2 files changed, 36 insertions, 2 deletions
diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index e1f5d50..dcd7ea6 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -155,7 +155,7 @@
 #
 # [*nova_novncproxy*]
 #  (optional) Enable or not Nova novncproxy binding
-#  Defaults to hiera('nova_vncproxy_enabled', false)
+#  Defaults to hiera('nova_vnc_proxy_enabled', false)
 #
 # [*ceilometer*]
 #  (optional) Enable or not Ceilometer API binding
@@ -320,7 +320,7 @@ class tripleo::haproxy (
   $glance_registry           = hiera('glance_registry_enabled', false),
   $nova_osapi                = hiera('nova_api_enabled', false),
   $nova_metadata             = hiera('nova_api_enabled', false),
-  $nova_novncproxy           = hiera('nova_vncproxy_enabled', false),
+  $nova_novncproxy           = hiera('nova_vnc_proxy_enabled', false),
   $ceilometer                = hiera('ceilometer_api_enabled', false),
   $aodh                      = hiera('aodh_api_enabled', false),
   $gnocchi                   = hiera('gnocchi_api_enabled', false),
@@ -593,6 +593,11 @@ class tripleo::haproxy (
       service_port      => $ports[manila_api_port],
       ip_addresses      => hiera('manila_api_node_ips', $controller_hosts_real),
       server_names      => $controller_hosts_names_real,
+      listen_options    => {
+          'http-request' => [
+            'set-header X-Forwarded-Proto https if { ssl_fc }',
+            'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
+      },
       public_ssl_port   => $ports[manila_api_ssl_port],
     }
   }
diff --git a/manifests/profile/base/validations.pp b/manifests/profile/base/validations.pp
new file mode 100644
index 0000000..50a1a8a
--- /dev/null
+++ b/manifests/profile/base/validations.pp
@@ -0,0 +1,29 @@
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::validations
+#
+# Validations profile for tripleo
+#
+class tripleo::profile::base::validations {
+  package {'openstack-tripleo-validations': }
+  user {'validations':
+    ensure     => present,
+    comment    => 'TripleO validations',
+    managehome => true,
+    home       => '/home/validations',
+    shell      => '/sbin/nologin',
+  }
+}
+