Skip to content

Commit fba4726

Browse files
Fryguyroot
Fryguy
authored and
root
committed
Merge branch 'add_request_header_directives' into '5.12.z'
Add the RequestHeader directive to httpd conf See merge request cloudforms/cfme-pods!1
2 parents 569f66b + 8178d39 commit fba4726

File tree

2 files changed

+16
-13
lines changed

2 files changed

+16
-13
lines changed

manageiq-operator/pkg/helpers/miq-components/httpd.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,7 @@ func NewHttpdConfigMap(cr *miqv1alpha1.ManageIQ) (*corev1.ConfigMap, error) {
7272
}
7373

7474
data := map[string]string{
75-
"application.conf": httpdApplicationConf(),
75+
"application.conf": httpdApplicationConf(cr.Spec.ApplicationDomain),
7676
"authentication.conf": httpdAuthenticationConf(&cr.Spec),
7777
}
7878

manageiq-operator/pkg/helpers/miq-components/httpd_conf.go

Lines changed: 15 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,8 @@ func httpdAuthConfigurationConf() string {
1515
}
1616

1717
// application.conf
18-
func httpdApplicationConf() string {
19-
return `
18+
func httpdApplicationConf(applicationDomain string) string {
19+
s := `
2020
Listen 8080
2121
# Timeout: The number of seconds before receives and sends time out.
2222
Timeout 120
@@ -27,28 +27,30 @@ Options SymLinksIfOwnerMatch
2727
<VirtualHost *:8080>
2828
KeepAlive on
2929
# Without ServerName mod_auth_mellon compares against http:// and not https:// from the IdP
30-
ServerName https://%{REQUEST_HOST}
30+
ServerName https://%%{REQUEST_HOST}
3131
3232
ProxyPreserveHost on
33+
RequestHeader set Host %s
34+
RequestHeader set X-Forwarded-Host %s
3335
34-
RewriteCond %{REQUEST_URI} ^/ws/notifications [NC]
35-
RewriteCond %{HTTP:UPGRADE} ^websocket$ [NC]
36-
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
37-
RewriteRule .* ws://ui:3000%{REQUEST_URI} [P,QSA,L]
36+
RewriteCond %%{REQUEST_URI} ^/ws/notifications [NC]
37+
RewriteCond %%{HTTP:UPGRADE} ^websocket$ [NC]
38+
RewriteCond %%{HTTP:CONNECTION} ^Upgrade$ [NC]
39+
RewriteRule .* ws://ui:3000%%{REQUEST_URI} [P,QSA,L]
3840
ProxyPassReverse /ws/notifications ws://ui:3000/ws/notifications
3941
40-
RewriteCond %{REQUEST_URI} !^/api
42+
RewriteCond %%{REQUEST_URI} !^/api
4143
4244
# For httpd, some ErrorDocuments must by served by the httpd pod
43-
RewriteCond %{REQUEST_URI} !^/proxy_pages
45+
RewriteCond %%{REQUEST_URI} !^/proxy_pages
4446
4547
# For SAML /saml2 is only served by mod_auth_mellon in the httpd pod
46-
RewriteCond %{REQUEST_URI} !^/saml2
48+
RewriteCond %%{REQUEST_URI} !^/saml2
4749
4850
# For OpenID-Connect /openid-connect is only served by mod_auth_openidc
49-
RewriteCond %{REQUEST_URI} !^/openid-connect
51+
RewriteCond %%{REQUEST_URI} !^/openid-connect
5052
51-
RewriteRule ^/ http://ui:3000%{REQUEST_URI} [P,QSA,L]
53+
RewriteRule ^/ http://ui:3000%%{REQUEST_URI} [P,QSA,L]
5254
ProxyPassReverse / http://ui:3000/
5355
5456
ProxyPass /api http://web-service:3000/api
@@ -59,6 +61,7 @@ Options SymLinksIfOwnerMatch
5961
CustomLog "| /usr/bin/tee /proc/1/fd/1 /var/log/httpd/access_log" common
6062
</VirtualHost>
6163
`
64+
return fmt.Sprintf(s, applicationDomain, applicationDomain)
6265
}
6366

6467
// authentication.conf

0 commit comments

Comments
 (0)