Remove condition to match hdr(host) in haproxy redirect rule

The horizon proxy should redirect all HTTP requests to HTTPS, regardless of the 'Host' field in the header. The current rule will cause haproxy to redirect HTTP requests if the 'Host' field contains the public virtual IP address. It will not redirect if the 'Host' field contains a hostname, FQDN, etc. Change-Id: I6c8f58a30f97cdf4c668734793197ea976297733 Signed-off-by: Ryan O'Hara <rohara@redhat.com>
author: Ryan O'Hara <rohara@redhat.com> 2017-06-08 10:26:11 -0500
committer: Juan Antonio Osorio Robles <jaosorior@redhat.com> 2017-06-12 08:23:09 +0000
commit: 2606a4e66fa2802de604d56ade018119bebd79cc (patch)
tree: 5a74d8676e5ab591fb6893e31107a102f8a6ad24 /manifests/haproxy.pp
parent: 1041ef2305c0261608d52ad9c727667be4e76d99 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 5f70647..efbfedc 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -769,7 +769,7 @@ class tripleo::haproxy (
       'cookie'       => 'SERVERID insert indirect nocache',
       'rsprep'       => '^Location:\ http://(.*) Location:\ https://\1',
       # NOTE(jaosorior): We always redirect to https for the public_virtual_ip.
-      'redirect'     => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
+      'redirect'     => 'scheme https code 301 if !{ ssl_fc }',
       'option'       => [ 'forwardfor', 'httpchk' ],
       'http-request' => [
           'set-header X-Forwarded-Proto https if { ssl_fc }',
author	Ryan O'Hara <rohara@redhat.com>	2017-06-08 10:26:11 -0500
committer	Juan Antonio Osorio Robles <jaosorior@redhat.com>	2017-06-12 08:23:09 +0000
commit	2606a4e66fa2802de604d56ade018119bebd79cc (patch)
tree	5a74d8676e5ab591fb6893e31107a102f8a6ad24 /manifests/haproxy.pp
parent	1041ef2305c0261608d52ad9c727667be4e76d99 (diff)