1
23.7 Legacy Series / Help with relayd plugin
« on: October 13, 2023, 01:06:54 am »
I want to use relayd to forward requests based on domain to either box1 or box2 in my LAN. I tried using HAProxy in the past, but the configuration UI is confusing, so I was looking for alternatives and found relayd - and OPNSense has a plugin for it too, so I tried using it.
Alas, the UI this time is limiting, because I got relayd to work, but had to edit the /usr/local/etc/relayd.conf file by hand. How can I replicate the following config (that works and suits my use case perfectly) on the plugin's UI?
Alas, the UI this time is limiting, because I got relayd to work, but had to edit the /usr/local/etc/relayd.conf file by hand. How can I replicate the following config (that works and suits my use case perfectly) on the plugin's UI?
Code: [Select]
# DO NOT EDIT THIS FILE -- OPNsense auto-generated file
ext_addr = REDACTED
log state changes
log connection
table <apu2> { 192.168.1.96 }
table <syno> { 192.168.1.12 }
http protocol "www" {
match header log "Host"
match header log "X-Forwarded-For"
match header log "User-Agent"
match header log "Referer"
match url log
match request header set "X-Forwarded-For" value "$REMOTE_ADDR"
match request header set "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
tcp { nodelay, socket buffer 65536, backlog 100 }
http websockets
pass request quick header "Host" value "*.domain1" forward to <syno>
pass request quick header "Host" value "*.domain2" forward to <apu2>
block
}
http protocol "wwwtls" {
match header log "Host"
match header log "X-Forwarded-For"
match header log "User-Agent"
match header log "Referer"
match url log
match header set "X-Forwarded-For" value "$REMOTE_ADDR"
match header set "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
match header set "Keep-Alive" value "$TIMEOUT"
http websockets
tls keypair domain1
tls keypair domain2
tcp { nodelay, socket buffer 65536, backlog 100 }
match request header set "X-Forwarded-Proto" value "http"
pass request quick header "Host" value "*.domain1" forward to <syno>
pass request quick header "Host" value "*.domain2" forward to <apu2>
block
}
relay "www" {
listen on $ext_addr port 80
protocol "www"
forward to <apu2> port 80 check tcp
forward to <syno> port 180 check tcp
}
relay "wwwtls" {
listen on $ext_addr port 443 tls
protocol "wwwtls"
forward to <syno> port 180 check tcp
forward to <apu2> port 80 check tcp
}