MVP of use use folders on ALB servers to store constants and variables

[fititnt]

• References on Linux directory structure https://linuxhandbook.com/linux-directory-structure/
• Potential places for we use on ALB
  • /opt/alb/
  • Maybe ideal for ALB variables that (ideally) tend to be managed by Ansible playgooks and are less likely to change on running time.
  • Some of these values could override similar equivalents on other places.
  • /var/alb/
  • Maybe we use for data that could be changed on runtime but is not granteed that could be regenerated by Ansible Playbook
  • Could be a good place to use for features that we're would be likely to store on a Redis server, but some specific installation of ALB is not running redis or will not require updates
    • If ALB could somewhat both work with some data storage like Redis/Consul/etc we could still use this directory as fallback in case these directories does not exist
    • One or more folders on this path could be used to store backups

---

There are several reasons to store some variables on target servers. To start, one could be a way for other programs be aware of IPs, ports, etc that have some special meaning to ALB. This could be useful for know what domains could have SSL issued, what IPs can do some actions (like login in, or be on blacklist).

[fititnt]

- name: "ap-application-load-balancer playbook example (complex)"
  hosts: my_complex_hosts
  remote_user: root
  vars:
    alb_name: "MyALBName/2.0"
    alb_forcedebug: yes

    # /opt/alb/remoteadmins
    alb_ips_remoteadmins:
       - 1.2.3.4
    # /opt/alb/dmz
    alb_ips_dmz:
       - 143.54.2.20
       - 150.162.2.10
       - 146.164.170.36
    # /var/alb/ips_whitelist.txt
    alb_ips_whitelist:
       - 127.0.0.1
       - 123.123.123
    # /var/alb/ips_blacklist.txt
    alb_ips_blacklist:
       - 123.123.123.123
       - 210.210.210.210
    # /var/alb/domains_whitelist.txt
    alb_domains_whitelist:
       - "example.net"
       - "www.example.com"
       - "*.example.org"
    # /var/alb/domains_blacklist.txt
    alb_domains_blacklist:
       - "let-ssl-expire.example.net"
       - "dont-ask-letsencrypt.example.com"

[fititnt]

I'm thinking of doing one <!-- --> (comment out) the documentation on this feature untill become used on at least some internal or external Ansible Role. It's taking lots of space on the internals, and is not really implemented or useful on short term.

The https://github.com/fititnt/ap-application-load-balancer/issues/13 have some of it's potential replacements.

[fititnt]

Will close this for now. Maybe we're likely to implement some features for servers not using Redis for store the HTTPS keys