diff options
author | binary <me@rgoncalves.se> | 2021-01-29 11:37:13 +0100 |
---|---|---|
committer | binary <me@rgoncalves.se> | 2021-01-29 11:37:13 +0100 |
commit | 4a33686063aa236bc2217cce4c55e2ae463a7408 (patch) | |
tree | de99f7744b56007a090baa4b29efd4f3d2b88a5d /roles/relayd/templates/relayd.conf.j2 | |
parent | 6e685470d7696967b0c114179bd8d8c730c9a4f4 (diff) | |
download | infrastructure-4a33686063aa236bc2217cce4c55e2ae463a7408.tar.gz |
Allow multiple subdomain on same host
Diffstat (limited to 'roles/relayd/templates/relayd.conf.j2')
-rw-r--r-- | roles/relayd/templates/relayd.conf.j2 | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/roles/relayd/templates/relayd.conf.j2 b/roles/relayd/templates/relayd.conf.j2 index 1b48d7d..e3a2db5 100644 --- a/roles/relayd/templates/relayd.conf.j2 +++ b/roles/relayd/templates/relayd.conf.j2 @@ -9,11 +9,17 @@ table <local> { 127.0.0.1 } {% set h = dict(hostvars[h]) %} {##} {% if h.ip.in is defined %} +# {{ h.ansible_host }} table <{{ h.ansible_host }}> { {{ h.ip.in }} } +{% for service in h.services if service.domain is defined %} +table <{{ h.ansible_host }}_{{ service.domain }}> { {{ h.ip.in }} } +{% endfor %} {% endif %} {##} {% endfor %} +# services + # protocols http protocol "https" { @@ -32,13 +38,15 @@ http protocol "https" { tls keypair "{{ global.domain_name }}" pass request quick header "Host" value "{{ global.domain_name }}" forward to <local> + {% for h in groups["servers"] %} {% set h = dict(hostvars[h]) %} {##} {% if h.ip.in is defined %} {% for service in h.services if service.domain is defined %} tls keypair "{{ service.domain }}.{{ global.domain_name }}" - pass request quick header "Host" value "{{ service.domain }}.{{ global.domain_name }}" forward to <{{ h.ansible_host }}> + pass request quick header "Host" value "{{ service.domain }}.{{ global.domain_name }}" forward to <{{ h.ansible_host }}_{{ service.domain }}> + {% endfor %} {% endif %} {##} @@ -51,13 +59,13 @@ http protocol "http" { # acme pass request quick path "/.well-known/acme-challenge/*" forward to <local> - pass request header "Host" value "{{ global.domain_name }}" forward to <local> + pass request quick header "Host" value "{{ global.domain_name }}" forward to <local> {% for h in groups["servers"] %} {% set h = dict(hostvars[h]) %} {##} {% if h.ip.in is defined %} {% for service in h.services if service.domain is defined %} - pass request header "Host" value "{{ service.domain }}.{{ global.domain_name }}" forward to <{{ h.ansible_host }}> + pass request quick header "Host" value "{{ service.domain }}.{{ global.domain_name }}" forward to <{{ h.ansible_host }}_{{ service.domain }}> {% endfor %} {% endif %} {##} @@ -77,11 +85,11 @@ relay "www" { relay "wwwtls" { listen on egress port 443 tls protocol "https" - forward to <local> port 80 check icmp + forward to <local> port 80 check http "/" code 200 {% for hostname in groups["servers"] %} {% set h = dict(hostvars[hostname]) %} {% for service in h.services if service.domain is defined %} - forward to <{{ hostname }}> port {{ service.port }} + forward to <{{ hostname }}_{{ service.domain }}> port {{ service.port }} check tcp {% endfor %} {% endfor %} |