From d599adcd95fa074cfe4096a4bae77079b2ae9ec3 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sat, 8 Jun 2019 17:24:42 +0300
Subject: [PATCH] enable ldap slave

---
 playbooks/proxy.yml                   | 2 +-
 roles/relayd/templates/relayd.conf.j2 | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/playbooks/proxy.yml b/playbooks/proxy.yml
index 476d353..ea24c02 100644
--- a/playbooks/proxy.yml
+++ b/playbooks/proxy.yml
@@ -29,7 +29,7 @@
       proxy: https://git02.home.foo.sh/
     - role: nginx/site
       site: id.foo.sh
-      proxy: https://ldap01.home.foo.sh/
+      proxy: [ldap01.home.foo.sh,ldap02.home.foo.sh]
     - role: nginx/site
       site: ldap.foo.sh
       redirect: https://www.foo.sh/
diff --git a/roles/relayd/templates/relayd.conf.j2 b/roles/relayd/templates/relayd.conf.j2
index b4226c2..ed5cb11 100644
--- a/roles/relayd/templates/relayd.conf.j2
+++ b/roles/relayd/templates/relayd.conf.j2
@@ -1,5 +1,9 @@
 
+{% if inventory_hostname == "proxy01.home.foo.sh" %}
 table <ldap_servers> { ldap01.home.foo.sh }
+{% else %}
+table <ldap_servers> { ldap01.home.foo.sh, ldap02.home.foo.sh }
+{% endif %}
 relay "ldap" {
     listen on 0.0.0.0 port 636
     forward to <ldap_servers> check tls