From 55d0f4d0d4a48da8c47a5da8a97cb4c00bb067b1 Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Sun, 29 Dec 2013 15:04:30 +0100 Subject: haproxy-devel, - use a separate directory for testing the new configuration - move "/usr/bin/limits" download to package installation --- config/haproxy-devel/haproxy.inc | 52 +++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 24 deletions(-) (limited to 'config') diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index 8531d95a..5e798dc2 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -36,7 +36,6 @@ require_once("haproxy_utils.inc"); require_once("haproxy_xmlrpcsyncclient.inc"); $d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; -$haproxy_confpath = "{$g['varetc_path']}/haproxy"; $a_acltypes = array(); $a_acltypes["host_starts_with"] = array('name' => 'Host starts with', @@ -134,6 +133,12 @@ function haproxy_custom_php_install_command() { global $g, $config; conf_mount_rw(); + $freebsd_version = substr(trim(`uname -r`), 0, 1); + if(!file_exists("/usr/bin/limits")) { + exec("fetch -q -o /usr/bin/limits http://files.pfsense.org/extras/{$freebsd_version}/limits"); + exec("chmod a+rx /usr/bin/limits"); + } + $haproxy = <<&1", $output, $err); + global $g; + $configpath = "{$g['varetc_path']}/haproxy"; + $testpath = "{$g['varetc_path']}/haproxy_test"; + haproxy_writeconf($testpath); + $retval = exec("haproxy -c -V -f $testpath/haproxy.cfg 2>&1", $output, $err); $messages = ""; if ($err > 1) $messages = "

FATAL ERROR CODE: $err while starting haproxy

"; @@ -555,7 +561,8 @@ function haproxy_check_and_run(&$messages, $reload) { $ok = strstr($retval, "Configuration file is valid"); if ($ok && $reload) { global $haproxy_run_message; - exec("mv $configname.new $configname"); + haproxy_writeconf($configpath); + rmdir_recursive($testpath); $ok = haproxy_check_run(1) == 0; $messages = $haproxy_run_message; } @@ -577,12 +584,14 @@ function haproxy_write_certificate_file($filename, $certid) { unset($cert); } -function haproxy_writeconf($configfile) { - global $config, $haproxy_confpath; +function haproxy_writeconf($configpath) { + global $config; - rmdir_recursive($haproxy_confpath); - make_dirs($haproxy_confpath); + $configfile = $configpath . "/haproxy.cfg"; + rmdir_recursive($configpath); + make_dirs($configpath); + $a_global = &$config['installedpackages']['haproxy']; $a_frontends = &$config['installedpackages']['haproxy']['ha_backends']['item']; $a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item']; @@ -640,10 +649,10 @@ function haproxy_writeconf($configfile) { //check ssl info if (strtolower($frontend['type']) == "http" && $frontend['ssloffload']){ //ssl crt ./server.pem ca-file ./ca.crt verify optional crt-ignore-err all crl-file ./ca_crl.pem - $filename = "$haproxy_confpath/{$frontend['name']}.{$frontend['port']}.pem"; + $filename = "$configpath/{$frontend['name']}.{$frontend['port']}.pem"; $ssl_crt = " crt $filename"; haproxy_write_certificate_file($filename, $frontend['ssloffloadcert']); - $subfolder = "$haproxy_confpath/{$frontend['name']}.{$frontend['port']}"; + $subfolder = "$configpath/{$frontend['name']}.{$frontend['port']}"; $certs = $frontend['ha_certificates']['item']; if (is_array($certs)){ if (count($certs) > 0){ @@ -890,12 +899,6 @@ function haproxy_writeconf($configfile) { haproxy_install_cron(true); else haproxy_install_cron(false); - - $freebsd_version = substr(trim(`uname -r`), 0, 1); - if(!file_exists("/usr/bin/limits")) { - exec("fetch -q -o /usr/bin/limits http://files.pfsense.org/extras/{$freebsd_version}/limits"); - exec("chmod a+rx /usr/bin/limits"); - } } function haproxy_is_running() { @@ -986,9 +989,10 @@ function load_ipfw_rules() { } function haproxy_check_run($reload) { - global $config, $g, $haproxy_confpath, $haproxy_run_message; + global $config, $g, $haproxy_run_message; $a_global = &$config['installedpackages']['haproxy']; + $configpath = "{$g['varetc_path']}/haproxy"; exec("/usr/bin/limits -n 300014"); @@ -1020,9 +1024,9 @@ function haproxy_check_run($reload) { $sf_st = "-st";//terminate old process as soon as the new process is listening else $sf_st = "-sf";//finish serving existing connections exit when done, and the new process is listening - exec("/usr/local/sbin/haproxy -f {$haproxy_confpath}/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode); + exec("/usr/local/sbin/haproxy -f {$configpath}/haproxy.cfg -p /var/run/haproxy.pid $sf_st `cat /var/run/haproxy.pid` 2>&1", $output, $errcode); } else { - exec("/usr/local/sbin/haproxy -f {$haproxy_confpath}/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode); + exec("/usr/local/sbin/haproxy -f {$configpath}/haproxy.cfg -p /var/run/haproxy.pid -D 2>&1", $output, $errcode); } foreach($output as $line) $haproxy_run_message .= "
" . htmlspecialchars($line) . "\n"; -- cgit v1.2.3