Add support for HTTP2 in HAProxy frontend and listen sections

This commit introduces the `http2` boolean field for enabling HTTP2 support in HTTPS schemes. Updates were made to both backend logic and documentation for `frontend` and `listen` resources to reflect this new functionality. These changes enhance compatibility with modern web traffic protocols.

Author: Aidaho12

docs/resources/haproxy_section_frontend.md

@@ -69,6 +69,7 @@ resource "roxywi_haproxy_section_frontend" "example" {
 - `slow_attack` (Boolean) In a Slow POST attack, an attacker begins by sending a legitimate HTTP POST header to a Web server, exactly as they would under normal circumstances. The header specifies the exact size of the message body that will then follow. However, that message body is then sent at an alarmingly low rate – sometimes as slow as 1 byte per approximately two minutes.
 - `ssl` (Block Set) SSL settings. (see [below for nested schema](#nestedblock--ssl))
 - `ssl_offloading` (Boolean) Enable redirection from HTTP scheme to HTTPS scheme.
+- `http2` (Boolean) Enable HTTP2 for HTTPS scheme.
 - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
 - `waf` (Boolean) Add WAF settings.
 - `whitelist` (String) Path to a whitelist.

docs/resources/haproxy_section_listen.md

@@ -76,6 +76,7 @@ resource "roxywi_haproxy_section_listen" "example" {
 - `slow_attack` (Boolean) In a Slow POST attack, an attacker begins by sending a legitimate HTTP POST header to a Web server, exactly as they would under normal circumstances. The header specifies the exact size of the message body that will then follow. However, that message body is then sent at an alarmingly low rate – sometimes as slow as 1 byte per approximately two minutes.
 - `ssl` (Block Set) SSL settings. (see [below for nested schema](#nestedblock--ssl))
 - `ssl_offloading` (Boolean) Enable redirection from HTTP scheme to HTTPS scheme.
+- `http2` (Boolean) Enable HTTP2 for HTTPS scheme.
 - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
 - `waf` (Boolean) Add WAF settings.
 - `whitelist` (String) Path to a whitelist.

roxywi/haproxy_section_fields.go

@@ -56,6 +56,7 @@ const (
 	SslCertField                   = "cert"
 	SslCheckField                  = "ssl_check_backend"
 	SslOffloadingField             = "ssl_offloading"
+	Http2Field                     = "http2"
 	RedisPatchField                = "redispatch"
 	RoundRobinAlgorithm            = "roundrobin"
 	SourceAlgorithm                = "source"

roxywi/resource_roxywi_haproxy_section_frontend.go

@@ -126,6 +126,12 @@ func resourceHaproxySectionFrontend() *schema.Resource {
 				Default:     false,
 				Description: "Enable redirection from HTTP scheme to HTTPS scheme.",
 			},
+			Http2Field: {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Enable HTTP2 for HTTPS scheme.",
+			},
 			CompressionField: {
 				Type:        schema.TypeBool,
 				Optional:    true,
@@ -198,6 +204,7 @@ func resourceHaproxySectionFrontendCreate(ctx context.Context, d *schema.Resourc
 		CompressionField:   d.Get(CompressionField),
 		ForwardForField:    d.Get(ForwardForField),
 		SslOffloadingField: d.Get(SslOffloadingField),
+		Http2Field:         d.Get(Http2Field),
 		SlowAttackField:    d.Get(SlowAttackField),
 		AntiBotField:       d.Get(AntiBotField),
 		DdosField:          d.Get(DdosField),
@@ -251,6 +258,7 @@ func resourceHaproxySectionFrontendRead(ctx context.Context, d *schema.ResourceD
 	d.Set(CompressionField, result[CompressionField])
 	d.Set(ForwardForField, result[ForwardForField])
 	d.Set(SslOffloadingField, result[SslOffloadingField])
+	d.Set(Http2Field, result[Http2Field])
 	d.Set(SlowAttackField, result[SlowAttackField])
 	d.Set(AntiBotField, result[AntiBotField])
 	d.Set(DdosField, result[DdosField])
@@ -315,6 +323,7 @@ func resourceHaproxySectionFrontendUpdate(ctx context.Context, d *schema.Resourc
 		CompressionField:   d.Get(CompressionField),
 		ForwardForField:    d.Get(ForwardForField),
 		SslOffloadingField: d.Get(SslOffloadingField),
+		Http2Field:         d.Get(Http2Field),
 		SlowAttackField:    d.Get(SlowAttackField),
 		AntiBotField:       d.Get(AntiBotField),
 		DdosField:          d.Get(DdosField),

roxywi/resource_roxywi_haproxy_section_listen.go

@@ -152,6 +152,12 @@ func resourceHaproxySectionListen() *schema.Resource {
 				Default:     false,
 				Description: "Enable redirection from HTTP scheme to HTTPS scheme.",
 			},
+			Http2Field: {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				Default:     false,
+				Description: "Enable HTTP2 for HTTPS scheme.",
+			},
 			RedisPatchField: {
 				Type:        schema.TypeBool,
 				Optional:    true,
@@ -285,6 +291,7 @@ func resourceHaproxySectionListenCreate(ctx context.Context, d *schema.ResourceD
 		CompressionField:     d.Get(CompressionField),
 		ForwardForField:      d.Get(ForwardForField),
 		SslOffloadingField:   d.Get(SslOffloadingField),
+		Http2Field:           d.Get(Http2Field),
 		SlowAttackField:      d.Get(SlowAttackField),
 		AntiBotField:         d.Get(AntiBotField),
 		DdosField:            d.Get(DdosField),
@@ -338,6 +345,7 @@ func resourceHaproxySectionListenRead(ctx context.Context, d *schema.ResourceDat
 	d.Set(CompressionField, result[CompressionField])
 	d.Set(ForwardForField, result[ForwardForField])
 	d.Set(SslOffloadingField, result[SslOffloadingField])
+	d.Set(Http2Field, result[Http2Field])
 	d.Set(SlowAttackField, result[SlowAttackField])
 	d.Set(AntiBotField, result[AntiBotField])
 	d.Set(DdosField, result[DdosField])
@@ -447,6 +455,7 @@ func resourceHaproxySectionListenUpdate(ctx context.Context, d *schema.ResourceD
 		CompressionField:     d.Get(CompressionField),
 		ForwardForField:      d.Get(ForwardForField),
 		SslOffloadingField:   d.Get(SslOffloadingField),
+		Http2Field:           d.Get(Http2Field),
 		SlowAttackField:      d.Get(SlowAttackField),
 		AntiBotField:         d.Get(AntiBotField),
 		DdosField:            d.Get(DdosField),

templates/resources/haproxy_section_frontend.md.tmpl

@@ -40,6 +40,7 @@ Manage HAProxy Frontend sections. Please note that changes may cause HAProxy to
 - `slow_attack` (Boolean) In a Slow POST attack, an attacker begins by sending a legitimate HTTP POST header to a Web server, exactly as they would under normal circumstances. The header specifies the exact size of the message body that will then follow. However, that message body is then sent at an alarmingly low rate – sometimes as slow as 1 byte per approximately two minutes.
 - `ssl` (Block Set) SSL settings. (see [below for nested schema](#nestedblock--ssl))
 - `ssl_offloading` (Boolean) Enable redirection from HTTP scheme to HTTPS scheme.
+- `http2` (Boolean) Enable HTTP2 for HTTPS scheme.
 - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
 - `waf` (Boolean) Add WAF settings.
 - `whitelist` (String) Path to a whitelist.

templates/resources/haproxy_section_listen.md.tmpl

@@ -49,6 +49,7 @@ Manage HAProxy Listen sections. Please note that changes may cause HAProxy to re
 - `slow_attack` (Boolean) In a Slow POST attack, an attacker begins by sending a legitimate HTTP POST header to a Web server, exactly as they would under normal circumstances. The header specifies the exact size of the message body that will then follow. However, that message body is then sent at an alarmingly low rate – sometimes as slow as 1 byte per approximately two minutes.
 - `ssl` (Block Set) SSL settings. (see [below for nested schema](#nestedblock--ssl))
 - `ssl_offloading` (Boolean) Enable redirection from HTTP scheme to HTTPS scheme.
+- `http2` (Boolean) Enable HTTP2 for HTTPS scheme.
 - `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
 - `waf` (Boolean) Add WAF settings.
 - `whitelist` (String) Path to a whitelist.