aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/apache.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services/apache.yaml')
-rw-r--r--puppet/services/apache.yaml46
1 files changed, 30 insertions, 16 deletions
diff --git a/puppet/services/apache.yaml b/puppet/services/apache.yaml
index c9792019..382e0ff9 100644
--- a/puppet/services/apache.yaml
+++ b/puppet/services/apache.yaml
@@ -27,6 +27,17 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ EnableInternalTLS:
+ type: boolean
+ default: false
+
+
+resources:
+
+ ApacheTLS:
+ type: OS::TripleO::Services::ApacheTLS
+ properties:
+ ServiceNetMap: {get_param: ServiceNetMap}
outputs:
role_data:
@@ -34,19 +45,22 @@ outputs:
value:
service_name: apache
config_settings:
- # for the given network; replacement examples (eg. for internal_api):
- # internal_api -> IP
- # internal_api_uri -> [IP]
- # internal_api_subnet - > IP/CIDR
- apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
- apache::server_signature: 'Off'
- apache::server_tokens: 'Prod'
- apache_remote_proxy_ips_network:
- str_replace:
- template: "NETWORK_subnet"
- params:
- NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]}
- apache::mod::prefork::maxclients: { get_param: ApacheMaxRequestWorkers }
- apache::mod::prefork::serverlimit: { get_param: ApacheServerLimit }
- apache::mod::remoteip::proxy_ips:
- - "%{hiera('apache_remote_proxy_ips_network')}"
+ map_merge:
+ - get_attr: [ApacheTLS, role_data, config_settings]
+ -
+ # for the given network; replacement examples (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
+ apache::server_signature: 'Off'
+ apache::server_tokens: 'Prod'
+ apache_remote_proxy_ips_network:
+ str_replace:
+ template: "NETWORK_subnet"
+ params:
+ NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]}
+ apache::mod::prefork::maxclients: { get_param: ApacheMaxRequestWorkers }
+ apache::mod::prefork::serverlimit: { get_param: ApacheServerLimit }
+ apache::mod::remoteip::proxy_ips:
+ - "%{hiera('apache_remote_proxy_ips_network')}"