[FEATURE REQUEST] Custom defaults, frontend and backend configuration

[rafamiga]

I use your setup for docker containers. Looks respectable but since I rely on haproxy for my other projects I'd like to have my "own" common logging setup. Currently, there's no way to do it.

My request is to add extra configuration for:

• options,
• defaults,
• frontend,
• backend.,

Here's my proposal for addind extra configuration to those configuration sections.

      easyhaproxy.wiki.host: wiki.example.org,wiki.example.org:1080
      easyhaproxy.wiki.options.extra: |
        stats socket /sockets/hadmin.sock mode 660 level admin
        nbthread 16
      easyhaproxy.wiki.defaults.extra: |
        timeout connect 5s
        timeout client  50s
        timeout server  5s
        maxconn 1000000
        timeout client-fin 5s
        unique-id-format %{+X}o\ %cp-%ci-%Ts-%H-%rt-%ms
        unique-id-header X-Unique-ID
        log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r %ID"
      easyhaproxy.wiki.frontend.extra: |
        acl wirki_blacklist src 10.20.30.0/24
        tcp-request connection reject if !wiki_blacklist
      easyhaproxy.wiki.backend.extra: |
        acl wiki_burstable src 192.168.0.0/16
        acl wiki_burstable src 10.0.0.0/8
        acl wiki_burstable src 172.16.0.0/12
        http-request track-sc0 src
        http-request deny deny_status 429 if { sc_http_req_rate(0) gt 33 } !wiki_burstable
        http-response add-header Connection close

[byjg]

Hello, EasyHAProxy support multiple configuration files already.

It allows you setup your custom files and map them internally following the rules defined by the haproxy -f parameter.

Let me know if it works for you.

Links:

• https://github.com/byjg/docker-easy-haproxy/blob/master/docs/other.md#mapping-custom-cfg-files
• https://docs.haproxy.org/2.8/management.html#3-where

[rafamiga]

Nope, this is not the solution. Two reasons:

1. It does not work for backends as you'd have to know the backend name beforehand.
2. It does not work for frontends and defaults. Extra config files overwrite main config file:

Try this:

$ cat conf.d/custom-log.cfg
defaults
        unique-id-format %{+X}o\ %cp-%ci-%Ts-%H-%rt-%ms
        unique-id-header X-Unique-ID
        log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r %ID"

frontend http_in_80
        capture request header Host len 30
        capture request header X-Forwarded-For len 30
        capture request header Referer len 30
        capture request header User-Agent len 30

You'll find that the container does not accept connections anymore since the whole frontend http_in_80 configuration is replaced.

I think the idea behind haproxy's multiple config files [multiple -f <file.cfg> switches] is to break configuration into modules, not to merge them.

[byjg]

All right, no problem. So I am gonna stick with your solutions. Make more sense, since the frontend and backend are dynamics.

Let me think about it. I'll be back with something in a few days.

[byjg]

Quick question:
What do you think in the "extra" configuration becomes a plugin? This way, we can more control over the configuration being applied.

Here is the main idea:
https://github.com/users/byjg/projects/1?pane=issue&itemId=9425372

[rafamiga]

That's OK as long as it's easy to configure.