Puppet Class: profile::swift::proxy_tls

Defined in:
modules/profile/manifests/swift/proxy_tls.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • ocsp_proxy (String) (defaults to: lookup('http_proxy', {'default_value' => ''}))
  • use_envoy (Boolean) (defaults to: lookup('profile::swift::proxy::use_envoy', {'default_value' => false}))


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# File 'modules/profile/manifests/swift/proxy_tls.pp', line 2

class profile::swift::proxy_tls (
    String $ocsp_proxy = lookup('http_proxy', {'default_value' => ''}),
    Boolean $use_envoy = lookup('profile::swift::proxy::use_envoy', {'default_value' => false}),
){

    if $use_envoy {
        include profile::tlsproxy::envoy
    } else {
        require ::profile::tlsproxy::instance

        tlsproxy::localssl { 'unified':
            server_name    => $::swift::proxy::proxy_service_host,
            certs          => [$::swift::proxy::proxy_service_host],
            default_server => true,
            do_ocsp        => false,
            ocsp_proxy     => $ocsp_proxy,
            enable_http2   => false,
        }
    }

    ferm::service { 'swift-proxy-https':
        proto   => 'tcp',
        notrack => true,
        port    => '443',
    }
}