From f058cf8d61e0432d650d6bcdaaa338258f475515 Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@citynetwork.eu>
Date: Wed, 16 Jun 2021 14:40:19 +0300
Subject: [PATCH] Replace whitelist with allowlist naming

Change-Id: I568273d0ef1d5ee391a42981e66cc9895b9d71b6
---
 defaults/main.yml                                          | 4 ++--
 releasenotes/notes/haproxy_allowlist-95aa9b911baeacd9.yaml | 6 ++++++
 templates/service.j2                                       | 6 +++---
 3 files changed, 11 insertions(+), 5 deletions(-)
 create mode 100644 releasenotes/notes/haproxy_allowlist-95aa9b911baeacd9.yaml

diff --git a/defaults/main.yml b/defaults/main.yml
index 810900c..03b4b5d 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -57,7 +57,7 @@ haproxy_service_configs: []
 #       haproxy_backend_server_options:
 #         - "inter 3000"                # a contrived example, there are many server config options possible
 #       haproxy_acls:
-#         white_list:
+#         allow_list:
 #           rule: "src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8"
 #           backend_name: "mybackend"
 #       haproxy_frontend_acls:
@@ -70,7 +70,7 @@ haproxy_service_configs: []
 #       haproxy_port: 8404
 #       haproxy_bind:
 #         - '127.0.0.1'
-#       haproxy_whitelist_networks: "{{ haproxy_whitelist_networks }}"
+#       haproxy_allowlist_networks: "{{ haproxy_allowlist_networks }}"
 #       haproxy_frontend_only: True
 #       haproxy_balance_type: "http"
 #       haproxy_frontend_raw:
diff --git a/releasenotes/notes/haproxy_allowlist-95aa9b911baeacd9.yaml b/releasenotes/notes/haproxy_allowlist-95aa9b911baeacd9.yaml
new file mode 100644
index 0000000..d48fbfc
--- /dev/null
+++ b/releasenotes/notes/haproxy_allowlist-95aa9b911baeacd9.yaml
@@ -0,0 +1,6 @@
+---
+upgrade:
+  - |
+    HAProxy ``haproxy_whitelist_networks`` key inside
+    ``haproxy_service_configs`` dictionary has been replaced with
+    ``haproxy_allowlist_networks``.
diff --git a/templates/service.j2 b/templates/service.j2
index 4b40546..122b750 100644
--- a/templates/service.j2
+++ b/templates/service.j2
@@ -62,9 +62,9 @@ frontend {{ item.service.haproxy_service_name }}-front-{{ loop.index }}
 {% if item.service.haproxy_timeout_client is defined %}
     timeout client {{ item.service.haproxy_timeout_client }}
 {% endif %}
-{% if item.service.haproxy_whitelist_networks is defined %}
-    acl white_list src 127.0.0.1/8 {{ item.service.haproxy_whitelist_networks | join(' ') }}
-    tcp-request content accept if white_list
+{% if item.service.haproxy_allowlist_networks is defined %}
+    acl allow_list src 127.0.0.1/8 {{ item.service.haproxy_allowlist_networks | join(' ') }}
+    tcp-request content accept if allow_list
     tcp-request content reject
 {% endif %}
 {% if item.service.haproxy_acls is defined %}