Use Django's SECURE_PROXY_SSL_HEADER and add config

When behind a proxy like HAProxy, we need a way to have
Django correctly know if the incoming request was actually
coming via HTTPS so when Adjutant returns generated URLs
of itself, it can correctly mark them as HTTPS.

This fixes and issue with the version URLs not being returned
as HTTPS when they should be.

Change-Id: I9824eadb9927a5d44f11c381fbe2b1576ffb66c0

adjutant/config/django.py

@@ -45,6 +45,22 @@ config_group.register_child_config(
         unsafe_default=True,
     )
 )
+config_group.register_child_config(
+    fields.StrConfig(
+        "secure_proxy_ssl_header",
+        help_text="The header representing a HTTP header/value combination "
+                  "that signifies a request is secure.",
+        default="HTTP_X_FORWARDED_PROTO",
+    )
+)
+config_group.register_child_config(
+    fields.StrConfig(
+        "secure_proxy_ssl_header_value",
+        help_text="The value representing a HTTP header/value combination "
+                  "that signifies a request is secure.",
+        default="https",
+    )
+)
 config_group.register_child_config(
     fields.DictConfig(
         "databases",

adjutant/settings.py

@@ -114,6 +114,11 @@ if DEBUG:
 
 ALLOWED_HOSTS = adj_conf.django.allowed_hosts
 
+SECURE_PROXY_SSL_HEADER = (
+    adj_conf.django.secure_proxy_ssl_header,
+    adj_conf.django.secure_proxy_ssl_header_value
+)
+
 DATABASES = adj_conf.django.databases
 
 if adj_conf.django.logging:

etc/adjutant.yaml

@@ -9,6 +9,12 @@ django:
   # The Django allowed hosts
   allowed_hosts:
     - '*'
+  # String
+  # The header representing a HTTP header/value combination that signifies a request is secure.
+  secure_proxy_ssl_header: HTTP_X_FORWARDED_PROTO
+  # String
+  # The value representing a HTTP header/value combination that signifies a request is secure.
+  secure_proxy_ssl_header_value: https
   # Dict
   # Django databases config.
   databases: