From ce2e1985b86d4a03f84d209b6daa3d41a26bdced Mon Sep 17 00:00:00 2001
From: "daniel.popescu" <daniel.popescu@bluedesk.ro>
Date: Wed, 31 Jul 2024 07:58:01 +0000
Subject: [PATCH 1/2] upgraded haproxy image to 2.9

---
 CHANGELOG.md                 | 15 +++++++++++++++
 haproxy/Dockerfile           |  5 +++--
 haproxy/Readme.md            |  8 +++++---
 haproxy/docker-entrypoint.sh |  2 +-
 haproxy/src/configure.py     |  5 +++--
 5 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e175e4d..d63ccba 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,20 @@
 # Changelog
 
+
+## 2024-07-30 (3.x - 1.0)
+
+## 2024-07-29 (2.9 - 1.1)
+
+- Upgrade HAproxy to 2.9
+- Upgrade OS to Bookworm
+- Disabled rsyslog kernel logging support in Dockerfile
+- Started rsyslogd service without service directive in docker-entrypoint.sh
+- Upgraded deprecated option: option httpchk in src/configure.py
+
+## 2024-07-29 (2.0 - 1.0)
+
+- Upgrade HAproxy to 2.0
+
 ## 2023-03-09 (1.8-1.8)
 
 - Upgrade HAproxy to 1.8.31
diff --git a/haproxy/Dockerfile b/haproxy/Dockerfile
index 3f97c92..0e3ee23 100644
--- a/haproxy/Dockerfile
+++ b/haproxy/Dockerfile
@@ -1,6 +1,6 @@
-FROM haproxy:1.8.31-buster
+FROM haproxy:2.9-bookworm
 LABEL maintainer="EEA: IDM2 A-Team <eea-edw-a-team-alerts@googlegroups.com>"
-
+USER root
 RUN apt-get update \
  && apt-get install -y --no-install-recommends \
     ca-certificates \
@@ -15,6 +15,7 @@ RUN apt-get update \
  && sed -i '/#$UDPServerRun/c\$UDPServerRun 514'  /etc/rsyslog.conf \
  && sed -i '/$UDPServerRun 514/a $UDPServerAddress 127.0.0.1' /etc/rsyslog.conf \
  && sed -i '/cron.*/a local2.*                          \/proc\/1\/fd\/1' /etc/rsyslog.conf \
+ && sed -i '/^module(load="imklog")/s/^/#/' /etc/rsyslog.conf \
  && mv /usr/local/bin/docker-entrypoint.sh /usr/local/bin/haproxy-entrypoint.sh 
 
 COPY src/haproxy.cfg /tmp/
diff --git a/haproxy/Readme.md b/haproxy/Readme.md
index 42ec8d4..a85cf28 100644
--- a/haproxy/Readme.md
+++ b/haproxy/Readme.md
@@ -3,16 +3,18 @@
 This image is generic, thus you can obviously re-use it within
 your non-related EEA projects.
 
- - Debian: **Buster**
- - HAProxy: **1.8**
+ - Debian: **Bookworm**
+ - HAProxy: **2.9**
  - Expose: **5000**
 
 ### Supported tags and respective Dockerfile links
 
-  - `:latest` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/blob/master/haproxy/Dockerfile) - Debian: **Buster**, HAProxy: **1.8**
+  - `:latest` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/blob/master/haproxy/Dockerfile) - Debian: **Bookworm**, HAProxy: **2.9**
 
 ### Stable and immutable tags
 
+  - `:2.9-1.1` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/tree/2.9-1.1/haproxy/Dockerfile) - HAProxy: **2.9.9** Release: **1.1**
+  - `:2.0-1.0` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/tree/2.0-1.0/haproxy/Dockerfile) - HAProxy: **2.0.31** Release: **1.0**
   - `:1.8-1.8` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/tree/1.8-1.8/haproxy/Dockerfile) - HAProxy: **1.8.31** Release: **1.8**
   - `:1.8-1.7` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/tree/1.8-1.7/haproxy/Dockerfile) - HAProxy: **1.8.30** Release: **1.7**
   - `:1.8-1.6` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/tree/1.8-1.6/haproxy/Dockerfile) - HAProxy: **1.8.29** Release: **1.6**
diff --git a/haproxy/docker-entrypoint.sh b/haproxy/docker-entrypoint.sh
index 4d9f355..fd9b542 100755
--- a/haproxy/docker-entrypoint.sh
+++ b/haproxy/docker-entrypoint.sh
@@ -67,7 +67,7 @@ fi
 
 
 #start logging
-service rsyslog restart
+rsyslogd
 
 #start crontab
 service cron restart
diff --git a/haproxy/src/configure.py b/haproxy/src/configure.py
index aec0c80..1d2c1f1 100644
--- a/haproxy/src/configure.py
+++ b/haproxy/src/configure.py
@@ -81,10 +81,11 @@
 
 backend_type_http = Template("""
     option forwardfor
+    option httpchk
     http-request set-header X-Forwarded-Port %[dst_port]
     http-request add-header X-Forwarded-Proto https if { ssl_fc }
-    option httpchk $httpchk HTTP/1.1\\r\\nHost:$httpchk_host
-""")
+http-check send meth GET uri / ver HTTP/1.1 hdr host $httpchk_host
+    """)
 
 backend_conf_plus = Template("""
     server $name-$index $host:$port $cookies check

From 1ec43dfcbaef7d660359fc256d33dfe4ee43cbc8 Mon Sep 17 00:00:00 2001
From: Anton <anton@Edwmacbookpro.edw.lan>
Date: Wed, 22 Jan 2025 10:53:29 +0200
Subject: [PATCH 2/2] HAproxy 2.9

---
 haproxy/Dockerfile       | 2 +-
 haproxy/Readme.md        | 6 +++---
 haproxy/src/configure.py | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/haproxy/Dockerfile b/haproxy/Dockerfile
index 0e3ee23..8ac5383 100644
--- a/haproxy/Dockerfile
+++ b/haproxy/Dockerfile
@@ -1,4 +1,4 @@
-FROM haproxy:2.9-bookworm
+FROM haproxy:2.9-dev-bullseye
 LABEL maintainer="EEA: IDM2 A-Team <eea-edw-a-team-alerts@googlegroups.com>"
 USER root
 RUN apt-get update \
diff --git a/haproxy/Readme.md b/haproxy/Readme.md
index a85cf28..0243642 100644
--- a/haproxy/Readme.md
+++ b/haproxy/Readme.md
@@ -3,13 +3,13 @@
 This image is generic, thus you can obviously re-use it within
 your non-related EEA projects.
 
- - Debian: **Bookworm**
+ - Debian: **Bullseye**
  - HAProxy: **2.9**
  - Expose: **5000**
 
 ### Supported tags and respective Dockerfile links
 
-  - `:latest` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/blob/master/haproxy/Dockerfile) - Debian: **Bookworm**, HAProxy: **2.9**
+  - `:latest` [*Dockerfile*](https://github.com/eea/eea.docker.haproxy/blob/master/haproxy/Dockerfile) - Debian: **bullseye**, HAProxy: **2.9**
 
 ### Stable and immutable tags
 
@@ -152,7 +152,7 @@ either when running the container or in a `docker-compose.yml` file.
   * `TIMEOUT_CONNECT` the maximum time to wait for a connection attempt to a VPS to succeed. Default `5000` ms
   * `TIMEOUT_CLIENT` timeouts apply when the client is expected to acknowledge or send data during the TCP process. Default `50000` ms
   * `TIMEOUT_SERVER` timeouts apply when the server is expected to acknowledge or send data during the TCP process. Default `50000` ms
-  * `HTTPCHK` The HTTP method and uri used to check on the servers health - default `HEAD /`
+  * `HTTPCHK` The HTTP method and uri used to check on the servers health - default `meth GET uri /`
   * `HTTPCHK_HOST` Host Header override on http Health Check - default `localhost`
   * `INTER` parameter sets the interval between two consecutive health checks. If not specified, the default value is `2s`
   * `FAST_INTER` parameter sets the interval between two consecutive health checks when the server is any of the transition state (read above): UP - transitionally DOWN or DOWN - transitionally UP. If not set, then `INTER` is used.
diff --git a/haproxy/src/configure.py b/haproxy/src/configure.py
index 1d2c1f1..f17ab18 100644
--- a/haproxy/src/configure.py
+++ b/haproxy/src/configure.py
@@ -28,7 +28,7 @@
 TIMEOUT_CONNECT = os.environ.get('TIMEOUT_CONNECT', '5000')
 TIMEOUT_CLIENT = os.environ.get('TIMEOUT_CLIENT', '50000')
 TIMEOUT_SERVER = os.environ.get('TIMEOUT_SERVER', '50000')
-HTTPCHK = os.environ.get('HTTPCHK', 'HEAD /')
+HTTPCHK = os.environ.get('HTTPCHK', 'meth GET uri /')
 HTTPCHK_HOST = os.environ.get('HTTPCHK_HOST', 'localhost')
 INTER = os.environ.get('INTER', '2s')
 FAST_INTER = os.environ.get('FAST_INTER', INTER)
@@ -84,7 +84,7 @@
     option httpchk
     http-request set-header X-Forwarded-Port %[dst_port]
     http-request add-header X-Forwarded-Proto https if { ssl_fc }
-http-check send meth GET uri / ver HTTP/1.1 hdr host $httpchk_host
+    http-check send $httpchk ver HTTP/1.1 hdr host $httpchk_host
     """)
 
 backend_conf_plus = Template("""