Add userlist

tasks/configuration.yml

@@ -69,6 +69,21 @@
       - configuration
       - config
 
+  - name: "Configure HAProxy userlists"
+    ansible.builtin.template:
+      src: etc/haproxy/haproxy.d/userlists.j2
+      dest: /etc/haproxy/haproxy.d/userlists.cfg
+      mode: '0644'
+      owner: root
+      group: root
+      backup: yes
+    register: userlists
+    notify:
+      - Reload HAProxy
+    tags:
+      - configuration
+      - config
+
   - name: Check if config is ok
     ansible.builtin.shell: 
       cmd: /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -f /etc/haproxy/haproxy.d -c
@@ -97,6 +112,14 @@
       when: backends.changed
       ignore_errors: true
 
+    - name: restore userlists backup file to original.
+      copy:
+        remote_src: true
+        dest: /etc/haproxy/haproxy.d/userlists.cfg
+        src: "{{ backends['backup_file'] }}"
+      when: userlists.changed
+      ignore_errors: true
+
   always:
     - name: Delete backup file
       file:
@@ -112,6 +135,12 @@
       when: backends.changed
       ignore_errors: true
 
+    - name: Delete backup file
+      file:
+         path: "{{ userlists['backup_file'] }}"
+         state: absent
+      when: userlists.changed
+      ignore_errors: true
 
 - name: "Generate certificate for frontends"
   include_tasks: generate_certificate.yml 

templates/etc/haproxy/haproxy.d/userlists.j2

@@ -0,0 +1,8 @@
+{% if userlists is defined %}
+{% for userlist in userlists %}
+userlist {{ userlist.name -}}
+	{% for user in userlist.users %}
+	user {{ user.name }} password {{ user.password }}
+	{% endfor %}
+{% endfor %}
+{% endif %}