openstack/puppet-openstack-integration
Code Issues Proposed changes

Horizon: Enable a few options for SSL

Browse Source 
The SECURE_PROXY_SSL_HEADER option and some options to secure cookies
are usually configured when ssl is enabled.

This ensures these options are configured when SSL is enabled in
Horizon.

Change-Id: I8158f550574283df73729a3d552b4341075b42d9
This commit is contained in:
Takashi Kajinami 2023-09-12 16:59:57 +09:00
parent cb58abc4c9
commit fcef63ea7b
1 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
manifests/horizon.pp
View File

@ -57,6 +57,8 @@ class openstack_integration::horizon (
ssl_key => "/etc/openstack-dashboard/ssl/private/${facts['networking']['fqdn']}.pem", ssl_key => "/etc/openstack-dashboard/ssl/private/${facts['networking']['fqdn']}.pem",
ssl_ca => $::openstack_integration::params::ca_bundle_cert_path, ssl_ca => $::openstack_integration::params::ca_bundle_cert_path,
ssl_verify_client => 'optional', ssl_verify_client => 'optional',
enable_secure_proxy_ssl_header => $::openstack_integration::config::ssl,
secure_cookies => $::openstack_integration::config::ssl,
wsgi_processes => 2, wsgi_processes => 2,
keystone_url => $::openstack_integration::config::keystone_auth_uri, keystone_url => $::openstack_integration::config::keystone_auth_uri,
log_level => 'DEBUG', log_level => 'DEBUG',