Make Apache vhost respect X-Forwarded-Proto header

Without this, some OpenStack services will return invalid URLs if you are using SSL termination at a proxy in front of the service. Change-Id: I3ee6b5838f4703e3b8b1b6632dd45c94057b2202 Closes-Bug: 1597935
2016-07-01 22:09:29 +00:00 · 2016-07-01 22:09:29 +00:00 · b61adb6257
parent e4253e04b5
commit b61adb6257
2 changed files with 3 additions and 1 deletions
--- a/manifests/wsgi/apache.pp
+++ b/manifests/wsgi/apache.pp
@ -203,6 +203,7 @@ define openstacklib::wsgi::apache (
    docroot_owner               => $user,
    docroot_group               => $group,
    priority                    => $priority,
+    setenvif                    => ['X-Forwarded-Proto https HTTPS=1'],
    ssl                         => $ssl,
    ssl_cert                    => $ssl_cert,
    ssl_key                     => $ssl_key,
--- a/spec/defines/openstacklib_wsgi_apache_spec.rb
+++ b/spec/defines/openstacklib_wsgi_apache_spec.rb
@ -82,7 +82,8 @@ describe 'openstacklib::wsgi::apache' do
          'threads'   => global_facts[:processorcount],
        },
        'wsgi_application_group'      => '%{GLOBAL}',
-        'require'                     => 'File[keystone_wsgi]'
+        'require'                     => 'File[keystone_wsgi]',
+        'setenvif'                    => ['X-Forwarded-Proto https HTTPS=1']
      )}
      it { is_expected.to contain_concat("#{platform_parameters[:httpd_ports_file]}") }
    end