diff options
Diffstat (limited to 'puppet/services/horizon.yaml')
| -rw-r--r-- | puppet/services/horizon.yaml | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 9fa72a3b..8fb13c16 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -40,6 +40,10 @@ parameters: type: string hidden: true default: '' + HorizonSecureCookies: + description: Set CSRF_COOKIE_SECURE / SESSION_COOKIE_SECURE in Horizon + type: boolean + default: true MemcachedIPv6: default: false description: Enable IPv6 features in Memcached. @@ -78,7 +82,7 @@ outputs: access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"' options: ['FollowSymLinks','MultiViews'] horizon::bind_address: {get_param: [ServiceNetMap, HorizonNetwork]} - horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri]} + horizon::keystone_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} horizon::password_validator: {get_param: [HorizonPasswordValidator]} horizon::password_validator_help: {get_param: [HorizonPasswordValidatorHelp]} horizon::secret_key: @@ -88,6 +92,7 @@ outputs: passwords: - {get_param: HorizonSecret} - {get_param: [DefaultPasswords, horizon_secret]} + horizon::secure_cookies: {get_param: [HorizonSecureCookies]} memcached_ipv6: {get_param: MemcachedIPv6} - if: @@ -100,7 +105,7 @@ outputs: upgrade_tasks: - name: Check if httpd is deployed command: systemctl is-enabled httpd - tags: step0,validation + tags: common ignore_errors: True register: httpd_enabled - name: "PreUpgrade step0,validation: Check if httpd is running" @@ -111,4 +116,5 @@ outputs: tags: step0,validation - name: Stop Horizon (under httpd) tags: step1 + when: httpd_enabled.rc == 0 service: name=httpd state=stopped |