From 180dae44a40b7760c15b64fd49663afb69ac6e5c Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Tue, 28 May 2019 02:33:03 +0300
Subject: [PATCH] create relayd role and enable it for proxy group

---
 playbooks/proxy.yml                   |  1 +
 roles/relayd/handlers/main.yml        |  5 +++++
 roles/relayd/tasks/main.yml           | 16 ++++++++++++++++
 roles/relayd/templates/relayd.conf.j2 |  6 ++++++
 4 files changed, 28 insertions(+)
 create mode 100644 roles/relayd/handlers/main.yml
 create mode 100644 roles/relayd/tasks/main.yml
 create mode 100644 roles/relayd/templates/relayd.conf.j2

diff --git a/playbooks/proxy.yml b/playbooks/proxy.yml
index 601fa32..d9a7d16 100644
--- a/playbooks/proxy.yml
+++ b/playbooks/proxy.yml
@@ -11,6 +11,7 @@
 
   roles:
     - base
+    - relayd
     - ifstated
     - nginx/server
     - role: nginx/site
diff --git a/roles/relayd/handlers/main.yml b/roles/relayd/handlers/main.yml
new file mode 100644
index 0000000..e848628
--- /dev/null
+++ b/roles/relayd/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: restart relayd
+  service:
+    name: relayd
+    state: restarted
diff --git a/roles/relayd/tasks/main.yml b/roles/relayd/tasks/main.yml
new file mode 100644
index 0000000..bb825f4
--- /dev/null
+++ b/roles/relayd/tasks/main.yml
@@ -0,0 +1,16 @@
+---
+
+- name: copy relayd config
+  template:
+    dest: /etc/relayd.conf
+    src: relayd.conf.j2
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart relayd
+
+- name: enable relayd service
+  service:
+    name: relayd
+    state: started
+    enabled: true
diff --git a/roles/relayd/templates/relayd.conf.j2 b/roles/relayd/templates/relayd.conf.j2
new file mode 100644
index 0000000..b4226c2
--- /dev/null
+++ b/roles/relayd/templates/relayd.conf.j2
@@ -0,0 +1,6 @@
+
+table <ldap_servers> { ldap01.home.foo.sh }
+relay "ldap" {
+    listen on 0.0.0.0 port 636
+    forward to <ldap_servers> check tls
+}