aboutsummaryrefslogtreecommitdiffstats
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/relayd/templates/relayd.conf.j238
1 files changed, 16 insertions, 22 deletions
diff --git a/roles/relayd/templates/relayd.conf.j2 b/roles/relayd/templates/relayd.conf.j2
index 4b43c8e..a1abf23 100644
--- a/roles/relayd/templates/relayd.conf.j2
+++ b/roles/relayd/templates/relayd.conf.j2
@@ -7,7 +7,7 @@
# ====== #
table <local> { 127.0.0.1 }
-{% for h in groups["all"] %}
+{% for h in groups["servers"] %}
{% set h = dict(hostvars[h]) %}
{##}
{% if h.ip.in is defined %}
@@ -20,12 +20,15 @@ table <{{ h.ansible_host }}> { {{ h.ip.in }} }
# filter for vhost
# ================ #
-http protocol vhost {
-{% for h in groups["all"] %}
+http protocol reverse_proxy {
+ pass request header "Host" value "{{ global.domain_name }}" forward to <local>
+{% for h in groups["servers"] %}
{% set h = dict(hostvars[h]) %}
{##}
{% if h.ip.in is defined %}
- pass request header "Host" value "{{ h.ansible_host }}.{{ _i.domain_name }}" forward to <{{ h.ansible_host }}>
+{% for service in h.services if service.domain is defined %}
+ pass request header "Host" value "{{ service.domain }}.{{ global.domain_name }}" forward to <{{ h.ansible_host }}>
+{% endfor %}
{% endif %}
{##}
{% endfor %}
@@ -35,24 +38,15 @@ http protocol vhost {
# relays for all protocol
# ======================= #
-{% set relays = {} %}
-{% for h in groups["servers"] %}
- {% set h = dict(hostvars[h]) %}
- {##}
- {% for service in h.services | sort(attribute="port") if service.domain is defined %}
- {% set _ = relays.update({ service.port : [] }) if relays[service.port] is not defined %}
- {% set key_changer = { "host" : h.ansible_host, "domain" : service.domain } %}
- {% set _ = relays[service.port].append(key_changer) %}
- {% endfor %}
- {##}
+relay www {
+ listen on egress port 80
+ protocol reverse_proxy
+ forward to <local> port 80 check icmp
+{% for hostname in groups["servers"] %}
+{% set h = dict(hostvars[hostname]) %}
+{% for service in h.services if service.domain is defined %}
+ forward to <{{ hostname }}> port {{ service.port }} check icmp
{% endfor %}
-
-{% for relay in relays %}
-relay vhost_{{ relay }} {
- listen on egress port {{ relay }}
- protocol vhost
-{% for h in relays[relay] %}
- forward to <{{ h.host }}> port {{ relay }} check icmp
{% endfor %}
}
-{% endfor %}
+
remember that computers suck.