Move TCP/UDP relays to relay servers

playbooks/proxy.yml

@@ -11,7 +11,6 @@
 
   roles:
     - base
-    - relayd
     - ifstated
     - nginx/server
     - role: nginx/site

roles/relayd/templates/relayd.conf.j2

@@ -1,15 +1,26 @@
+log state changes
+log connection
+
+relay "syslog-int" {
+    listen on 172.20.20.5 port 6514
+    forward to log01.home.foo.sh port 6514
+}
+relay "syslog-ext" {
+    listen on 37.16.96.150 port 6514
+    forward to log01.home.foo.sh port 6514
+}
 
-{% if inventory_hostname == "proxy01.home.foo.sh" %}
-table <ldap_servers> { ldap01.home.foo.sh }
-{% else %}
 table <ldap_servers> { ldap01.home.foo.sh, ldap02.home.foo.sh }
-{% endif %}
+relay "ldap-int" {
-relay "ldap" {
+    listen on 172.20.20.6 port 636
-    listen on 0.0.0.0 port 636
+    forward to <ldap_servers> check tls
+}
+relay "ldap-ext" {
+    listen on 37.16.96.151 port 636
     forward to <ldap_servers> check tls
 }
 
-relay "syslog" {
+relay "ldap01-ext" {
-    listen on 0.0.0.0 port 6514
+    listen on 37.16.96.152 port 636
-    forward to log01.home.foo.sh port 6514
+    forward to ldap01.home.foo.sh port 636
 }