HAProxy set acl with hosts from file

I'd like to migrate some 100+ sites from one server to another. Current plan is to gradually add an acl for each as they are moved to direct traffic to a new server.

Here is a simplified example

front http_frontend
  bind *:80
  acl is_new hdr_end(host) -i sub1.domain.com
  acl is_new hdr_end(host) -i sub2.domain.com
  acl is_new hdr_end(host) -i www.domain2.com
  mode http
  # etc
  use_backend web1 if is_new
  default_backend legacy1

Once they are all moved we'd change the default_backend

Is there a way to read these acls from another file? Or to read the domains from a file – perhaps something like this?

acl is_new hdr_end(host) -i /path/to/file

For instance, I include all the secure certificates as below, something like that'd be great!

bind *:443 ssl crt /etc/haproxy/certs.d

It's not the end of the world if not, it'd just be nice and tidy :).

Best Answer

ACLs in haproxy can take -f argument to load values from a file. You can read the documentation here.

For example:

acl valid-ua hdr(user-agent) -f exact-ua.lst -i -f generic-ua.lst test

The "-f" flag is followed by the name of a file from which all lines will be read as individual values. It is even possible to pass multiple "-f" arguments if the patterns are to be loaded from multiple files. Empty lines as well as lines beginning with a sharp ('#') will be ignored.

Best Answer

Related Solutions

Haproxy acl – accept only from specific IPs

Ssl – Haproxy Acl in Https

Related Topic