Add whether to use HTTPS on the proxy

config.yaml

@@ -17,6 +17,10 @@ options:
     type: int
     description: Minimum hours between balances
   # CA Cert info
+  use-https:
+    default: 1
+    type: int
+    description: Whether to listen on HTTPS
   country:
     default: US
     type: string

hooks/swift-proxy-common

@@ -1,6 +1,7 @@
 #!/bin/bash
 set -u
 # For openssl cert generation
+USE_HTTPS=$(config-get use-https)
 COUNTRY=$(config-get country)
 STATE=$(config-get state)
 LOCALE=$(config-get locale)
@@ -59,8 +60,13 @@ function create_proxy_conf {
 SWIFT_DEB_VERSION="$(dpkg-query -W -f='${Version}' 'swift-proxy')"
 cat >/etc/swift/proxy-server.conf <<EOF
 [DEFAULT]
+EOF
+if [ "$USE_HTTPS" = "1" ]; then
+  cat >>/etc/swift/proxy-server.conf <<EOF
 cert_file = /etc/swift/cert.crt
 key_file = /etc/swift/cert.key
+EOF
+fi
 bind_port = $BINDPORT
 workers = $WORKERS
 user = swift

hooks/swift-proxy-relations

@@ -30,11 +30,13 @@ function install_hook {
   create_proxy_conf
   mkdir $WWW_DIR
   chown www-data:www-data $WWW_DIR
-  if [[ ! -e /etc/swift/cert.crt ]] ; then
-    openssl req -new -x509 -nodes \
-      -out /etc/swift/cert.crt \
-      -keyout /etc/swift/cert.key \
-      -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALE/CN=$COMMON_NAME"
+  if [ "$USE_HTTPS" = "1" ]; then
+    if [[ ! -e /etc/swift/cert.crt ]] ; then
+      openssl req -new -x509 -nodes \
+        -out /etc/swift/cert.crt \
+        -keyout /etc/swift/cert.key \
+        -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALE/CN=$COMMON_NAME"
+    fi
   fi
   perl -pi -e "s/-l 127.0.0.1/-l $PROXY_LOCAL_NET_IP/" /etc/memcached.conf
   service memcached restart

revision

@@ -1 +1 @@
-76
+78