openstack/openstack-ansible-os_keystone
Code Issues Proposed changes
openstack-ansible-os_keystone/templates/keystone_nginx.conf.j2
Major Hayden 08f879649b
Add extra headers for Keystone 
This patch allows deployers to add arbitrary headers to Keystone
responses. This can be handy for CORS or for passing certain
headers through nginx to the requester.

Closes-Bug: 1695827
Change-Id: I8f838ecce118cb36081b98f483ddef465ddbae3f
2017-08-17 14:44:44 -05:00

38 lines
1.1 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
server {
listen {{ keystone_nginx_ports[item] }};
{% if keystone_ssl | bool and keystone_service_adminuri_proto == "https" %}
ssl on;
ssl_protocols {{ keystone_ssl_protocol }};
ssl_certificate {{ keystone_ssl_cert }};
ssl_certificate_key {{ keystone_ssl_key }};
ssl_trusted_certificate {{ keystone_ssl_ca_cert }};
ssl_ciphers {{ keystone_ssl_cipher_suite }};
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:2m;
ssl_session_timeout 2m;
{%- endif %}
{% for line in keystone_nginx_extra_conf %}
{{ line }}
{%- endfor %}
access_log /var/log/nginx/{{ item }}-access.log custom;
error_log /var/log/nginx/{{ item }}-error.log info;
location / {
try_files $uri @yourapplication;
}
location @yourapplication {
include uwsgi_params;
uwsgi_pass 127.0.0.1:{{ keystone_uwsgi_ports[item]['socket'] }};
uwsgi_param SCRIPT_NAME '';
{% for header in keystone_extra_headers %}
add_header "{{ header['parameter'] }}" "{{ header['value'] }}";
{% endfor %}
}
}
View Git Blame Copy Permalink