summaryrefslogtreecommitdiffstats
path: root/manifests
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2016-10-03 06:30:41 +0000
committerGerrit Code Review <review@openstack.org>2016-10-03 06:30:41 +0000
commit675cb627fec54732c5db4006788931d741dd79e2 (patch)
tree3ce2fad989b3b80334109859a9d02966c39fee2b /manifests
parent1e26963bef085c7ec16b342594da6286235fe7da (diff)
parentb7fe58567704920a819128d43a8aa38807ebba9a (diff)
Merge "Added X-Forwarded-Proto headers for horizon"
Diffstat (limited to 'manifests')
-rw-r--r--manifests/haproxy.pp11
1 files changed, 7 insertions, 4 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index 6a81731..2cac604 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -439,11 +439,14 @@ class tripleo::haproxy (
"${public_virtual_ip}:443" => union($haproxy_listen_bind_param, ['ssl', 'crt', $service_certificate]),
}
$horizon_options = {
- 'cookie' => 'SERVERID insert indirect nocache',
- 'rsprep' => '^Location:\ http://(.*) Location:\ https://\1',
+ 'cookie' => 'SERVERID insert indirect nocache',
+ 'rsprep' => '^Location:\ http://(.*) Location:\ https://\1',
# NOTE(jaosorior): We always redirect to https for the public_virtual_ip.
- 'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
- 'option' => 'forwardfor',
+ 'redirect' => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
+ 'option' => 'forwardfor',
+ 'http-request' => [
+ 'set-header X-Forwarded-Proto https if { ssl_fc }',
+ 'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
}
} else {
$horizon_bind_opts = {