From 235ef232df3f67d0d091800510df81f05f5c0198 Mon Sep 17 00:00:00 2001
From: tpsilva <tiago.pasqualini@canonical.com>
Date: Sat, 2 Nov 2019 07:30:20 -0300
Subject: [PATCH] Disable Apache default ports

Openstack services don't use the default ports (80 and 443), so
change Apache to not open them.

Change-Id: Iebde91ae780ab50e61ec5ad49961214ac2a137c4
Closes-bug: #1845665
---
 lib/swift_utils.py   | 5 +++++
 templates/ports.conf | 1 +
 2 files changed, 6 insertions(+)
 create mode 100644 templates/ports.conf

diff --git a/lib/swift_utils.py b/lib/swift_utils.py
index 61893de..4b3ed40 100644
--- a/lib/swift_utils.py
+++ b/lib/swift_utils.py
@@ -93,6 +93,7 @@ MEMCACHED_CONF = '/etc/memcached.conf'
 SWIFT_RINGS_CONF = '/etc/apache2/conf.d/swift-rings'
 SWIFT_RINGS_24_CONF = '/etc/apache2/conf-available/swift-rings.conf'
 HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
+APACHE_PORTS_CONF = '/etc/apache2/ports.conf'
 APACHE_SITES_AVAILABLE = '/etc/apache2/sites-available'
 APACHE_SITE_CONF = os.path.join(APACHE_SITES_AVAILABLE,
                                 'openstack_https_frontend')
@@ -199,6 +200,10 @@ CONFIG_FILES = OrderedDict([
         'hook_contexts': [MemcachedContext()],
         'services': ['memcached'],
     }),
+    (APACHE_PORTS_CONF, {
+        'contexts': [],
+        'services': ['apache2'],
+    }),
 ])
 
 
diff --git a/templates/ports.conf b/templates/ports.conf
new file mode 100644
index 0000000..b46c728
--- /dev/null
+++ b/templates/ports.conf
@@ -0,0 +1 @@
+#File written by Juju: leave default ports closed (see LP 1845665).