Enable X-Forwarded-Proto header for keystone admin endpoint

This is useful for handling URLs properly when TLS is enabled.

Change-Id: I4defed679cf3b2980dcc4ce1db030c0fdf154bfe

diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp
index dbfc570..cde069d 100644 (file)
--- a/manifests/loadbalancer.pp
+++ b/manifests/loadbalancer.pp
@@ -768,6 +768,10 @@ class tripleo::loadbalancer (
     haproxy::listen { 'keystone_admin':
       bind             => $keystone_admin_bind_opts,
       collect_exported => false,
+      mode             => 'http', # Needed for http-request option
+      options          => {
+          'http-request' => ['set-header X-Forwarded-Proto https if { ssl_fc }'],
+      },
     }
     haproxy::balancermember { 'keystone_admin':
       listening_service => 'keystone_admin',