# relayd ~~ /etc/relayd.conf
# managed by Ansible

# ====== #
# tables
# ====== #

table <local> { 127.0.0.1 }
{% for h in groups["all"] %}
{% set h = dict(hostvars[h]) %}
{##}
{% if h.ip.in is defined %}
table <{{ h.ansible_host }}> { {{ h.ip.in }} }
{% endif %}
{##}
{% endfor %}

# ================ #
# filter for vhost
# ================ #

http protocol vhost {
{% for h in groups["all"] %}
{% set h = dict(hostvars[h]) %}
{##}
{% if h.ip.in is defined %}
	pass request header "Host" value "{{ h.ansible_host }}.{{ _i.domain_name }}" forward to <{{ h.ansible_host }}>
{% endif %}
{##}
{% endfor %}
}

# ======================= #
# relays for all protocol
# ======================= #

{% set relays = {} %}
{% for h in groups["servers"] %}
	{% set h = dict(hostvars[h]) %}
	{##}
	{% for service in h.services | sort(attribute="port") if service.domain is defined %}
		{% set _ = relays.update({ service.port : [] }) if relays[service.port] is not defined %}
		{% set key_changer = { "host" : h.ansible_host, "domain" : service.domain } %}
		{% set _ = relays[service.port].append(key_changer) %}
	{% endfor %}
	{##}
{% endfor %}

{% for relay in relays %}
relay vhost_{{ relay }} {
	listen on egress port {{ relay }}
	protocol vhost
{% for h in relays[relay] %}
	forward to <{{ h.host }}> port {{ relay }} check icmp
{% endfor %}
}
{% endfor %}