From 72e1adce970d85d2d4950622dc0cb724e2b3f500 Mon Sep 17 00:00:00 2001
From: Jeremy Stanley <fungi@yuggoth.org>
Date: Wed, 18 Mar 2015 20:13:08 +0000
Subject: [PATCH] Allow HTTPS through iptables on zuul.openstack.org

Change I1a11c990ea83e00550a0564ac1cf9d5d883db97d enabled Apache
listening for HTTPS but did not open 443/tcp in the local iptables
firewall on the server. Do that now so that it's reachable.

Change-Id: I591ca846abe0ee5e3b67ca6efd28f6f55987478f
---
 modules/openstack_project/manifests/zuul_prod.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/openstack_project/manifests/zuul_prod.pp b/modules/openstack_project/manifests/zuul_prod.pp
index e9280b415a..f2be8c0828 100644
--- a/modules/openstack_project/manifests/zuul_prod.pp
+++ b/modules/openstack_project/manifests/zuul_prod.pp
@@ -28,7 +28,7 @@ class openstack_project::zuul_prod(
   $iptables_rules = regsubst ($gearman_workers, '^(.*)$', '-m state --state NEW -m tcp -p tcp --dport 4730 -s \1 -j ACCEPT')
 
   class { 'openstack_project::server':
-    iptables_public_tcp_ports => [80],
+    iptables_public_tcp_ports => [80, 443],
     iptables_rules6           => $iptables_rules,
     iptables_rules4           => $iptables_rules,
     sysadmins                 => $sysadmins,