Globally accessible ACL

Hi All,

Working on a solution for a maintenance page based upon:

This works really well, but I want to have a SINGLE acl apply to multiple listen/frontend blocks. That way, instead of doing a:

echo "add acl #0" | nc -U <socket>

On every acl instance, I could do it once and have every block see it. Does anyone know if this is possible?


Nevermind! Managed to get it working with maps:

acl web_maintenance src,map_ip(/etc/haproxy/web_maintenance.txt) -m str 1
acl web_maintenance_ex src,map_ip(/etc/haproxy/web_maintenance_ex.txt) -m str 1

use_backend web_maintenance if web_maintenance !web_maintenance_ex
1 Like