From 80ef5e47df9488a99ce7efaa1d0f3d11b89866f2 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Sun, 5 Jun 2022 13:44:02 -0700
Subject: [PATCH] proxies / reverseproxypass: try and only 421 ocp4 non iad2
 proxies

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/httpd/reverseproxy/templates/reversepassproxy.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/httpd/reverseproxy/templates/reversepassproxy.conf b/roles/httpd/reverseproxy/templates/reversepassproxy.conf
index 0520c3a862..389707ed49 100644
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.conf
@@ -19,7 +19,7 @@ ProxyPreserveHost On
 
 {% if balancer_name is defined %}
 # This is something that wants a apache balancer
-{% if 'iad2' in inventory_hostname %}
+{% if 'iad2' in inventory_hostname or not ocp4|bool %}
 # This proxy is in iad2 and so we setup the balancer.
 # Non iad2 proxies just send a 421 for this application to avoid firefox h2 reuse bug
 SSLProxyEngine On
@@ -73,7 +73,7 @@ BalancerMember "https://{{ member }}"
 </Proxy>
 ProxyPass {{ localpath }} "balancer://{{balancer_name}}{{remotepath}}"
 ProxyPassReverse {{ localpath }} "balancer://{{balancer_name}}{{remotepath}}"
-{% else %} 
+{% elif ocp4|bool %}
 # This is a non iad2 proxy and an app that only exists in iad2
 # We do this to avoid a h2 connection reuse bug by firefox.
 Redirect 421 /