diff --git a/manifests/proxy.pp b/manifests/proxy.pp index 0df6280d..6cea70c0 100644 --- a/manifests/proxy.pp +++ b/manifests/proxy.pp @@ -10,6 +10,14 @@ # (optional) The port to which the proxy server will bind. # Defaults to 8080. # +# [*cert_file*] +# (optional) Certificate file to use for HTTPS +# Defaults to $facts['os_service_default']. +# +# [*key_file*] +# (optional) Key file to use for HTTPS +# Defaults to $facts['os_service_default']. +# # [*pipeline*] # (optional) The list of elements of the swift proxy pipeline. # Currently supports healthcheck, cache, proxy-server, and @@ -188,6 +196,8 @@ class swift::proxy( $proxy_local_net_ip, $port = '8080', + $cert_file = $facts['os_service_default'], + $key_file = $facts['os_service_default'], Swift::Pipeline $pipeline = [ 'catch_errors', 'gatekeeper', 'healthcheck', 'proxy-logging', 'cache', 'listing_formats', 'tempauth', 'copy', 'proxy-logging', 'proxy-server'], @@ -271,6 +281,8 @@ class swift::proxy( swift_proxy_config { 'DEFAULT/bind_port': value => $port; 'DEFAULT/bind_ip': value => $proxy_local_net_ip; + 'DEFAULT/cert_file': value => $cert_file; + 'DEFAULT/key_file': value => $key_file; 'DEFAULT/workers': value => $workers; 'DEFAULT/user': value => $::swift::params::user; 'DEFAULT/log_name': value => $log_name; diff --git a/releasenotes/notes/proxy-ssl-f9ca617598b2a1a3.yaml b/releasenotes/notes/proxy-ssl-f9ca617598b2a1a3.yaml new file mode 100644 index 00000000..8d3d082c --- /dev/null +++ b/releasenotes/notes/proxy-ssl-f9ca617598b2a1a3.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + The ``cert_file`` parameter and the ``key_file`` parameter have been added + to the ``swift::proxy`` class. diff --git a/spec/classes/swift_proxy_spec.rb b/spec/classes/swift_proxy_spec.rb index 5e72cea1..0b2ac077 100644 --- a/spec/classes/swift_proxy_spec.rb +++ b/spec/classes/swift_proxy_spec.rb @@ -57,6 +57,8 @@ describe 'swift::proxy' do it { should contain_service('swift-proxy-server').that_notifies('Anchor[swift::service::end]') } it { should contain_swift_proxy_config('DEFAULT/bind_port').with_value('8080') } it { should contain_swift_proxy_config('DEFAULT/bind_ip').with_value('127.0.0.1') } + it { should contain_swift_proxy_config('DEFAULT/cert_file').with_value('') } + it { should contain_swift_proxy_config('DEFAULT/key_file').with_value('') } it { should contain_swift_proxy_config('DEFAULT/workers').with_value('2') } it { should contain_swift_proxy_config('DEFAULT/user').with_value('swift') } it { should contain_swift_proxy_config('DEFAULT/log_name').with_value('proxy-server') } @@ -136,6 +138,8 @@ describe 'swift::proxy' do { :proxy_local_net_ip => '10.0.0.2', :port => '80', + :cert_file => '/path/to/cert', + :key_file => '/path/to/key', :workers => 3, :pipeline => ['swauth', 'proxy-server'], :allow_account_management => false, @@ -166,6 +170,8 @@ describe 'swift::proxy' do it { should contain_swift_proxy_config('DEFAULT/bind_port').with_value('80') } it { should contain_swift_proxy_config('DEFAULT/bind_ip').with_value('10.0.0.2') } + it { should contain_swift_proxy_config('DEFAULT/cert_file').with_value('/path/to/cert') } + it { should contain_swift_proxy_config('DEFAULT/key_file').with_value('/path/to/key') } it { should contain_swift_proxy_config('DEFAULT/workers').with_value('3') } it { should contain_swift_proxy_config('DEFAULT/user').with_value('swift') } it { should contain_swift_proxy_config('DEFAULT/log_name').with_value('swift-proxy-server') }