Reduce vhost priority on default site

Multiple vhosts with ssl/tls requires clients support SNI. Unfortunately older python2 does not. There are workarounds but in an attempt to influence vhost ordering for non SNI clients reduce the default vhost priority on the default site vhost. Change-Id: If0b6dc5f5647f8da48711c740ada4729283f74dc
2018-05-29 15:07:55 -07:00 · 2018-05-29 15:07:55 -07:00 · a44b818c21
parent 55c432baf6
commit a44b818c21
2 changed files with 5 additions and 1 deletions
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -200,6 +200,9 @@ class cgit(
      ssl_key_file_contents   => $ssl_key_file_contents,
      staticfiles             => $staticfiles,
      cgit_vhost_name         => $vhost_name,
+      # Make default site have lower vhost priority for better compatibility
+      # with non SNI capable clients.
+      cgit_vhost_priority     => '25',
    }
  }
 }
--- a/manifests/site.pp
+++ b/manifests/site.pp
@ -31,6 +31,7 @@ define cgit::site(
  $staticfiles             = '/var/www/cgit/static',
  $local_git_dir           = '/var/lib/git',
  $cgit_vhost_name         = $::fqdn,
+  $cgit_vhost_priority     = '50',
 ) {
  $default_cgitrc_settings = {
    'cache-size'          => 1000,
@ -93,7 +94,7 @@ define cgit::site(
    port          => $https_port,
    serveraliases => $serveraliases,
    docroot       => 'MEANINGLESS ARGUMENT',
-    priority      => '50',
+    priority      => $cgit_vhost_priority,
    template      => 'cgit/git.vhost.erb',
    ssl           => true,
    require       => [