aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-08-18 15:25:44 +0000
committerGerrit Code Review <review@openstack.org>2017-08-18 15:25:44 +0000
commit8865ab2985d0baf039c5f03ac0fab07ff8f2bab4 (patch)
tree34c93cb301339017f3527e9f4d955ceb4e372c3e
parent9adfd2fc2ae228a36367441fcfdf2c6fb0334d7d (diff)
parent1df5f72688d39490822137f5ac92f58ef70f6bc9 (diff)
Merge "Enable listening on TLS for the internal network for horizon"
-rw-r--r--puppet/services/horizon.yaml16
1 files changed, 16 insertions, 0 deletions
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index 63ab92eb..642a0f09 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -67,6 +67,14 @@ parameters:
MonitoringSubscriptionHorizon:
default: 'overcloud-horizon'
type: string
+ EnableInternalTLS:
+ type: boolean
+ default: false
+ InternalTLSCAFile:
+ default: '/etc/ipa/ca.crt'
+ type: string
+ description: Specifies the default CA cert to use if TLS is used for
+ services in the internal network.
conditions:
@@ -109,6 +117,14 @@ outputs:
- {get_param: [DefaultPasswords, horizon_secret]}
horizon::secure_cookies: {get_param: [HorizonSecureCookies]}
memcached_ipv6: {get_param: MemcachedIPv6}
+ horizon::servername:
+ str_replace:
+ template:
+ "%{hiera('fqdn_$NETWORK')}"
+ params:
+ $NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]}
+ horizon::listen_ssl: {get_param: EnableInternalTLS}
+ horizon::horizon_ca: {get_param: InternalTLSCAFile}
-
if:
- debug_unset