Add whether to use HTTPS on the proxy
This commit is contained in:
parent
666469e922
commit
a96e587455
|
@ -17,6 +17,10 @@ options:
|
|||
type: int
|
||||
description: Minimum hours between balances
|
||||
# CA Cert info
|
||||
use-https:
|
||||
default: 1
|
||||
type: int
|
||||
description: Whether to listen on HTTPS
|
||||
country:
|
||||
default: US
|
||||
type: string
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/bash
|
||||
set -u
|
||||
# For openssl cert generation
|
||||
USE_HTTPS=$(config-get use-https)
|
||||
COUNTRY=$(config-get country)
|
||||
STATE=$(config-get state)
|
||||
LOCALE=$(config-get locale)
|
||||
|
@ -59,8 +60,13 @@ function create_proxy_conf {
|
|||
SWIFT_DEB_VERSION="$(dpkg-query -W -f='${Version}' 'swift-proxy')"
|
||||
cat >/etc/swift/proxy-server.conf <<EOF
|
||||
[DEFAULT]
|
||||
EOF
|
||||
if [ "$USE_HTTPS" = "1" ]; then
|
||||
cat >>/etc/swift/proxy-server.conf <<EOF
|
||||
cert_file = /etc/swift/cert.crt
|
||||
key_file = /etc/swift/cert.key
|
||||
EOF
|
||||
fi
|
||||
bind_port = $BINDPORT
|
||||
workers = $WORKERS
|
||||
user = swift
|
||||
|
|
|
@ -30,11 +30,13 @@ function install_hook {
|
|||
create_proxy_conf
|
||||
mkdir $WWW_DIR
|
||||
chown www-data:www-data $WWW_DIR
|
||||
if [[ ! -e /etc/swift/cert.crt ]] ; then
|
||||
openssl req -new -x509 -nodes \
|
||||
-out /etc/swift/cert.crt \
|
||||
-keyout /etc/swift/cert.key \
|
||||
-subj "/C=$COUNTRY/ST=$STATE/L=$LOCALE/CN=$COMMON_NAME"
|
||||
if [ "$USE_HTTPS" = "1" ]; then
|
||||
if [[ ! -e /etc/swift/cert.crt ]] ; then
|
||||
openssl req -new -x509 -nodes \
|
||||
-out /etc/swift/cert.crt \
|
||||
-keyout /etc/swift/cert.key \
|
||||
-subj "/C=$COUNTRY/ST=$STATE/L=$LOCALE/CN=$COMMON_NAME"
|
||||
fi
|
||||
fi
|
||||
perl -pi -e "s/-l 127.0.0.1/-l $PROXY_LOCAL_NET_IP/" /etc/memcached.conf
|
||||
service memcached restart
|
||||
|
|
Loading…
Reference in New Issue