HAProxy Configuration Generator Using AWS Lambda, API Gateway and Terraform.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


HAProxy Configuration Generator

This project uses AWS Lambda and API Gateway to create an API endpoint that can be used to generate a haproxy.cfg file based on the parameters provided.

One major pain point of using Lambda and API Gateway is the difficulty of setting things up. This project uses Terraform to ease that difficulty.

You need to have Terraform installed and a functioning AWS account to deploy this project.

Lambda-Registry is an iteration of this project that adds support for persisting the state of past services. Past services are services for which HAProxy configs have previously been generated. This state is then consolidated into future configs upon request.


Follow these steps to deploy:

  1. Install NPM modules: npm install
  2. Compress the project: zip -r haproxy_config_generator.zip ..
  3. Deploy the project by simply invoking terraform apply. You'll be asked for your AWS credentials. If you don't want to be prompted, you can add your credentials to the variables.tf file or run the setup using:
terraform apply -var 'aws_access_key={your_aws_access_key}' \
   -var 'aws_secret_key={your_aws_secret_key}'

To tear down:

terraform destroy

You can find the Invoke URL for the API endpoint created via the AWS console for API Gateway. The steps look like: Amazon API Gateway | APIs > haproxy_config_generator > Stages > api.

You can generate the config file by running these commands:

$ curl -o /tmp/haproxycfg -H "Content-Type: application/json" --data @sample-data/data.json <invoke_url>/generate
$ echo "$(</tmp/haproxycfg)" > haproxy.cfg
$ rm /tmp/haproxycfg

Running Locally

You can run Lambda functions locally using Lambda-local with a command like:

lambda-local -l index.js -h handler -e sample-data/data.js

Customizing the Project

The Lambda handler expects an event with the structure documented in index.js. This structure is only relevant because the Nunjucks template file (template/haproxy.cfg.njk) relies on it to interpolate values in the right places. You can pass in any event structure you want as long as you modify the Nunjucks template file to understand it.


There is a known issue whereby a newly deployed API Gateway would fail to call a Lambda function throwing an error similar to this one:

Execution failed due to configuration error: Invalid permissions on Lambda function
Method completed with status: 500


  "message": "Internal server error"

The solution for this is straightforward and demonstrated in this youtube video.