From e178968dd62da19233575721f762cfe43d050199 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Thu, 30 Jun 2022 11:08:07 +0900 Subject: [PATCH] Expose headers option of apache::vhost The headers option in apache::vhost is required in some case, for example when adding the X-XSS-Protection header. This change allows customizing the option for the api vhost. This change also adds support for request_headers so that both request headers and response headers can customized. Change-Id: I84ec512b7dbed382f5d86b30f92de526ba0753eb --- manifests/wsgi/apache.pp | 12 ++++++++++++ .../notes/apache-headers-e08399a25917aff3.yaml | 5 +++++ spec/classes/magnum_wsgi_apache_spec.rb | 8 +++++++- 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/apache-headers-e08399a25917aff3.yaml diff --git a/manifests/wsgi/apache.pp b/manifests/wsgi/apache.pp index 65324d3..7cef92f 100644 --- a/manifests/wsgi/apache.pp +++ b/manifests/wsgi/apache.pp @@ -87,6 +87,14 @@ # { python-path => '/my/python/virtualenv' } # Defaults to {} # +# [*headers*] +# (Optional) Headers for the vhost. +# Defaults to undef +# +# [*request_headers*] +# (Optional) Modifies collected request headers in various ways. +# Defaults to undef +# # == Example: # # include apache @@ -113,6 +121,8 @@ class magnum::wsgi::apache ( $access_log_format = false, $error_log_file = undef, $custom_wsgi_process_options = {}, + $headers = undef, + $request_headers = undef, ) { include magnum::deps @@ -144,6 +154,8 @@ class magnum::wsgi::apache ( wsgi_script_dir => $::magnum::params::wsgi_script_path, wsgi_script_file => 'app', wsgi_script_source => $::magnum::params::wsgi_script_source, + headers => $headers, + request_headers => $request_headers, access_log_file => $access_log_file, access_log_format => $access_log_format, error_log_file => $error_log_file, diff --git a/releasenotes/notes/apache-headers-e08399a25917aff3.yaml b/releasenotes/notes/apache-headers-e08399a25917aff3.yaml new file mode 100644 index 0000000..ec0eb13 --- /dev/null +++ b/releasenotes/notes/apache-headers-e08399a25917aff3.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + The ``magnum::wsgi::apache`` class now supports customizing + request/response headers added by apache. diff --git a/spec/classes/magnum_wsgi_apache_spec.rb b/spec/classes/magnum_wsgi_apache_spec.rb index 733836a..780116e 100644 --- a/spec/classes/magnum_wsgi_apache_spec.rb +++ b/spec/classes/magnum_wsgi_apache_spec.rb @@ -19,13 +19,15 @@ describe 'magnum::wsgi::apache' do :wsgi_script_dir => platform_params[:wsgi_script_path], :wsgi_script_file => 'app', :wsgi_script_source => platform_params[:wsgi_script_source], + :headers => nil, + :request_headers => nil, :custom_wsgi_process_options => {}, :access_log_file => false, :access_log_format => false, )} end - context 'when overriding parameters using different ports' do + context 'when overriding parameters' do let :params do { :servername => 'dummy.host', @@ -37,6 +39,8 @@ describe 'magnum::wsgi::apache' do :custom_wsgi_process_options => { 'python_path' => '/my/python/path', }, + :headers => ['set X-XSS-Protection "1; mode=block"'], + :request_headers => ['set Content-Type "application/json"'], :access_log_file => '/var/log/httpd/access_log', :access_log_format => 'some format', :error_log_file => '/var/log/httpd/error_log', @@ -59,6 +63,8 @@ describe 'magnum::wsgi::apache' do :wsgi_script_dir => platform_params[:wsgi_script_path], :wsgi_script_file => 'app', :wsgi_script_source => platform_params[:wsgi_script_source], + :headers => ['set X-XSS-Protection "1; mode=block"'], + :request_headers => ['set Content-Type "application/json"'], :custom_wsgi_process_options => { 'python_path' => '/my/python/path', },