diff --git a/environments/ssl/enable-tls.yaml b/environments/ssl/enable-tls.yaml index df1294cc49..7b8535e244 100644 --- a/environments/ssl/enable-tls.yaml +++ b/environments/ssl/enable-tls.yaml @@ -10,6 +10,10 @@ # For these values to take effect, one of the tls-endpoints-*.yaml # environments must also be used. parameter_defaults: + # Set CSRF_COOKIE_SECURE / SESSION_COOKIE_SECURE in Horizon + # Type: boolean + HorizonSecureCookies: True + # The content of the SSL certificate (without Key) in PEM format. # Type: string SSLCertificate: | diff --git a/sample-env-generator/ssl.yaml b/sample-env-generator/ssl.yaml index 35d923d9db..1adb50b723 100644 --- a/sample-env-generator/ssl.yaml +++ b/sample-env-generator/ssl.yaml @@ -9,6 +9,9 @@ environments: files: puppet/services/haproxy-public-tls-inject.yaml: parameters: all + puppet/services/horizon.yaml: + parameters: + - HorizonSecureCookies static: # This should probably be private, but for testing static params I'm # setting it as such for now. @@ -20,6 +23,7 @@ environments: SSLKey: |- | The contents of the private key go here + HorizonSecureCookies: True - name: ssl/enable-internal-tls title: Enable SSL on OpenStack Internal Endpoints