openstack/charm-cinder
Code Issues Proposed changes

Disable Apache port 80

Browse Source 
Currently, Apache ports.conf file is not being configured by this
charm. This patch changes the ports.conf default file with another one
that does not open port 80 on SSL environments.

Change-Id: Iaa80573dc2661089093c4c87ab100bf941f8b3b8
Closes-bug: #1845665
This commit is contained in:
tpsilva 2019-11-01 17:19:06 -03:00 committed by Tiago Pasqualini da Silva
parent 11e13e7fe0
commit 962225ecca
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
hooks/cinder_utils.py
View File

@ -162,6 +162,7 @@ CINDER_POLICY_JSON = '%s/policy.json' % CINDER_CONF_DIR
CEPH_CONF = '/etc/ceph/ceph.conf' CEPH_CONF = '/etc/ceph/ceph.conf'
HAPROXY_CONF = '/etc/haproxy/haproxy.cfg' HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
APACHE_PORTS_CONF = '/etc/apache2/ports.conf'
APACHE_SITE_CONF = '/etc/apache2/sites-available/openstack_https_frontend' APACHE_SITE_CONF = '/etc/apache2/sites-available/openstack_https_frontend'
APACHE_SITE_24_CONF = '/etc/apache2/sites-available/' \ APACHE_SITE_24_CONF = '/etc/apache2/sites-available/' \
'openstack_https_frontend.conf' 'openstack_https_frontend.conf'
@ -250,6 +251,10 @@ BASE_RESOURCE_MAP = OrderedDict([
'contexts': [cinder_contexts.ApacheSSLContext()], 'contexts': [cinder_contexts.ApacheSSLContext()],
'services': ['apache2'], 'services': ['apache2'],
}), }),
(APACHE_PORTS_CONF, {
'contexts': [],
'services': ['apache2'],
}),
]) ])

4
templates/ports.conf Normal file
View File

@ -0,0 +1,4 @@
# File written by Juju: don't open default ports on SSL environments (see LP 1845665).
<IfModule !ssl_module>
Listen 80
</IfModule>