diff options
| -rw-r--r-- | group_vars/all.yml | 1 | ||||
| -rw-r--r-- | host_vars/vm2.yml | 3 | ||||
| -rw-r--r-- | playbooks/dcontroller.rgoncalves.se.yml | 1 | ||||
| -rw-r--r-- | roles/relayd/templates/relayd.conf.j2 | 38 |
4 files changed, 20 insertions, 23 deletions
diff --git a/group_vars/all.yml b/group_vars/all.yml index 2ca1bdf..bf44e81 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -12,6 +12,7 @@ path_prometheusconfig: "/etc/prometheus/prometheus.yml" global: dcontroller: "dcontroller" + domain_name: "rgoncalves.se" dns: - 8.8.8.8 diff --git a/host_vars/vm2.yml b/host_vars/vm2.yml index 8d720ab..d131673 100644 --- a/host_vars/vm2.yml +++ b/host_vars/vm2.yml @@ -14,4 +14,5 @@ services: - name: "stagit" proto: "tcp" port: "1234" - public: true + domain: "git" + public: false diff --git a/playbooks/dcontroller.rgoncalves.se.yml b/playbooks/dcontroller.rgoncalves.se.yml index 28c2328..d810813 100644 --- a/playbooks/dcontroller.rgoncalves.se.yml +++ b/playbooks/dcontroller.rgoncalves.se.yml @@ -8,3 +8,4 @@ roles: - { role: pf } + - { role: relayd } diff --git a/roles/relayd/templates/relayd.conf.j2 b/roles/relayd/templates/relayd.conf.j2 index 4b43c8e..a1abf23 100644 --- a/roles/relayd/templates/relayd.conf.j2 +++ b/roles/relayd/templates/relayd.conf.j2 @@ -7,7 +7,7 @@ # ====== # table <local> { 127.0.0.1 } -{% for h in groups["all"] %} +{% for h in groups["servers"] %} {% set h = dict(hostvars[h]) %} {##} {% if h.ip.in is defined %} @@ -20,12 +20,15 @@ table <{{ h.ansible_host }}> { {{ h.ip.in }} } # filter for vhost # ================ # -http protocol vhost { -{% for h in groups["all"] %} +http protocol reverse_proxy { + pass request header "Host" value "{{ global.domain_name }}" forward to <local> +{% for h in groups["servers"] %} {% set h = dict(hostvars[h]) %} {##} {% if h.ip.in is defined %} - pass request header "Host" value "{{ h.ansible_host }}.{{ _i.domain_name }}" forward to <{{ h.ansible_host }}> +{% for service in h.services if service.domain is defined %} + pass request header "Host" value "{{ service.domain }}.{{ global.domain_name }}" forward to <{{ h.ansible_host }}> +{% endfor %} {% endif %} {##} {% endfor %} @@ -35,24 +38,15 @@ http protocol vhost { # relays for all protocol # ======================= # -{% set relays = {} %} -{% for h in groups["servers"] %} - {% set h = dict(hostvars[h]) %} - {##} - {% for service in h.services | sort(attribute="port") if service.domain is defined %} - {% set _ = relays.update({ service.port : [] }) if relays[service.port] is not defined %} - {% set key_changer = { "host" : h.ansible_host, "domain" : service.domain } %} - {% set _ = relays[service.port].append(key_changer) %} - {% endfor %} - {##} +relay www { + listen on egress port 80 + protocol reverse_proxy + forward to <local> port 80 check icmp +{% for hostname in groups["servers"] %} +{% set h = dict(hostvars[hostname]) %} +{% for service in h.services if service.domain is defined %} + forward to <{{ hostname }}> port {{ service.port }} check icmp {% endfor %} - -{% for relay in relays %} -relay vhost_{{ relay }} { - listen on egress port {{ relay }} - protocol vhost -{% for h in relays[relay] %} - forward to <{{ h.host }}> port {{ relay }} check icmp {% endfor %} } -{% endfor %} + |