From b0d042e53c5e69d68482303f224d14cc01deb55e Mon Sep 17 00:00:00 2001 From: Wes Hayutin Date: Tue, 24 Oct 2017 12:43:40 -0400 Subject: [PATCH] update tripleo_ui_secure_access to true by default The TripleO-UI now works quite well with security enabled for the TripleO-UI. Turning it on by default. Related-Bug: #1722674 Depends-On: Ibc1652a63da4fb4c9ccf004f77aa18a3d81b490d Change-Id: I3d3412e2299ea70321785d57ec905bff569c8ab8 --- config/environments/default_libvirt.yml | 2 +- doc/source/accessing-undercloud.rst | 14 +++++--------- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/config/environments/default_libvirt.yml b/config/environments/default_libvirt.yml index c16e810c3..da66cd7e8 100644 --- a/config/environments/default_libvirt.yml +++ b/config/environments/default_libvirt.yml @@ -5,7 +5,7 @@ environment_type: libvirt enable_port_forward_for_tripleo_ui: true # Setup for SSL access to the tripleo-ui. # Please consult the tripleo-quickstart documentation prior to enabling this option -tripleo_ui_secure_access: false +tripleo_ui_secure_access: true # Note this needs to be false for freeIPA # https://bugs.launchpad.net/tripleo/+bug/1709333 diff --git a/doc/source/accessing-undercloud.rst b/doc/source/accessing-undercloud.rst index dcb5fe95b..3cf76168e 100644 --- a/doc/source/accessing-undercloud.rst +++ b/doc/source/accessing-undercloud.rst @@ -54,7 +54,7 @@ Access via the TripleO-UI ------------------------- With baremetal and ovb based deployments you can access the TripleO-UI via the -undercloud's public ip address http://:3000 +undercloud's public ip address https:// Deploying TripleO in a libvirt based environment presents the additional challenge of accessing the isolated ovs networks on the undercloud. By default @@ -63,13 +63,9 @@ an ssh-tunnel service has been setup on the virthost by the tripleo-quickstart From your workstation:: - http://:3000 + https:// -By default an insecure connection the undercloud services has been configured +By default a secure connection to the undercloud services has been configured in the /var/www/openstack-tripleo-ui-/dist/tripleo_ui_config.js file. To use -ssl connections change the default variable ``tripleo_ui_secure_access`` to true. - - Note:: When using ssl a user must manually allow access due to the self - signed ssl certificate by accepting access to https:///keystone/v3/auth/tokens - in a new browser window or tab. Then one may return to http://virthost:3000 - and continue. +an insucure connections change the default variable +``tripleo_ui_secure_access`` to false.