“relayd is a daemon to relay and dynamically redirect incoming connections to a target host. Its main purposes are to run as a load-balancer, application layer gateway, or transparent proxy. The daemon is able to monitor groups of hosts for availability, which is determined by checking for a specific service common to a host group. When availability is confirmed, layer 3 and/or layer 7 forwarding services are set up by relayd.”

THIS WILL NOT WORK!

goals:

  • setup reverse https proxy
  • example for gitea
## setup "/etc/relayd.conf"
table <gitea> { example.com }
http protocol "httpproxy" {
pass request quick header "Host" value "gitea.example.com" \
    forward to <gitea>
    block
}
relay "proxy" {
    listen on example.com port 80
    listen on example.com port 443 tls
    protocol "httpproxy"
    forward to <gitea> port 3000
}

## generate certificate
> openssl req \
      -x509 -nodes \
      -subj "/C=DE/ST=Germany/L=Magdeburg/O=x33u/OU=webdev/CN=192.168.1.10" \
      -newkey rsa:4096 \
      -keyout /etc/ssl/private/example.com.key \
      -out /etc/ssl/example.com.crt \
      -days 365

relayd(8) auto catch correct certificate when name match FQDN/IP

## testing "relayd.conf" file
> relayd -nf /etc/relayd.conf

## start relayd forced
> rcctl -f start relayd

## enable relayd
> rcctl enable relayd