reset molecule config

ansibleguy · May 25, 2024 · 55f3c6b · 55f3c6b
1 parent 179de51
commit 55f3c6b
Showing 1 changed file with 145 additions and 0 deletions.
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -1,5 +1,150 @@
 ---
 
+- name: Converge HAProxy with basic config
+  hosts: test-ag-haproxy-base
+  module_defaults:
+    ansible.builtin.setup:
+      gather_subset: ['distribution']
+  gather_facts: true
+
+  vars:
+    no_prompts: true
+
+    haproxy:
+      stats:
+        enable: true
+
+      frontends:
+        fe_web:
+          bind: ['[::]:80 v4v6']
+
+          routes:
+            be_test1:
+              domains: 'app.test.ansibleguy.net'
+
+            be_test2:
+              domains: ['app1.test.ansibleguy.net', 'app2.test.ansibleguy.net']
+              filter_ip: ['192.168.0.0/16', '172.16.0.0/12', '10.0.0.0/8']
+              filter_not_ip: ['192.168.100.0/22', '10.50.0.0/16']
+
+          default_backend: 'be_fallback'
+
+      backends:
+        be_test1:
+          sticky: true
+          servers:
+            - 'srv1 192.168.10.11:80'
+            - 'srv2 192.168.10.12:80'
+
+        be_test2:
+          servers:
+            - 'srv3 192.168.10.11:80'
+            - 'srv4 192.168.10.12:80'
+
+        be_fallback:
+          lines: 'http-request redirect code 302 location https://github.com/ansibleguy'
+
+  roles:
+    - ansibleguy.infra_haproxy
+
+# NOTE: not testing actual certificate creation
+- name: Converge HAProxy with ACME config
+  hosts: test-ag-haproxy-acme
+  module_defaults:
+    ansible.builtin.setup:
+      gather_subset: ['distribution']
+  gather_facts: true
+
+  vars:
+    no_prompts: true
+
+    haproxy:
+      acme:
+        enable: true
+        email: '[email protected]'
+        ca: 'letsencrypt-test'
+
+      frontends:
+        fe_web:
+          bind: ['[::]:80 v4v6', '[::]:443 v4v6 ssl']
+          acme:
+            enable: true
+
+          routes:
+            be_test:
+
+          default_backend: 'be_fallback'
+
+      backends:
+        be_test:
+          servers:
+            - 'srv-1 192.168.10.11:80'
+            - 'srv-2 192.168.10.12:80'
+
+        be_fallback:
+          lines: 'http-request redirect code 302 location https://github.com/ansibleguy'
+
+  roles:
+    - ansibleguy.infra_haproxy
+
+- name: Converge HAProxy with GeoIP config
+  hosts: test-ag-haproxy-geoip
+  module_defaults:
+    ansible.builtin.setup:
+      gather_subset: ['distribution']
+  gather_facts: true
+
+  vars:
+    no_prompts: true
+
+    haproxy:
+      geoip:
+        enable: true
+        token: "{{ geoip_key.stdout }}"
+
+      frontends:
+        fe_web:
+          bind: ['[::]:80 v4v6']
+          geoip:
+            enable: true
+            country: true
+            asn: true
+            as_name: true
+
+          routes:
+            be_test1:
+              domains: ['app1.test.ansibleguy.net']
+              filter_country: 'AT'
+              filter_asn: '1337'
+
+            be_test2:
+              domains: ['app2.test.ansibleguy.net']
+              filter_not_country: ['CN', 'RU', 'US']
+              filter_not_asn: ['100000', '120000']
+
+          default_backend: 'be_fallback'
+
+      backends:
+        be_test1:
+          servers: 'srv1 192.168.10.11:80'
+
+        be_test2:
+          servers: 'srv2 192.168.10.12:80'
+
+        be_fallback:
+          lines: 'http-request redirect code 302 location https://github.com/ansibleguy'
+
+  pre_tasks:
+    - name: Loading GeoIP Token
+      ansible.builtin.command: "cat {{ lookup('ansible.builtin.env', 'HOME') }}/.secret/geoip.key"
+      delegate_to: localhost
+      become: false
+      register: geoip_key
+      changed_when: false
+      check_mode: false
+
+  roles:
+    - ansibleguy.infra_haproxy
 
 - name: Converge HAProxy with WAF config
   hosts: test-ag-haproxy-waf