From ba9bef7611c60e86ce4c321ba4a192b4e39cf834 Mon Sep 17 00:00:00 2001
From: Kapil Thangavelu <kapil@canonical.com>
Date: Wed, 5 Mar 2014 08:53:56 -0500
Subject: [PATCH] ssl endpoint support

---
 hooks/ceilometer_contexts.py            | 10 ++++++-
 hooks/ceilometer_utils.py               | 35 +++++++++++++++++++++----
 revision                                |  2 +-
 templates/openstack_https_frontend      | 23 ++++++++++++++++
 templates/openstack_https_frontend.conf |  1 +
 5 files changed, 64 insertions(+), 7 deletions(-)
 create mode 100644 templates/openstack_https_frontend
 create mode 120000 templates/openstack_https_frontend.conf

diff --git a/hooks/ceilometer_contexts.py b/hooks/ceilometer_contexts.py
index 78d0709..2337bf8 100644
--- a/hooks/ceilometer_contexts.py
+++ b/hooks/ceilometer_contexts.py
@@ -9,7 +9,8 @@ from charmhelpers.core.hookenv import (
 
 from charmhelpers.contrib.openstack.context import (
     OSContextGenerator,
-    context_complete
+    context_complete,
+    ApacheSSLContext as SSLContext,
 )
 
 CEILOMETER_DB = 'ceilometer'
@@ -72,3 +73,10 @@ class CeilometerServiceContext(OSContextGenerator):
                 if context_complete(conf):
                     return conf
         return {}
+
+
+class ApacheSSLContext(SSLContext):
+
+    service_namespace = "ceilometer"
+
+    external_ports = [CEILOMETER_PORT]
diff --git a/hooks/ceilometer_utils.py b/hooks/ceilometer_utils.py
index 9b84c60..e88b286 100644
--- a/hooks/ceilometer_utils.py
+++ b/hooks/ceilometer_utils.py
@@ -1,11 +1,16 @@
+import os
+
+from collections import OrderedDict
+
 from charmhelpers.contrib.openstack import (
     templating,
     context,
 )
 from ceilometer_contexts import (
+    ApacheSSLContext,
     LoggingConfigContext,
     MongoDBContext,
-    CeilometerContext
+    CeilometerContext,
 )
 from charmhelpers.contrib.openstack.utils import (
     get_os_codename_package,
@@ -17,6 +22,9 @@ from charmhelpers.fetch import apt_update, apt_install
 
 CEILOMETER_CONF_DIR = "/etc/ceilometer"
 CEILOMETER_CONF = "%s/ceilometer.conf" % CEILOMETER_CONF_DIR
+HTTPS_APACHE_CONF = "/etc/apache2/sites-available/openstack_https_frontend"
+HTTPS_APACHE_24_CONF = "/etc/apache2/sites-available/" \
+    "openstack_https_frontend.conf"
 
 CEILOMETER_SERVICES = [
     'ceilometer-agent-central',
@@ -28,11 +36,13 @@ CEILOMETER_DB = "ceilometer"
 CEILOMETER_SERVICE = "ceilometer"
 
 CEILOMETER_PACKAGES = [
+    'apache2',
     'ceilometer-agent-central',
     'ceilometer-collector',
     'ceilometer-api'
 ]
 
+
 CEILOMETER_ROLE = "ResellerAdmin"
 
 #NOVA_CONF = "/etc/nova/nova.conf"
@@ -42,8 +52,9 @@ CEILOMETER_ROLE = "ResellerAdmin"
 #    ('DEFAULT', 'notification_driver', 'ceilometer.compute.nova_notifier')
 #]
 
-CONFIG_FILES = {
-    CEILOMETER_CONF: {
+
+CONFIG_FILES = OrderedDict([
+    (CEILOMETER_CONF, {
         'hook_contexts': [context.IdentityServiceContext(),
                           context.AMQPContext(ssl_dir=CEILOMETER_CONF_DIR),
                           LoggingConfigContext(),
@@ -51,8 +62,16 @@ CONFIG_FILES = {
                           CeilometerContext(),
                           context.SyslogContext()],
         'services': CEILOMETER_SERVICES
-    }
-}
+    }),
+    (HTTPS_APACHE_CONF, {
+        'hook_contexts': [ApacheSSLContext()],
+        'services': ['apache2'],
+    }),
+    (HTTPS_APACHE_24_CONF, {
+        'hook_contexts': [ApacheSSLContext()],
+        'services': ['apache2'],
+    })
+])
 
 TEMPLATES = 'templates'
 
@@ -74,6 +93,12 @@ def register_configs():
     for conf in CONFIG_FILES:
         configs.register(conf, CONFIG_FILES[conf]['hook_contexts'])
 
+    if os.path.exists('/etc/apache2/conf-available'):
+        configs.register(HTTPS_APACHE_24_CONF,
+                         CONFIG_FILES[HTTPS_APACHE_24_CONF]['hook_contexts'])
+    else:
+        configs.register(HTTPS_APACHE_CONF,
+                         CONFIG_FILES[HTTPS_APACHE_CONF]['hook_contexts'])
     return configs
 
 
diff --git a/revision b/revision
index c739b42..9e5feb5 100644
--- a/revision
+++ b/revision
@@ -1 +1 @@
-44
+46
diff --git a/templates/openstack_https_frontend b/templates/openstack_https_frontend
new file mode 100644
index 0000000..e833a71
--- /dev/null
+++ b/templates/openstack_https_frontend
@@ -0,0 +1,23 @@
+{% if endpoints %}
+{% for ext, int in endpoints %}
+Listen {{ ext }}
+NameVirtualHost *:{{ ext }}
+<VirtualHost *:{{ ext }}>
+    ServerName {{ private_address }}
+    SSLEngine on
+    SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert
+    SSLCertificateKeyFile /etc/apache2/ssl/{{ namespace }}/key
+    ProxyPass / http://localhost:{{ int }}/
+    ProxyPassReverse / http://localhost:{{ int }}/
+    ProxyPreserveHost on
+</VirtualHost>
+<Proxy *>
+    Order deny,allow
+    Allow from all
+</Proxy>
+<Location />
+    Order allow,deny
+    Allow from all
+</Location>
+{% endfor %}
+{% endif %}
diff --git a/templates/openstack_https_frontend.conf b/templates/openstack_https_frontend.conf
new file mode 120000
index 0000000..9a2f6f2
--- /dev/null
+++ b/templates/openstack_https_frontend.conf
@@ -0,0 +1 @@
+openstack_https_frontend
\ No newline at end of file