From b21a8e01cb06573c082329b65c8ca166ea8e978e Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Fri, 18 Nov 2011 17:48:49 -0200
Subject: Use $apache_https_proxy instead of hardcoded HTTPS setting

---
 manifests/init.pp | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'manifests')

diff --git a/manifests/init.pp b/manifests/init.pp
index 42917b9..3d57fa3 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -26,6 +26,7 @@
 
 $apache2_sites  = "/etc/apache2/sites"
 $apache2_mods   = "/etc/apache2/mods"
+$apache2_conf_d = "/etc/apache2/conf.d"
 $apache2_macros = "/etc/apache2/conf.d/macros"
 $apache2_conf   = "/etc/apache2/apache2.conf"
 
@@ -114,6 +115,23 @@ class apache {
     notify  => Service["apache"],
   }
 
+  # https proxy configuration
+  # see http://www.metaltoad.com/blog/running-drupal-secure-pages-behind-proxy
+  file { "$apache2_conf_d/https-proxy":
+    ensure => $apache_https_proxy ? {
+      ''      => absent,
+      default => present,
+    }
+    content => $apache_https_proxy ? {
+      'force' => "SetEnv HTTPS on\n",
+      default => "SetEnvIf X-Forwarded-Proto https HTTPS=on\n",
+    },
+    owner   => root,
+    group   => root,
+    mode    => 0644,
+    notify  => Service["apache"],
+  }
+
   define site($ensure = present, $docroot = false, $redirect = false,
               $redirect_match = false, $protocol = 'http', $aliases = false,
               $server_alias = false, $use = false, $ticket = false,
-- 
cgit v1.2.3