Merge "Replace rsprep directive with http-response replace-header"
This commit is contained in:
commit
bb075ca80a
|
@ -1308,7 +1308,7 @@ class tripleo::haproxy (
|
|||
}
|
||||
if $service_certificate {
|
||||
$heat_ssl_options = {
|
||||
'rsprep' => "^Location:\\ http://${public_virtual_ip}(.*) Location:\\ https://${public_virtual_ip}\\1",
|
||||
'http-response' => "replace-header Location http://${public_virtual_ip}(.*) https://${public_virtual_ip}\\1",
|
||||
}
|
||||
$heat_listen_options = merge($default_listen_options, $heat_ssl_options, $heat_timeout_options)
|
||||
$heat_frontend_options = merge($default_frontend_options, $heat_ssl_options, $heat_timeout_options)
|
||||
|
|
|
@ -190,9 +190,9 @@ define tripleo::haproxy::endpoint (
|
|||
if $public_certificate {
|
||||
if $mode == 'http' {
|
||||
$tls_listen_options = {
|
||||
'rsprep' => '^Location:\ http://(.*) Location:\ https://\1',
|
||||
'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
|
||||
'option' => 'forwardfor',
|
||||
'http-response' => 'replace-header Location http://(.*) https://\\1',
|
||||
'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
|
||||
'option' => 'forwardfor',
|
||||
}
|
||||
$listen_options_precookie = merge($tls_listen_options, $listen_options, $custom_options)
|
||||
$frontend_options_precookie = merge($tls_listen_options, $frontend_options, $custom_frontend_options)
|
||||
|
|
|
@ -129,11 +129,11 @@ class tripleo::haproxy::horizon_endpoint (
|
|||
"${public_virtual_ip}:443" => union($haproxy_listen_bind_param, ['ssl', 'crt', $public_certificate], $custom_bind_options_public),
|
||||
}
|
||||
$horizon_frontend_options = {
|
||||
'rsprep' => '^Location:\ http://(.*) Location:\ https://\1',
|
||||
'http-response' => 'replace-header Location http://(.*) https://\\1',
|
||||
# NOTE(jaosorior): We always redirect to https for the public_virtual_ip.
|
||||
'redirect' => 'scheme https code 301 if !{ ssl_fc }',
|
||||
'option' => [ 'forwardfor' ],
|
||||
'http-request' => [
|
||||
'redirect' => 'scheme https code 301 if !{ ssl_fc }',
|
||||
'option' => [ 'forwardfor' ],
|
||||
'http-request' => [
|
||||
'set-header X-Forwarded-Proto https if { ssl_fc }',
|
||||
'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue