From dcd9a269dc95c504983935a16372db4e7a021426 Mon Sep 17 00:00:00 2001
From: tpsilva <tiago.pasqualini@canonical.com>
Date: Sat, 2 Nov 2019 06:22:47 -0300
Subject: [PATCH] Disable Apache default ports

Openstack services don't use the default ports (80 and 443), so
change Apache to not open them.

Change-Id: I543e3309c5522d7bc865133f8ec5ecc79542112c
Closes-bug: #1845665
---
 hooks/glance_utils.py           | 7 ++++++-
 templates/ports.conf            | 1 +
 unit_tests/test_glance_utils.py | 3 +++
 3 files changed, 10 insertions(+), 1 deletion(-)
 create mode 100644 templates/ports.conf

diff --git a/hooks/glance_utils.py b/hooks/glance_utils.py
index ac4b9774..d6de052b 100644
--- a/hooks/glance_utils.py
+++ b/hooks/glance_utils.py
@@ -121,6 +121,7 @@ CEPH_CONF = "/etc/ceph/ceph.conf"
 CHARM_CEPH_CONF = '/var/lib/charm/{}/ceph.conf'
 
 HAPROXY_CONF = "/etc/haproxy/haproxy.cfg"
+APACHE_PORTS_CONF = '/etc/apache2/ports.conf'
 HTTPS_APACHE_CONF = "/etc/apache2/sites-available/openstack_https_frontend"
 HTTPS_APACHE_24_CONF = "/etc/apache2/sites-available/" \
     "openstack_https_frontend.conf"
@@ -208,7 +209,11 @@ CONFIG_FILES = OrderedDict([
     (HTTPS_APACHE_24_CONF, {
         'hook_contexts': [glance_contexts.ApacheSSLContext()],
         'services': ['apache2'],
-    })
+    }),
+    (APACHE_PORTS_CONF, {
+        'contexts': [],
+        'services': ['apache2'],
+    }),
 ])
 
 
diff --git a/templates/ports.conf b/templates/ports.conf
new file mode 100644
index 00000000..b46c7281
--- /dev/null
+++ b/templates/ports.conf
@@ -0,0 +1 @@
+#File written by Juju: leave default ports closed (see LP 1845665).
diff --git a/unit_tests/test_glance_utils.py b/unit_tests/test_glance_utils.py
index f597fa2b..f3133698 100644
--- a/unit_tests/test_glance_utils.py
+++ b/unit_tests/test_glance_utils.py
@@ -154,6 +154,7 @@ class TestGlanceUtils(CharmTestCase):
             (utils.HAPROXY_CONF, ['haproxy']),
             (utils.HTTPS_APACHE_CONF, ['apache2']),
             (utils.HTTPS_APACHE_24_CONF, ['apache2']),
+            (utils.APACHE_PORTS_CONF, ['apache2']),
             (utils.MEMCACHED_CONF, ['memcached']),
             (utils.GLANCE_POLICY_FILE, ['glance-api', 'glance-registry']),
         ])
@@ -175,6 +176,7 @@ class TestGlanceUtils(CharmTestCase):
             (utils.HAPROXY_CONF, ['haproxy']),
             (utils.HTTPS_APACHE_CONF, ['apache2']),
             (utils.HTTPS_APACHE_24_CONF, ['apache2']),
+            (utils.APACHE_PORTS_CONF, ['apache2']),
             (utils.MEMCACHED_CONF, ['memcached']),
             (utils.GLANCE_POLICY_FILE, ['glance-api']),
         ])
@@ -198,6 +200,7 @@ class TestGlanceUtils(CharmTestCase):
             (utils.HAPROXY_CONF, ['haproxy']),
             (utils.HTTPS_APACHE_CONF, ['apache2']),
             (utils.HTTPS_APACHE_24_CONF, ['apache2']),
+            (utils.APACHE_PORTS_CONF, ['apache2']),
             (utils.MEMCACHED_CONF, ['memcached']),
             (utils.GLANCE_POLICY_FILE, ['glance-api']),
             ('{}/*'.format(utils.APACHE_SSL_DIR),