags: haproxy
 
+- name: create http errors directory
+  ansible.builtin.file:
+    path: '/etc/haproxy/errors'
+    owner: root
+    group: root
+    mode: 0755
+    state: directory
+  tags: haproxy
+
+- name: copy http errors file
+  ansible.builtin.copy:
+    content: '{{ item.value }}'
+    dest: '/etc/haproxy/errors/{{ item.key }}.http'
+    owner: root
+    group: root
+    mode: 0644
+  loop: '{{ haproxy_http_error_files|dict2items }}'
+  loop_control:
+    label: '{{ item.key }}'
+  tags: haproxy
+
 - name: copy config file
   ansible.builtin.template:
     src: haproxy.cfg.j2

templates/haproxy.cfg.j2

@@ -53,6 +53,13 @@ resolvers {{ resolver }}
 {% endif %}
 {% endfor %}
 
+{% endfor %}
+{% for http_error_name, config in haproxy_http_errors.items() %}
+http-errors {{ http_error_name }}
+{% for status_code, file in config.items() %}
+	errorfile {{ status_code }} /etc/haproxy/errors/{{ file }}.http
+{% endfor %}
+
 {% endfor %}
 {% for userlist, config in haproxy_userlists.items() %}
 userlist {{ userlist }}