From ecd441269b1c16b7567615b23071bcfc49f398ce Mon Sep 17 00:00:00 2001 From: Evan Cordell Date: Thu, 23 Feb 2017 18:13:02 -0500 Subject: [PATCH] Pass host to apostille (required for k8s ingress) --- conf/init/nginx_conf_create.sh | 3 +++ conf/nginx/server-base.conf.jnj | 1 + 2 files changed, 4 insertions(+) diff --git a/conf/init/nginx_conf_create.sh b/conf/init/nginx_conf_create.sh index a6b3934ed..f2dc9724c 100755 --- a/conf/init/nginx_conf_create.sh +++ b/conf/init/nginx_conf_create.sh @@ -30,13 +30,16 @@ def generate_server_config(config): """ if config: tuf_server = config.get('TUF_SERVER', None) + tuf_host = config.get('TUF_HOST', None) signing_enabled = config.get('FEATURE_SIGNING', False) else: tuf_server = None + tuf_host = None signing_enabled = False write_config('conf/nginx/server-base.conf', tuf_server=tuf_server, + tuf_host=tuf_host, signing_enabled=signing_enabled) diff --git a/conf/nginx/server-base.conf.jnj b/conf/nginx/server-base.conf.jnj index 05600d73d..469dba28d 100644 --- a/conf/nginx/server-base.conf.jnj +++ b/conf/nginx/server-base.conf.jnj @@ -83,6 +83,7 @@ location /secscan/ { location ~ ^/v2/(.+)/_trust/tuf/(.*)$ { set $upstream_tuf {{ tuf_server }}; proxy_pass $upstream_tuf$uri; + proxy_set_header Host "{{ tuf_host }"; } {% endif %}