Hi Fred! On Tue, Mar 21, 2017 at 07:54:30PM +0100, Frederic Lecaille wrote: > Hello HAProxy ML, > > I am starting this new thread to publish a serie of patches to make > all "server" settings be supported on "default-server" lines. > > This is a preliminary work for "server templates" feature. > > New boolean settings have been added to disable others. Most of them > have "no-" as prefix. (...)
Wow I didn't realize you had already done all this! That's really cool! > Here is an exhaustive list: (...) > "sslv2" disables "no-sslv3", > "ssl-reuse" disables "no-ssl-reuse", > "stick" disables "non-stick", > "tlsv10" disables "no-tlsv10", > "tlsv11" disables "no-tlsv11", > "tlsv12" disables "no-tlsv12", > "tls-tickets" disables "no-tls-tickets". Hmmm I hadn't thought about these ones, I suspect they'll cause more confusion than anything else, especially given that the "tlsv11" above cancelling "no-tlsv11" is not the same as "force-tlsv11". We need to discuss this with Emeric, he's already scratching his head around these ones without these double negations, he will hate us now :-) > Furthemore, some settings with arguments are from now supported by > "default-server" directive: > > "addr", "ca-file", "ciphers", "crl-file", "crt", "cookie", "namespace", > "observe", "redir", "sni", "source", "tcp-ut" and "track". > > The documentation have been consequently updated. > > So, from now on, all server "settings" are supported by "default-server" That's really cool. I'm going to check all this ASAP (everyone is welcome to help, there's so much stuff!). > except "id" which is only supported on "server" lines. Good point! Thanks! Willy
