Apache - Use net_cidr_map for proxy_ips
Change I68e064d23ec5d43f59146d974cae604d2c5fdb52 makes NetCidrMapValue a list of ip networks. Pass the list of cidr's from the ApacheNetwork entry in the cidr map to 'apache::mod::remoteip::proxy_ips:'. Partial: blueprint tripleo-routed-networks-templates Change-Id: Ieb6aff9889136f0ccbec32e36b46140aa7826019
This commit is contained in:
parent
8665a0d97b
commit
da1de3aafc
@ -90,17 +90,13 @@ outputs:
|
||||
apache::trace_enable: 'Off'
|
||||
apache::server_signature: 'Off'
|
||||
apache::server_tokens: 'Prod'
|
||||
apache_remote_proxy_ips_network:
|
||||
# TODO(hjensas): Replace with get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, ApacheNetwork]}
|
||||
str_replace:
|
||||
template:
|
||||
"%{hiera('$NETWORK_subnet')}"
|
||||
params:
|
||||
$NETWORK: {get_param: [ServiceNetMap, ApacheNetwork]}
|
||||
apache::mod::prefork::maxclients: { get_param: ApacheMaxRequestWorkers }
|
||||
apache::mod::prefork::serverlimit: { get_param: ApacheServerLimit }
|
||||
apache::mod::remoteip::proxy_ips:
|
||||
- "%{hiera('apache_remote_proxy_ips_network')}"
|
||||
get_param:
|
||||
- ServiceData
|
||||
- net_cidr_map
|
||||
- {get_param: [ServiceNetMap, ApacheNetwork]}
|
||||
- if:
|
||||
- internal_tls_enabled
|
||||
-
|
||||
|
@ -909,6 +909,9 @@ def validate_service_hiera_interpol(f, tpl):
|
||||
# Omit if external deploy tasks in the path
|
||||
if 'external_deploy_tasks' in path:
|
||||
continue
|
||||
# Omit apache remoteip proxy_ips
|
||||
if 'apache::mod::remoteip::proxy_ips' in path:
|
||||
continue
|
||||
|
||||
# Omit if not a part of {get_param: [ServiceNetMap ...
|
||||
if not enter_lists and path[-1] != 'get_param':
|
||||
|
Loading…
x
Reference in New Issue
Block a user