From 7b6e0bd10073cf8c53ddc28b69887abd50948d8d Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Wed, 12 Jun 2024 18:29:56 -0500
Subject: [PATCH] r/haproxy: Support configuring resolvers

HAProxy uses a special configuration block, `resolvers`, to specify
how it should look up names in DNS.  This configuration is used for
e.g. dynamically discovering backend servers via DNS A or SRV records.
Since resolvers are global, they need to be specified in the global
configuration file, rather than a per-application drop-in.

We will use this functionality for the ACME HTTP-01 challenge solver
for Samba AD domain controllers.
---
 roles/haproxy/templates/global.cfg.j2 | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/roles/haproxy/templates/global.cfg.j2 b/roles/haproxy/templates/global.cfg.j2
index 7865ea9..ab4f6f0 100644
--- a/roles/haproxy/templates/global.cfg.j2
+++ b/roles/haproxy/templates/global.cfg.j2
@@ -21,3 +21,15 @@ global
 {% if haproxy_ssl_default_bind_options|d %}
     ssl-default-bind-options {{ haproxy_ssl_default_bind_options }}
 {% endif %}
+{% if haproxy_resolvers|d %}
+{% for resolver in haproxy_resolvers %}
+
+resolvers {{ resolver.name }}
+{% for nameserver in resolver.nameservers %}
+    nameserver {{ nameserver.name }} {{ nameserver.address }}
+{% endfor %}
+{% for key, value in resolver.options|dictsort %}
+    {{ key }} {{ value }}
+{% endfor %}
+{% endfor %}
+{% endif %}