[MediaWiki-commits] [Gerrit] Selectively enable SSL on dynamicproxy via a class param - change (operations/puppet)

Sun, 15 Sep 2013 00:49:37 -0700 

Yuvipanda has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/84215


Change subject: Selectively enable SSL on dynamicproxy via a class param
......................................................................

Selectively enable SSL on dynamicproxy via a class param

Change-Id: I46effb9e93c78ee66b9d05698357f38b13ea1b02
---
M modules/dynamicproxy/manifests/init.pp
M modules/dynamicproxy/templates/proxy.conf
2 files changed, 5 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/15/84215/1

diff --git a/modules/dynamicproxy/manifests/init.pp 
b/modules/dynamicproxy/manifests/init.pp
index 7bc5e8b..b7f48c3 100644
--- a/modules/dynamicproxy/manifests/init.pp
+++ b/modules/dynamicproxy/manifests/init.pp
@@ -1,5 +1,6 @@
 class dynamicproxy (
     $redis_maxmemory="512MB",
+    $ssl=false,
     $ssl_certificate_name
 ) {
     class { '::redis':
diff --git a/modules/dynamicproxy/templates/proxy.conf 
b/modules/dynamicproxy/templates/proxy.conf
index 244d3e4..b370085 100644
--- a/modules/dynamicproxy/templates/proxy.conf
+++ b/modules/dynamicproxy/templates/proxy.conf
@@ -8,8 +8,10 @@
 server {
     resolver 10.4.0.1;
 
-    # Serve both HTTP and HTTPS
     listen 80;
+
+    <%- if @ssl -%>
+    # Serve both HTTP and HTTPS
     listen 443 default_server ssl;
 
     ssl_certificate /etc/ssl/certs/<%= @ssl_certificate_name %>.pem;
@@ -26,6 +28,7 @@
     ssl_ciphers AES128-GCM-SHA256:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA;
     # Prefer server ciphers (Prefer RC4 first to combat BEAST)
     ssl_prefer_server_ciphers on;
+    <%- end -%>
 
     location / {
         set $backend '';

-- 
To view, visit https://gerrit.wikimedia.org/r/84215
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I46effb9e93c78ee66b9d05698357f38b13ea1b02
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Yuvipanda <yuvipa...@gmail.com>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to