#!/bin/bash HAPROXY_CFG_DIR="/etc/haproxy" HAPROXY_CFG="$HAPROXY_CFG_DIR/haproxy.cfg" HAPROXY_SERVICE_DIR="$HAPROXY_CFG_DIR/services" set -e sudo mkdir -p $HAPROXY_SERVICE_DIR sudo cp $HAPROXY_CFG $HAPROXY_CFG.bak AUTOCONFIG_BEGIN="# === BEGIN autoconfig ===" AUTOCONFIG_END="# === END autoconfig ===" sudo sed -i "/$AUTOCONFIG_BEGIN/,/$AUTOCONFIG_END/d" $HAPROXY_CFG echo "$AUTOCONFIG_BEGIN" | sudo tee -a $HAPROXY_CFG > /dev/null if [ -z "$(ls -A $HAPROXY_SERVICE_DIR 2>/dev/null)" ]; then echo "No services found under $HAPROXY_SERVICE_DIR. Skipping autoconfig." echo "$AUTOCONFIG_END" | sudo tee -a $HAPROXY_CFG > /dev/null sudo systemctl restart haproxy exit 0 fi # general http redirect echo "Generating http redirect config.." HTTP_REDIRECT=$(cat < /dev/null # Frontend https config echo "Generating frontend https config.." HTTPS_BEGIN="# === BEGIN autoconfig https ===" HTTPS_END="# === END autoconfig https ===" BIND_LINE=" bind *:443 ssl" for cert_file in $HAPROXY_SERVICE_DIR/*/cert.block; do while IFS= read -r line; do [[ -z "$line" || "$line" == \#* ]] && continue BIND_LINE+=" $line" done < "$cert_file" done BIND_LINE+=" alpn h2,http/1.1" ACL_BLOCK="" for acl_file in $HAPROXY_SERVICE_DIR/*/acl.block; do while IFS= read -r line; do [[ -z "$line" ]] && continue ACL_BLOCK+=" $line"$'\n' done < "$acl_file" done HTTPS_CONFIG=$(cat < /dev/null # Per service backend config echo "Generating per service backend config" BACKEND_BEGIN="# === BEGIN autoconfig backends ===" BACKEND_END="# === END autoconfig backends ===" BACKEND_BLOCK="" for backend_file in $HAPROXY_SERVICE_DIR/*/backend.block; do while IFS= read -r line; do BACKEND_BLOCK+="$line"$'\n' done < "$backend_file" BACKEND_BLOCK+=$'\n' done BACKEND_CONFIG=$(cat < /dev/null echo "$AUTOCONFIG_END" | sudo tee -a $HAPROXY_CFG > /dev/null echo "Config complete. restart haproxy." sudo systemctl restart haproxy