openstack/openstack-ansible
Code Issues Proposed changes
openstack-ansible/playbooks/roles/os_horizon/templates/openstack_dashboard.conf.j2
Miguel Grinberg f28e412db7 Put horizon in its own process 
This change makes mod_wsgi create standalone processes for horizon. This
avoids obscure start up errors when mod_wsgi needs to spawn a new
process or thread. These restarts occur, for example, when mod_wsgi
receives a request from a client that is accessing the service through a
non-standard SSL port that is mapped to the port mod_wsgi is listening
on.

Change-Id: I5907b5c06cef0272ee145c277f79f23ba37741a4
Closes-Bug: #1499073
2015-09-23 21:02:02 +00:00

54 lines
1.7 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
{% set threads = ansible_processor_vcpus // 2 %}
<VirtualHost *:80>
ServerName {{ horizon_server_name }}
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
ServerName {{ horizon_server_name }}
LogLevel {{ horizon_log_level }}
ErrorLog /var/log/horizon/horizon-error.log
CustomLog /var/log/horizon/ssl_access.log combined
Options +FollowSymLinks
SSLEngine on
SSLCertificateFile {{ horizon_ssl_cert }}
SSLCertificateKeyFile {{ horizon_ssl_key }}
{% if horizon_user_ssl_ca_cert is defined -%}
SSLCACertificateFile {{ horizon_ssl_ca_cert }}
{% endif -%}
SSLCompression Off
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite {{ horizon_ssl_cipher_suite }}
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
WSGIScriptAlias / {{ horizon_lib_dir }}/openstack_dashboard/wsgi/django.wsgi
WSGIDaemonProcess horizon user={{ horizon_system_user_name }} group={{ horizon_system_group_name }} processes={{ ansible_processor_cores }} threads={{ threads if threads > 0 else 1 }}
WSGIProcessGroup horizon
WSGIApplicationGroup horizon
Alias /static {{ horizon_lib_dir }}/static/
<Directory /usr/local/lib/python2.7/dist-packages/openstack_dashboard/wsgi/>
<Files django.wsgi>
Order allow,deny
allow from all
Require all granted
</Files>
</Directory>
<Directory {{ horizon_lib_dir }}/static/>
Options -FollowSymlinks
AllowOverride None
Order allow,deny
allow from all
Require all granted
</Directory>
</VirtualHost>
View Git Blame Copy Permalink