kolla-ansible/ansible/roles/loadbalancer/tasks/config.yml

---
- name: Ensuring config directories exist
  file:
    path: "{{ node_config_directory }}/{{ item.key }}"
    state: "directory"
    owner: "{{ config_owner_user }}"
    group: "{{ config_owner_group }}"
    mode: "0770"
  become: true
  with_dict: "{{ loadbalancer_services | select_services_enabled_and_mapped_to_host }}"

- name: Ensuring haproxy service config subdir exists
  vars:
    service: "{{ loadbalancer_services['haproxy'] }}"
  file:
    path: "{{ node_config_directory }}/haproxy/services.d"
    state: "directory"
    owner: "{{ config_owner_user }}"
    group: "{{ config_owner_group }}"
    mode: "0770"
  become: true
  when: service | service_enabled_and_mapped_to_host

- name: Ensuring proxysql service config subdirectories exist
  vars:
    service: "{{ loadbalancer_services['proxysql'] }}"
  file:
    path: "{{ node_config_directory }}/proxysql/{{ item }}"
    state: "directory"
    owner: "{{ config_owner_user }}"
    group: "{{ config_owner_group }}"
    mode: "0770"
  become: true
  with_items:
    - "users"
    - "rules"
  when: service | service_enabled_and_mapped_to_host

- name: Ensuring keepalived checks subdir exists
  vars:
    service: "{{ loadbalancer_services['keepalived'] }}"
  file:
    path: "{{ node_config_directory }}/keepalived/checks"
    state: "directory"
    owner: "{{ config_owner_user }}"
    group: "{{ config_owner_group }}"
    mode: "0770"
  become: true
  when: service | service_enabled_and_mapped_to_host

- name: Remove mariadb.cfg if proxysql enabled
  vars:
    service: "{{ loadbalancer_services['keepalived'] }}"
  file:
    path: "{{ node_config_directory }}/haproxy/services.d/mariadb.cfg"
    state: absent
  become: true
  when:
    - service | service_enabled_and_mapped_to_host
    - loadbalancer_services.proxysql.enabled | bool

- name: Removing checks for services which are disabled
  vars:
    service: "{{ loadbalancer_services['keepalived'] }}"
  file:
    path: "{{ node_config_directory }}/keepalived/checks/check_alive_{{ item.key }}.sh"
    state: absent
  become: true
  with_dict: "{{ loadbalancer_services }}"
  when:
    - keepalived_track_script_enabled | bool
    - item.key != 'keepalived'
    - item.key != 'haproxy-ssh'
    - not item.value.enabled | bool
      or not inventory_hostname in groups[item.value.group]
    - service | service_enabled_and_mapped_to_host

- name: Copying checks for services which are enabled
  vars:
    service: "{{ loadbalancer_services['keepalived'] }}"
  template:
    src: "keepalived/check_alive_{{ item.key }}.sh.j2"
    dest: "{{ node_config_directory }}/keepalived/checks/check_alive_{{ item.key }}.sh"
    mode: "0770"
  become: true
  with_dict: "{{ loadbalancer_services }}"
  when:
    - keepalived_track_script_enabled | bool
    - inventory_hostname in groups[item.value.group]
    - item.key != 'keepalived'
    - item.key != 'haproxy-ssh'
    - item.value.enabled | bool
    - service | service_enabled_and_mapped_to_host

- name: Copying over config.json files for services
  template:
    src: "{{ item.key }}/{{ item.key }}.json.j2"
    dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
    mode: "0660"
  become: true
  with_dict: "{{ loadbalancer_services | select_services_enabled_and_mapped_to_host }}"

- name: Copying over haproxy.cfg
  vars:
    service: "{{ loadbalancer_services['haproxy'] }}"
  template:
    src: "{{ item }}"
    dest: "{{ node_config_directory }}/haproxy/haproxy.cfg"
    mode: "0660"
  become: true
  when: service | service_enabled_and_mapped_to_host
  with_first_found:
    - "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_main.cfg"
    - "{{ node_custom_config }}/haproxy/haproxy_main.cfg"
    - "haproxy/haproxy_main.cfg.j2"

- name: Copying over proxysql config
  vars:
    service: "{{ loadbalancer_services['proxysql'] }}"
  template:
    src: "{{ item }}"
    dest: "{{ node_config_directory }}/proxysql/proxysql.yaml"
    mode: "0660"
  become: true
  when: service | service_enabled_and_mapped_to_host
  with_first_found:
    - "{{ node_custom_config }}/proxysql/{{ inventory_hostname }}/proxysql.yaml"
    - "{{ node_custom_config }}/proxysql/proxysql.yaml"
    - "proxysql/proxysql.yaml.j2"

- name: Copying over haproxy single external frontend config
  vars:
    service: "{{ loadbalancer_services['haproxy'] }}"
  template:
    src: "haproxy/haproxy_external_frontend.cfg.j2"
    dest: "{{ node_config_directory }}/haproxy/services.d/external-frontend.cfg"
    mode: "0660"
  become: true
  when:
    - service | service_enabled_and_mapped_to_host
    - haproxy_single_external_frontend | bool

- name: Copying over custom haproxy services configuration
  vars:
    service: "{{ loadbalancer_services['haproxy'] }}"
  template:
    src: "{{ item }}"
    dest: "{{ node_config_directory }}/haproxy/services.d/"
    mode: "0660"
  become: true
  when: service | service_enabled_and_mapped_to_host
  with_fileglob:
    - "{{ node_custom_config }}/haproxy/services.d/*.cfg"

- name: Copying over keepalived.conf
  vars:
    service: "{{ loadbalancer_services['keepalived'] }}"
  template:
    src: "{{ item }}"
    dest: "{{ node_config_directory }}/keepalived/keepalived.conf"
    mode: "0660"
  become: true
  when: service | service_enabled_and_mapped_to_host
  with_first_found:
    - "{{ node_custom_config }}/keepalived/{{ inventory_hostname }}/keepalived.conf"
    - "{{ node_custom_config }}/keepalived/keepalived.conf"
    - "keepalived/keepalived.conf.j2"

- include_tasks: copy-certs.yml
  when:
    - loadbalancer_copy_certs

- name: Copying over haproxy start script
  vars:
    service: "{{ loadbalancer_services['haproxy'] }}"
  template:
    src: "{{ item }}"
    dest: "{{ node_config_directory }}/haproxy/haproxy_run.sh"
    mode: "0770"
  become: true
  when: service | service_enabled_and_mapped_to_host
  with_first_found:
    - "{{ node_custom_config }}/haproxy/{{ inventory_hostname }}/haproxy_run.sh"
    - "{{ node_custom_config }}/haproxy/haproxy_run.sh"
    - "haproxy/haproxy_run.sh.j2"

- name: Copying over proxysql start script
  vars:
    service: "{{ loadbalancer_services['proxysql'] }}"
  template:
    src: "{{ item }}"
    dest: "{{ node_config_directory }}/proxysql/proxysql_run.sh"
    mode: "0770"
  become: true
  when: service | service_enabled_and_mapped_to_host
  with_first_found:
    - "{{ node_custom_config }}/proxysql/{{ inventory_hostname }}/proxysql_run.sh"
    - "{{ node_custom_config }}/proxysql/proxysql_run.sh"
    - "proxysql/proxysql_run.sh.j2"

- name: Copying files for haproxy-ssh
  vars:
    service: "{{ loadbalancer_services['haproxy-ssh'] }}"
  template:
    src: "{{ item.src }}"
    dest: "{{ node_config_directory }}/haproxy-ssh/{{ item.dest }}"
    mode: "0600"
  become: true
  with_items:
    - { src: "haproxy-ssh/sshd_config.j2", dest: "sshd_config" }
    - { src: "haproxy-ssh/id_rsa.pub", dest: "id_rsa.pub" }
  when: service | service_enabled_and_mapped_to_host