openstack
/
puppet-openstacklib
Code Issues Proposed changes

Add ssl_verify_client to wsgi::apache 

Change-Id: Iee9f8e0d87310e099185044f1cc1939a03aa9977
This commit is contained in:
Tobias Urdin 2020-10-14 11:20:21 +02:00
parent 57771aa866
commit 342f4f0b04
3 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/wsgi/apache.pp
View File

@ -67,6 +67,11 @@
# (Optional) Path to SSL key.
# Default to apache::vhost 'ssl_*' defaults
#
# [*ssl_verify_client*]
# (Optional) Sets the SSLVerifyClient directive which sets the
# certificate verification level for client authentication.
# Default to apache::vhost 'ssl_*' defaults
#
# [*ssl_chain*]
# (Optional) SSL chain.
# Default to apache::vhost 'ssl_*' defaults
@ -240,6 +245,7 @@ define openstacklib::wsgi::apache (
$ssl_crl = undef,
$ssl_crl_path = undef,
$ssl_key = undef,
$ssl_verify_client = undef,
$threads = 1,
$user = undef,
$workers = $::os_workers,
@ -352,6 +358,7 @@ define openstacklib::wsgi::apache (
ssl => $ssl,
ssl_cert => $ssl_cert,
ssl_key => $ssl_key,
ssl_verify_client => $ssl_verify_client,
ssl_chain => $ssl_chain,
ssl_ca => $ssl_ca,
ssl_crl_path => $ssl_crl_path,

4
releasenotes/notes/add-ssl_verify_client-87e52209cc80861d.yaml Normal file
View File

@ -0,0 +1,4 @@
---
features:
- |
Added ssl_verify_client parameter to openstacklib::wsgi::apache.

2
spec/defines/openstacklib_wsgi_apache_spec.rb
View File

@ -33,6 +33,7 @@ describe 'openstacklib::wsgi::apache' do
:bind_port => 5000,
:group => 'keystone',
:ssl => true,
:ssl_verify_client => 'optional',
:user => 'keystone',
:wsgi_script_dir => '/var/www/cgi-bin/keystone',
:wsgi_script_file => 'main',
@ -76,6 +77,7 @@ describe 'openstacklib::wsgi::apache' do
:docroot_group => 'keystone',
:setenv => [],
:ssl => 'true',
:ssl_verify_client => 'optional',
:wsgi_daemon_process => {
'keystone_wsgi' => {
'user' => 'keystone',