-
Notifications
You must be signed in to change notification settings - Fork 57
pfsense_haproxy_backend_server
Frederic Bor edited this page Feb 9, 2020
·
5 revisions
> PFSENSE_HAPROXY_BACKEND_SERVER (/home/fbor/ansible/lib/ansible/modules/network/pfsense/pfsense_haproxy_backend_server.py)
Manage pfSense haproxy servers
* This module is maintained by The Ansible Community
OPTIONS (= is mandatory):
- address
IP or hostname of the backend (only resolved on start-up.)
[Default: (null)]
type: str
- advanced
Allows for adding custom HAProxy settings to the server. These are passed as written, use escaping where needed.
[Default: (null)]
type: str
= backend
The backend name.
type: str
- ca
SSL servers only, set the CA authority to check the server certificate against.
[Default: (null)]
type: str
- checkssl
This can be used with for example a LDAPS health-checks where LDAPS is passed along with mode TCP
[Default: (null)]
type: bool
- clientcert
SSL servers only, This certificate will be sent if the server send a client certificate request.
[Default: (null)]
type: str
- cookie
Persistence only, Used to identify server when cookie persistence is configured for the backend.
[Default: (null)]
type: str
- crl
SSL servers only, set the CRL to check revoked certificates.
[Default: (null)]
type: str
- forwardto
The name of the frontend to forward. When None, forwards to address and port
[Default: (null)]
type: str
- istemplate
If set, configures this server item as a template to provision servers from dns/srv responses.
[Default: (null)]
type: str
- maxconn
Tuning, If the number of incoming concurrent requests goes higher than this value, they will be queued
[Default: (null)]
type: int
- mode
How to use the server.
(Choices: active, backup, disabled, inactive)[Default: active]
type: str
= name
The server name.
type: str
- port
The port of the backend.
[Default: (null)]
type: int
- ssl
Should haproxy encrypt the traffic to the backend with SSL (commonly used with mode http on frontend and a port 443 on backend).
[Default: (null)]
type: bool
- sslserververify
SSL servers only, The server certificate will be verified against the CA and CRL certificate configured below.
[Default: (null)]
type: bool
- state
State in which to leave the backend server
(Choices: present, absent)[Default: present]
type: str
- verifyhost
SSL servers only, when set, must match the hostnames in the subject and subjectAlternateNames of the certificate provided by the server.
[Default: (null)]
type: str
- weight
A weight between 0 and 256, this setting can be used when multiple servers on different hardware need to be balanced with a different part the traffic. A server with weight 0 wont
get new traffic. Default if empty: 1
[Default: (null)]
type: int
AUTHOR: Frederic Bor (@f-bor)
METADATA:
status:
- preview
supported_by: community
EXAMPLES:
- name: Add backend server
pfsense_haproxy_backend_server:
backend: exchange
name: exchange.acme.org
address: exchange.acme.org
port: 443
state: present
- name: Remove backend server
pfsense_haproxy_backend_server:
backend: exchange
name: exchange.acme.org
state: absent
RETURN VALUES:
commands:
description: the set of commands that would be pushed to the remote device (if pfSense had a CLI)
returned: always
type: list
sample: [
"create haproxy_backend_server 'exchange.acme.org' on 'exchange', status='active', address='exchange.acme.org', port=443",
"delete haproxy_backend_server 'exchange.acme.org' on 'exchange'"
]