7c752b0216
This patchset implements necessary actions which are required to properly set headers when using SSL. Change-Id: I8cf4c048835b85c0845083768ec2d66e940cb15f Closes-Bug: #1736417
28 lines
867 B
Plaintext
28 lines
867 B
Plaintext
{% if options.endpoints -%}
|
|
{% for ext_port in options.ext_ports -%}
|
|
Listen {{ ext_port }}
|
|
{% endfor -%}
|
|
{% for address, endpoint, ext, int in options.endpoints -%}
|
|
<VirtualHost {{ address }}:{{ ext }}>
|
|
ServerName {{ endpoint }}
|
|
SSLEngine on
|
|
SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
|
|
SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
|
|
SSLCertificateFile /etc/apache2/ssl/{{ options.service_name }}/cert_{{ endpoint }}
|
|
SSLCertificateKeyFile /etc/apache2/ssl/{{ options.service_name }}/key_{{ endpoint }}
|
|
ProxyPass / http://localhost:{{ int }}/
|
|
ProxyPassReverse / http://localhost:{{ int }}/
|
|
ProxyPreserveHost on
|
|
RequestHeader set X-Forwarded-Proto "https"
|
|
</VirtualHost>
|
|
{% endfor -%}
|
|
<Proxy *>
|
|
Order deny,allow
|
|
Allow from all
|
|
</Proxy>
|
|
<Location />
|
|
Order allow,deny
|
|
Allow from all
|
|
</Location>
|
|
{% endif -%}
|