diff options
author | Rok Garbas <rok@garbas.si> | 2013-10-29 15:55:25 +0100 |
---|---|---|
committer | Rok Garbas <rok@garbas.si> | 2013-10-29 15:55:25 +0100 |
commit | 562b453b9399634011cc61f225569e713f8e5e60 (patch) | |
tree | 98058a04e656b18f0b8a51d4cd5347b5b206b0d9 /nixos/modules/services/networking/haproxy.nix | |
parent | db5c6917f31a736766eeb2388d1f90d494b44d6f (diff) | |
download | nixlib-562b453b9399634011cc61f225569e713f8e5e60.tar nixlib-562b453b9399634011cc61f225569e713f8e5e60.tar.gz nixlib-562b453b9399634011cc61f225569e713f8e5e60.tar.bz2 nixlib-562b453b9399634011cc61f225569e713f8e5e60.tar.lz nixlib-562b453b9399634011cc61f225569e713f8e5e60.tar.xz nixlib-562b453b9399634011cc61f225569e713f8e5e60.tar.zst nixlib-562b453b9399634011cc61f225569e713f8e5e60.zip |
nixos: haproxy module
Diffstat (limited to 'nixos/modules/services/networking/haproxy.nix')
-rw-r--r-- | nixos/modules/services/networking/haproxy.nix | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/haproxy.nix b/nixos/modules/services/networking/haproxy.nix new file mode 100644 index 000000000000..c8345a528a72 --- /dev/null +++ b/nixos/modules/services/networking/haproxy.nix @@ -0,0 +1,87 @@ +{ config, pkgs, ...}: +let + cfg = config.services.haproxy; + haproxyCfg = pkgs.writeText "haproxy.conf" cfg.config; +in +with pkgs.lib; +{ + options = { + services.haproxy = { + + enable = mkOption { + default = false; + description = " + Enable the HAProxy. + "; + }; + + config = mkOption { + default = + '' + global + log 127.0.0.1 local6 + maxconn 24000 + daemon + nbproc 1 + + defaults + mode http + option httpclose + + # Remove requests from the queue if people press stop button + option abortonclose + + # Try to connect this many times on failure + retries 3 + + # If a client is bound to a particular backend but it goes down, + # send them to a different one + option redispatch + + monitor-uri /haproxy-ping + + timeout connect 7s + timeout queue 300s + timeout client 300s + timeout server 300s + + # Enable status page at this URL, on the port HAProxy is bound to + stats enable + stats uri /haproxy-status + stats refresh 5s + stats realm Haproxy statistics + ''; + description = " + Default configuration. + "; + }; + + }; + + }; + + config = mkIf cfg.enable { + + systemd.services.haproxy = { + description = "HAProxy"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "forking"; + PIDFile = "/var/run/haproxy.pid"; + ExecStartPre = "${pkgs.haproxy}/sbin/haproxy -c -q -f ${haproxyCfg}"; + ExecStart = "${pkgs.haproxy}/sbin/haproxy -D -f ${haproxyCfg} -p /var/run/haproxy.pid"; + ExecReload = "-${pkgs.bash}/bin/bash -c \"exec ${pkgs.haproxy}/sbin/haproxy -D -f ${haproxyCfg} -p /var/run/haproxy.pid -sf $MAINPID\""; + }; + }; + + environment.systemPackages = [ pkgs.haproxy ]; + + users.extraUsers.haproxy = { + group = "haproxy"; + uid = config.ids.uids.haproxy; + }; + + users.extraGroups.haproxy.gid = config.ids.uids.haproxy; + }; +} |