---
haproxy_latest_release: True
haproxy_version: 2.2
haproxy_repo_key: 'http://haproxy.debian.net/bernat.debian.org.gpg'
haproxy_debian_latest_repo: "deb http://haproxy.debian.net {{ ansible_lsb.codename }}-backports-{{ haproxy_version }} main"
haproxy_ubuntu_latest_repo: "ppa:vbernat/haproxy-{{ haproxy_version }}"
haproxy_pkg_state: present
haproxy_enabled: True
haproxy_k_bind_non_local_ip: True
haproxy_docker_container: False
haproxy_docker_version: '{{ haproxy_version }}.4'
haproxy_docker_image: 'haproxytech/haproxy-debian:{{ haproxy_version }}.4'
haproxy_docker_compose_dir: /srv/haproxy_swarm
haproxy_docker_restart_policy: 'on-failure'

haproxy_ha_with_keepalived: False
haproxy_docker_swarm_networks:
  - 'portainer_{{ docker_swarm_portainer_network }}'
haproxy_docker_swarm_additional_networks: []

haproxy_docker_swarm_haproxy_constraints:
  - 'node.role == manager'
haproxy_docker_swarm_additional_services: []
#  - { acl_name: 'service', acl_rule: 'hdr_dom(host) -i service.example.com', service_name: 'service-', service_replica_num: '1', service_port: '9999', service_overlay_network: 'service-network', allowed_networks: '192.168.1.0/24 192.168.2.0/24' }

haproxy_default_port: 80
haproxy_terminate_tls: False
haproxy_ssl_port: 443
haproxy_admin_port: 8880
haproxy_admin_socket: /run/haproxy/admin.sock

haproxy_letsencrypt_managed: True
haproxy_cert_dir: '{{ pki_dir }}/haproxy'

haproxy_install_additional_pkgs: False
haproxy_additional_pkgs:
  - haproxyctl
  - haproxy-log-analysis

haproxy_nagios_check: False
# It's a percentage
haproxy_nagios_check_w: 70
haproxy_nagios_check_c: 90

# Used by some other role as defaults, eg docker-swarm
haproxy_spread_checks: 5
haproxy_connect_timeout: 10s
haproxy_client_timeout: 120s
haproxy_server_timeout: 480s
haproxy_global_keepalive_timeout: 10s
haproxy_client_keepalive_timeout: 5184000s
haproxy_backend_maxconn: 2048
haproxy_check_interval: 3s
haproxy_check_timeout: 2s
haproxy_maxconns: 4096

haproxy_sysctl_conntrack_max: 131072