aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorPiBa-NL <pba_2k3@yahoo.com>2013-12-29 15:04:30 +0100
committerPiBa-NL <pba_2k3@yahoo.com>2013-12-29 15:04:30 +0100
commit55d0f4d0d4a48da8c47a5da8a97cb4c00bb067b1 (patch)
tree7276a87c5d1a9d01bf0d731b5cff5b0577c39037 /config
parent375b270c9f5ddc5c488f8f79b61130c1913f0e2d (diff)
downloadpfsense-packages-55d0f4d0d4a48da8c47a5da8a97cb4c00bb067b1.tar.gz
pfsense-packages-55d0f4d0d4a48da8c47a5da8a97cb4c00bb067b1.tar.bz2
pfsense-packages-55d0f4d0d4a48da8c47a5da8a97cb4c00bb067b1.zip
haproxy-devel, - use a separate directory for testing the new configuration
- move "/usr/bin/limits" download to package installation
Diffstat (limited to 'config')
-rw-r--r--config/haproxy-devel/haproxy.inc52
1 files changed, 28 insertions, 24 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index 8531d95a..5e798dc2 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -36,7 +36,6 @@ require_once("haproxy_utils.inc");
require_once("haproxy_xmlrpcsyncclient.inc");
$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty";
-$haproxy_confpath = "{$g['varetc_path']}/haproxy";
$a_acltypes = array();
$a_acltypes["host_starts_with"] = array('name' => 'Host starts with',
@@ -134,6 +133,12 @@ function haproxy_custom_php_install_command() {
global $g, $config;
conf_mount_rw();
+ $freebsd_version = substr(trim(`uname -r`), 0, 1);
+ if(!file_exists("/usr/bin/limits")) {
+ exec("fetch -q -o /usr/bin/limits http://files.pfsense.org/extras/{$freebsd_version}/limits");
+ exec("chmod a+rx /usr/bin/limits");
+ }
+
$haproxy = <<<EOD
#!/bin/sh
@@ -313,7 +318,7 @@ EOD;
write_config("haproxy, update xml config version");
conf_mount_ro();
-
+
exec("/usr/local/etc/rc.d/haproxy.sh start");
}
@@ -530,17 +535,18 @@ function write_backend($fd, $name, $pool, $frontend) {
}
function haproxy_configure() {
- global $g, $haproxy_confpath;
+ global $g;
// reload haproxy
- haproxy_writeconf("{$haproxy_confpath}/haproxy.cfg");
+ haproxy_writeconf("{$g['varetc_path']}/haproxy");
return haproxy_check_run(1);
}
function haproxy_check_and_run(&$messages, $reload) {
- global $g, $haproxy_confpath;
- $configname = "{$haproxy_confpath}/haproxy.cfg";
- haproxy_writeconf("$configname.new");
- $retval = exec("haproxy -c -V -f $configname.new 2>&1", $output, $err);
+ global $g;
+ $configpath = "{$g['varetc_path']}/haproxy";
+ $testpath = "{$g['varetc_path']}/haproxy_test";
+ haproxy_writeconf($testpath);
+ $retval = exec("haproxy -c -V -f $testpath/haproxy.cfg 2>&1", $output, $err);
$messages = "";
if ($err > 1)
$messages = "<h2><strong>FATAL ERROR CODE: $err while starting haproxy</strong></h2>";
@@ -555,7 +561,8 @@ function haproxy_check_and_run(&$messages, $reload) {
$ok = strstr($retval, "Configuration file is valid");
if ($ok && $reload) {
global $haproxy_run_message;
- exec("mv $configname.new $configname");
+ haproxy_writeconf($configpath);
+ rmdir_recursive($testpath);
$ok = haproxy_check_run(1) == 0;
$messages = $haproxy_run_message;
}
@@ -577,12 +584,14 @@ function haproxy_write_certificate_file($filename, $certid) {
unset($cert);
}
-function haproxy_writeconf($configfile) {
- global $config, $haproxy_confpath;
+function haproxy_writeconf($configpath) {
+ global $config;
- rmdir_recursive($haproxy_confpath);
- make_dirs($haproxy_confpath);
+ $configfile = $configpath . "/haproxy.cfg";
+ rmdir_recursive($configpath);
+ make_dirs($configpath);
+
$a_global = &$config['installedpackages']['haproxy'];
$a_frontends = &$config['installedpackages']['haproxy']['ha_backends']['item'];
$a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item'];
@@ -640,10 +649,10 @@ function haproxy_writeconf($configfile) {
//check ssl info
if (strtolower($frontend['type']) == "http" && $frontend['ssloffload']){
//ssl crt ./server.pem ca-file ./ca.crt verify optional crt-ignore-err all crl-file ./ca_crl.pem
- $filename = "$haproxy_confpath/{$frontend['name']}.{$frontend['port']}.pem";
+ $filename = "$configpath/{$frontend['name']}.{$frontend['port']}.pem";
$ssl_crt = " crt $filename";
haproxy_write_certificate_file($filename, $frontend['ssloffloadcert']);
- $subfolder = "$haproxy_confpath/{$frontend['name']}.{$frontend['port']}";
+ $subfolder = "$configpath/{$frontend['name']}.{$frontend['port']}";
$certs = $frontend['ha_certificates']['item'];
if (is_array($certs)){
if (count($certs) > 0){
@@ -890,12 +899,6 @@ function haproxy_writeconf($configfile) {
haproxy_install_cron(true);
else
haproxy_install_cron(false);
-
- $freebsd_version = substr(trim(`uname -r`), 0, 1);
- if(!file_exists("/usr/bin/limits")) {
- exec("fetch -q -o /usr/bin/limits http://files.pfsense.org/extras/{$freebsd_version}/limits");
- exec("chmod a+rx /usr/bin/limits");
- }
}
function haproxy_is_running() {
@@ -986,9 +989,10 @@ function load_ipfw_rules() {
}
function haproxy_check_run($reload) {
- global $config, $g, $haproxy_confpath, $haproxy_run_message;
+ global $config, $g, $haproxy_run_message;
$a_global = &$config['installedpackages']['haproxy'];
+ $configpath = "{$g['varetc_path']}/haproxy";
exec("/usr/bin/limits -n 300014");
@@ -1020,9 +1024,9 @@ function haproxy_check_run($reload) {
$sf_st = "-st";//terminate old process as soon as the new process is listening
else
$sf_st = "-sf";//finish serving existing connections exit when done, and the new process is listening
- exec("/usr/local/sbin/haproxy -f {$haproxy_confpath}/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode);
+ exec("/usr/local/sbin/haproxy -f {$configpath}/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode);
} else {
- exec("/usr/local/sbin/haproxy -f {$haproxy_confpath}/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode);
+ exec("/usr/local/sbin/haproxy -f {$configpath}/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode);
}
foreach($output as $line)
$haproxy_run_message .= "<br/>" . htmlspecialchars($line) . "\n";