02ec8d03ed
Murano used to have a custom, always-enabled ssl middleware, to parse X-Forwarded-Proto header, to let murano work correctly behind an SSL proxy. There is now an oslo middleware, that does the same thing, but more thoroughly. This commit replaces custom implementation with oslo one. Co-Authored-By: Kirill Zaitsev <k.zaitsev@me.com> Change-Id: I5444542b878434fb656e19b12d0f6e71df1ab95f
19 lines
886 B
YAML
19 lines
886 B
YAML
---
|
|
|
|
features:
|
|
- |
|
|
Murano switched to using standard oslo middleware HTTPProxyToWSGI instead
|
|
of custom implementation. This middleware parses the X-Forwarded-Proto
|
|
HTTP header or the Proxy protocol in order to help murano respond with
|
|
the correct URL refs when it's put behind a TLS proxy (such as HAProxy).
|
|
This middleware is disabled by default, but can be enabled via a
|
|
configuration option in the oslo_middleware group.
|
|
upgrade:
|
|
- |
|
|
File ``murano-paste.ini has been updated to use oslo HTTPProxyToWSGI middleware.
|
|
Config option ``secure_proxy_ssl_header`` has been removed. Please refer to
|
|
oslo_middleware configuration options if you wish deploy murano behind TLS proxy.
|
|
Most notably you would need to set ``enable_proxy_headers_parsing`` under group
|
|
``oslo_middleware`` to True, to enable header parsing.
|
|
|