Add support to configure proxy-protocol-networks

MariaDB/Galera can read information about the actual client connecting via a load balancer from the proxy protocol. In order to define which sources are trusted the parameter `proxy-protocol-networks` is used. See https://mariadb.com/kb/en/proxy-protocol-support Change-Id: I4ea360fbea5a911ba03a5eca3af00eb91b7bd124
2022-08-26 16:58:41 +02:00 · 2022-08-26 16:58:41 +02:00 · a5835fd611
parent a84dbdaac9
commit a5835fd611
2 changed files with 5 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -26,6 +26,7 @@ galera_force_bootstrap: false
 galera_wsrep_node_name: "{{ inventory_hostname }}"
 galera_cluster_name: openstack_galera_cluster
 galera_server_bind_address: "{{ openstack_service_bind_address | default('0.0.0.0') }}"
+galera_server_proxy_protocol_networks: ""

 # The galera server-id should be set on all cluster nodes to ensure
 #  that replication is handled correctly and the error
--- a/templates/my.cnf.j2
+++ b/templates/my.cnf.j2
@ -32,6 +32,10 @@ tmpdir = {{ galera_tmp_dir }}
 ignore_db_dirs = {{ galera_ignore_db_dirs | join(',') }}

 bind-address = {{ galera_server_bind_address }}
+{% if galera_server_proxy_protocol_networks %}
+proxy-protocol-networks = {{ galera_server_proxy_protocol_networks }}
+{% endif %}
+
 {% if galera_server_id is defined %}
 server-id = {{ galera_server_id }}
 {% endif %}