From 1da07f9ecb3da1420c580dff0ba8f36d416dff65 Mon Sep 17 00:00:00 2001
From: Yanis Guenane <yanis.guenane@enovance.com>
Date: Tue, 7 Oct 2014 16:24:50 -0400
Subject: [PATCH] dashboard: Allow multiple value for ALLOWED_HOST in horizon

Allow one to specify an array of allowed_hosts for the horizon
configuration. Thus, it can allow local traffic and traffic from
the loadbalancer.
---
 manifests/dashboard.pp               |  4 +++-
 spec/classes/cloud_dashboard_spec.rb | 35 ++++++++++++++++++++++++++--
 2 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/manifests/dashboard.pp b/manifests/dashboard.pp
index 81e8abb1..19b2b28c 100644
--- a/manifests/dashboard.pp
+++ b/manifests/dashboard.pp
@@ -91,7 +91,8 @@ class cloud::dashboard(
   $horizon_key               = undef,
   $horizon_ca                = undef,
   $ssl_forward               = false,
-  $os_endpoint_type          = undef
+  $os_endpoint_type          = undef,
+  $allowed_hosts             = $::fqdn,
 ) {
 
   # We build the param needed for horizon class
@@ -133,6 +134,7 @@ class cloud::dashboard(
     horizon_ca              => $horizon_ca,
     vhost_extra_params      => $vhost_extra_params,
     openstack_endpoint_type => $os_endpoint_type,
+    allowed_hosts           => $allowed_hosts,
   }
 
   if ($::osfamily == 'Debian') {
diff --git a/spec/classes/cloud_dashboard_spec.rb b/spec/classes/cloud_dashboard_spec.rb
index bd702f77..4460b94b 100644
--- a/spec/classes/cloud_dashboard_spec.rb
+++ b/spec/classes/cloud_dashboard_spec.rb
@@ -34,7 +34,8 @@ describe 'cloud::dashboard' do
         :api_eth                    => '10.0.0.1',
         :ssl_forward                => true,
         :servername                 => 'horizon.openstack.org',
-        :os_endpoint_type           => 'internalURL' }
+        :os_endpoint_type           => 'internalURL',
+        :allowed_hosts              => 'horizon.openstack.org'}
     end
 
     it 'configure horizon' do
@@ -54,10 +55,40 @@ describe 'cloud::dashboard' do
               'add_listen' => true ,
               'setenvif'     => ['X-Forwarded-Proto https HTTPS=1']
           },
-          :openstack_endpoint_type => 'internalURL'
+          :openstack_endpoint_type => 'internalURL',
+          :allowed_hosts           => 'horizon.openstack.org'
         )
       is_expected.to contain_class('apache').with(:default_vhost => false)
     end
+
+    context 'with multiple allowed_hosts' do
+      before do
+        params.merge!(:allowed_hosts => ['horizon.openstack.org', 'vip.openstack.org'])
+      end
+
+      it 'configure horizon with multiple allowed hosts' do
+        is_expected.to contain_class('horizon').with(
+          :listen_ssl              => false,
+          :secret_key              => '/etc/ssl/secret',
+          :can_set_mount_point     => 'False',
+          :fqdn                    => '10.0.0.1',
+          :bind_address            => '10.0.0.1',
+          :servername              => 'horizon.openstack.org',
+          :swift                   => true,
+          :cache_server_ip         => false,
+          :keystone_url            => 'http://keystone.openstack.org:5000/v2.0',
+          :django_debug            => true,
+          :neutron_options         => { 'enable_lb' => true },
+          :vhost_extra_params      => {
+              'add_listen' => true ,
+              'setenvif'     => ['X-Forwarded-Proto https HTTPS=1']
+          },
+          :openstack_endpoint_type => 'internalURL',
+          :allowed_hosts           => ['horizon.openstack.org', 'vip.openstack.org']
+        )
+      end
+    end
+
   end
 
   context 'on Debian platforms' do