From 69caa6eb50f928bf6f20ea4da0e609c757a4a3dd Mon Sep 17 00:00:00 2001
From: Edward Hope-Morley <edward.hope-morley@canonical.com>
Date: Mon, 4 Feb 2019 14:19:20 +0000
Subject: [PATCH] Fix Queens+ S3 auth

Commit e92e8a7 changed the order of auth middleware in the proxy
pipeline which causes S3 api requests to get a 403 error. This
fixes it.

Change-Id: I11bb1e7e3ceeec9753ad6c86072287871a4eb703
Closes-Bug: #1814541
---
 templates/queens/proxy-server.conf | 4 ++--
 templates/rocky/proxy-server.conf  | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/templates/queens/proxy-server.conf b/templates/queens/proxy-server.conf
index a16b607..4cab807 100644
--- a/templates/queens/proxy-server.conf
+++ b/templates/queens/proxy-server.conf
@@ -24,9 +24,9 @@ key_file = {{ ssl_key }}
 {% if auth_type == 'keystone' %}
 [pipeline:main]
 {% if transport_url %}
-pipeline = ceilometer catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken keystoneauth swift3 s3token staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
+pipeline = ceilometer catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken swift3 s3token keystoneauth staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
 {% else %}
-pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken keystoneauth swift3 s3token staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
+pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken swift3 s3token keystoneauth staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
 {% endif %}
 {% else %}
 [pipeline:main]
diff --git a/templates/rocky/proxy-server.conf b/templates/rocky/proxy-server.conf
index 55ae2c9..eef82f0 100644
--- a/templates/rocky/proxy-server.conf
+++ b/templates/rocky/proxy-server.conf
@@ -24,9 +24,9 @@ key_file = {{ ssl_key }}
 {% if auth_type == 'keystone' %}
 [pipeline:main]
 {% if transport_url %}
-pipeline = ceilometer catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken keystoneauth s3api s3token staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
+pipeline = ceilometer catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken s3api s3token keystoneauth staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
 {% else %}
-pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken keystoneauth s3api s3token staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
+pipeline = catch_errors gatekeeper healthcheck proxy-logging cache container_sync bulk tempurl ratelimit formpost authtoken s3api s3token keystoneauth staticweb copy container-quotas account-quotas slo dlo versioned_writes symlink proxy-logging proxy-server
 {% endif %}
 {% else %}
 [pipeline:main]