Fix HAProxy configuration issues and add blocked backend
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 50s
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 50s
**Problems Fixed:** - Remove invalid 'http-request set-status' directive (not supported in HAProxy 3.0.11) - Replace with proper blocked backend using 'http-request return' - Add blocked backend template for serving blocked page with 403 status **Changes Made:** - Create hap_blocked_backend.tpl template for blocked IPs - Update hap_listener.tpl to use blocked-backend instead of invalid status setting - Modify haproxy_manager.py to include blocked backend in config generation - Add blocked_ip_page.html copying to HAProxy directory during config generation **Technical Details:** - HAProxy 3.0.11 doesn't support 'http-request set-status' directive - Use 'http-request return status 403 content-type text/html file' instead - Blocked IPs now get proper 403 status with custom HTML page - Configuration validation should now pass without errors **Testing:** - HAProxy configuration validation should succeed - Blocked IPs should see custom page with 403 status - All existing functionality maintained 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
@@ -984,6 +984,20 @@ backend default-backend
|
||||
option http-server-close
|
||||
server default-page 127.0.0.1:8080'''
|
||||
config_parts.append(fallback_backend)
|
||||
|
||||
# Add Blocked Backend
|
||||
try:
|
||||
blocked_backend = template_env.get_template('hap_blocked_backend.tpl').render()
|
||||
config_parts.append(blocked_backend)
|
||||
except Exception as e:
|
||||
logger.error(f"Error generating blocked backend: {e}")
|
||||
# Fallback to a simple blocked backend
|
||||
fallback_blocked_backend = '''# Backend for blocked IPs
|
||||
backend blocked-backend
|
||||
mode http
|
||||
http-request return status 403 content-type text/html file /etc/haproxy/blocked_ip_page.html'''
|
||||
config_parts.append(fallback_blocked_backend)
|
||||
|
||||
# Add Backends
|
||||
config_parts.append('\n' .join(config_backends) + '\n')
|
||||
# Write complete configuration to tmp
|
||||
@@ -991,6 +1005,18 @@ backend default-backend
|
||||
|
||||
config_content = '\n'.join(config_parts)
|
||||
logger.debug("Generated HAProxy configuration")
|
||||
|
||||
# Copy blocked IP page HTML to HAProxy directory
|
||||
try:
|
||||
blocked_html_source = os.path.join(TEMPLATE_DIR, 'blocked_ip_page.html')
|
||||
blocked_html_dest = '/etc/haproxy/blocked_ip_page.html'
|
||||
if os.path.exists(blocked_html_source):
|
||||
shutil.copy2(blocked_html_source, blocked_html_dest)
|
||||
logger.debug("Blocked IP page HTML copied to HAProxy directory")
|
||||
else:
|
||||
logger.warning(f"Blocked IP page HTML not found at {blocked_html_source}")
|
||||
except Exception as e:
|
||||
logger.error(f"Failed to copy blocked IP page HTML: {e}")
|
||||
|
||||
# Write complete configuration to tmp
|
||||
# Write new configuration to file
|
||||
|
||||
Reference in New Issue
Block a user