diff options
author | elijah <elijah@riseup.net> | 2013-07-28 18:14:01 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2013-07-30 16:44:03 -0700 |
commit | b87bd57ad010ee6f091f77b8b1f653afafc0e4c7 (patch) | |
tree | f8288eba588e711a54bec5e7f489fe5e496dbc16 | |
parent | 7ac64237fcb09893ae36b1b2f278e1474df8c49b (diff) |
added webapp.secure flag (turns on secure cookies and HSTS)
-rw-r--r-- | provider_base/services/webapp.json | 3 | ||||
-rw-r--r-- | puppet/modules/site_webapp/templates/config.yml.erb | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/provider_base/services/webapp.json b/provider_base/services/webapp.json index 55331274..ed039b01 100644 --- a/provider_base/services/webapp.json +++ b/provider_base/services/webapp.json @@ -13,7 +13,8 @@ "allow_unlimited_certs": "= global.provider.service.allow_unlimited_bandwidth", "allow_anonymous_certs": "= global.provider.service.allow_anonymous", "secret_token": "= secret :webapp_secret_token", - "api_version": 1 + "api_version": 1, + "secure": false }, "stunnel": { "couch_client": "= stunnel_client(nodes_like_me[:services => :couchdb], global.services[:couchdb].couch.port)" diff --git a/puppet/modules/site_webapp/templates/config.yml.erb b/puppet/modules/site_webapp/templates/config.yml.erb index df562cd9..8b4b3bbe 100644 --- a/puppet/modules/site_webapp/templates/config.yml.erb +++ b/puppet/modules/site_webapp/templates/config.yml.erb @@ -2,6 +2,7 @@ production: admins: [admin] domain: <%= @provider_domain %> + force_ssl: <%= @webapp['secure'] %> client_ca_key: <%= scope.lookupvar('site_webapp::client_ca::key_path') %> client_ca_cert: <%= scope.lookupvar('site_webapp::client_ca::cert_path') %> secret_token: "<%= @secret_token %>" |