summaryrefslogtreecommitdiffstats
path: root/puppet/services/horizon.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services/horizon.yaml')
-rw-r--r--puppet/services/horizon.yaml10
1 files changed, 8 insertions, 2 deletions
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml
index 9fa72a3b..8fb13c16 100644
--- a/puppet/services/horizon.yaml
+++ b/puppet/services/horizon.yaml
@@ -40,6 +40,10 @@ parameters:
type: string
hidden: true
default: ''
+ HorizonSecureCookies:
+ description: Set CSRF_COOKIE_SECURE / SESSION_COOKIE_SECURE in Horizon
+ type: boolean
+ default: true
MemcachedIPv6:
default: false
description: Enable IPv6 features in Memcached.
@@ -78,7 +82,7 @@ outputs:
access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"'
options: ['FollowSymLinks','MultiViews']
horizon::bind_address: {get_param: [ServiceNetMap, HorizonNetwork]}
- horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
horizon::password_validator: {get_param: [HorizonPasswordValidator]}
horizon::password_validator_help: {get_param: [HorizonPasswordValidatorHelp]}
horizon::secret_key:
@@ -88,6 +92,7 @@ outputs:
passwords:
- {get_param: HorizonSecret}
- {get_param: [DefaultPasswords, horizon_secret]}
+ horizon::secure_cookies: {get_param: [HorizonSecureCookies]}
memcached_ipv6: {get_param: MemcachedIPv6}
-
if:
@@ -100,7 +105,7 @@ outputs:
upgrade_tasks:
- name: Check if httpd is deployed
command: systemctl is-enabled httpd
- tags: step0,validation
+ tags: common
ignore_errors: True
register: httpd_enabled
- name: "PreUpgrade step0,validation: Check if httpd is running"
@@ -111,4 +116,5 @@ outputs:
tags: step0,validation
- name: Stop Horizon (under httpd)
tags: step1
+ when: httpd_enabled.rc == 0
service: name=httpd state=stopped