From 4d94864c93893cd043769019bdb568ff4d8e374b Mon Sep 17 00:00:00 2001 From: Frank Wall Date: Sat, 20 Nov 2021 00:44:32 +0100 Subject: [PATCH] net/haproxy: support unix sockets as server addresses, refs #2040 --- .../OPNsense/HAProxy/forms/dialogServer.xml | 12 ++++++++++++ .../app/models/OPNsense/HAProxy/HAProxy.xml | 18 +++++++++++++++++- .../templates/OPNsense/HAProxy/haproxy.conf | 18 +++++++++++++++++- 3 files changed, 46 insertions(+), 2 deletions(-) diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml index 1436580cf..01b71a120 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml @@ -67,9 +67,21 @@ Type option name or choose from list. + + + header + + + + server.unix_socket + + dropdown + Select the frontend that provides the UNIX socket. This UNIX socket will be used as the server's address, making it possible to send connections to this frontend. Only frontends that provide the unix@ pattern as listen address can be selected. + header + server.port diff --git a/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml b/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml index d1a80ce55..009938fc3 100644 --- a/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml +++ b/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml @@ -1,6 +1,6 @@ //OPNsense/HAProxy - 3.3.0 + 3.4.0 the HAProxy load balancer @@ -1251,6 +1251,7 @@ static + unix socket @@ -1342,6 +1343,21 @@ N + + + + + Related frontend item not found + N + N + diff --git a/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf b/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf index f74430cb4..bfe118cb9 100644 --- a/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf +++ b/net/haproxy/src/opnsense/service/templates/OPNsense/HAProxy/haproxy.conf @@ -1657,13 +1657,29 @@ backend {{backend.name}} # ERROR: server data not found ({{server}}) {% else %} {# # check if all required server parameters are set #} -{% if (server_data.type|default("") == 'static' and server_data.address|default("") == '') or (server_data.type|default("") == 'template' and (server_data.serviceName|default("") == '' or server_data.number|default("") == '')) %} +{% if (server_data.type|default("") == 'static' and server_data.address|default("") == '') or (server_data.type|default("") == 'template' and (server_data.serviceName|default("") == '' or server_data.number|default("") == '')) or (server_data.type|default("") == 'unix' and server_data.unix_socket|default("") == '') %} # ERROR: server is invalid, required parameters not set ({{server_data.name}}) {% else %} {# # server type #} {% set server_basics = [] %} {% if server_data.type|default("") == 'template' %} {% do server_basics.append('server-template ' ~ server_data.name ~ ' ' ~ server_data.number ~ ' ' ~ server_data.serviceName) %} +{% elif server_data.type|default("") == 'unix' %} +{# # extract unix socket information from frontend #} +{% set frontend_data = helpers.getUUID(server_data.unix_socket) %} +{% set socket_path = "" %} +{% for bind in frontend_data.bind.split(",") %} +{# # check if this is a unix socket #} +{% set unix_bind = bind | regex_replace ("^unix@.*","TRUE") %} +{% if unix_bind == "TRUE" %} +{# # extract socket name and add full path #} +{% set socket_name = bind | regex_replace ("^unix@","") %} +{% set socket_path = "unix@/tmp/haproxy/sockets/" ~ socket_name %} +{% do server_basics.append('server ' ~ server_data.name ~ ' ' ~ socket_path) %} +{# # only the first unix socket is considered #} +{% break %} +{% endif %} +{% endfor %} {% else %} {% do server_basics.append('server ' ~ server_data.name ~ ' ' ~ server_data.address) %} {% endif %}