Browse Source

Support TLS deployments with KernelDisableIPv6 enabled

This will listen on 127.0.0.1 in case ipv6 is disabled.
The localhost_address is set in t-h-t kernel-baremetal-puppet.yaml
in a related patch.

Change-Id: Ic77281cc69230b77224421e3d79d93803ea18bad
Needed-By: Ide761c21dc87dadc722e27c9b8a7b68194164cb2
Related: rhbz#1703460
(cherry picked from commit 5061ed8b7b)
tags/8.5.1
Grzegorz Grasza 2 months ago
parent
commit
9f6cbedae6
1 changed files with 7 additions and 2 deletions
  1. 7
    2
      manifests/tls_proxy.pp

+ 7
- 2
manifests/tls_proxy.pp View File

@@ -37,6 +37,10 @@
37 37
 #   (Optional) Whether the Host header is perserved in proxied requests.
38 38
 #   See the Apache ProxyPreserveHost directive docs.
39 39
 #   Defaults to false
40
+#
41
+# [*proxy_pass_host*]
42
+#   The host to connect to.
43
+#   Defaults to hiera('localhost_address', 'localhost')
40 44
 
41 45
 define tripleo::tls_proxy(
42 46
   $ip,
@@ -44,7 +48,8 @@ define tripleo::tls_proxy(
44 48
   $servername,
45 49
   $tls_cert,
46 50
   $tls_key,
47
-  $preserve_host = false
51
+  $preserve_host = false,
52
+  $proxy_pass_host = hiera('localhost_address', 'localhost')
48 53
 ) {
49 54
   include ::apache
50 55
   ::apache::vhost { "${title}-proxy":
@@ -61,7 +66,7 @@ define tripleo::tls_proxy(
61 66
     proxy_preserve_host => $preserve_host,
62 67
     proxy_pass          => {
63 68
       path   => '/',
64
-      url    => "http://localhost:${port}/",
69
+      url    => "http://${proxy_pass_host}:${port}/",
65 70
       params => {retry => '10'},
66 71
     }
67 72
   }

Loading…
Cancel
Save