Enable X-Forwarded-Proto for manila

This is necessary so the middleware in manila can set the protocol
correctly in case we're terminating SSL in HAProxy.

Depends-On: Ice78b0abceb6a956bb8c1dc6212ee1b56b62b43f
Change-Id: Iedaabaf1379466c22e3b9bb2307e940459d26de7

diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index e1f5d50..6044eba 100644 (file)
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -593,6 +593,11 @@ class tripleo::haproxy (
       service_port      => $ports[manila_api_port],
       ip_addresses      => hiera('manila_api_node_ips', $controller_hosts_real),
       server_names      => $controller_hosts_names_real,
+      listen_options    => {
+          'http-request' => [
+            'set-header X-Forwarded-Proto https if { ssl_fc }',
+            'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
+      },
       public_ssl_port   => $ports[manila_api_ssl_port],
     }
   }