flatpak-cache: fix httpd not using the squid proxy correctly...

Signed-off-by: Leo Puvilland <leo@craftcat.dev>
2024-03-06 14:39:42 -08:00 · 2024-03-06 14:39:42 -08:00 · e05a7b6bb1
commit e05a7b6bb1
parent ccdbdbeeff
2 changed files with 15 additions and 1 deletions
--- a/roles/httpd/reverseproxy/templates/reversepassproxy.flatpak-cache.conf
+++ b/roles/httpd/reverseproxy/templates/reversepassproxy.flatpak-cache.conf
@ -1 +1,12 @@
-ProxyRemote "*" "http://worker01.ocp.stg.iad2.fedoraproject.org:31444"
+ProxyRemote "*" "http://worker01.ocp.stg.iad2.fedoraproject.org:31444"
 ProxyRequests On
 ProxyVia On
 ProxyPreserveHost On
 RequestHeader set X-Forwarded-Proto "https"
 RequestHeader set X-Forwarded-Port "443"
 ProxyPass / http://worker01.ocp.stg.iad2.fedoraproject.org:31444
 ProxyPassReverse / http://worker01.ocp.stg.iad2.fedoraproject.org:31444
 RemoteIPHeader X-Forwarded-For
--- a/roles/openshift-apps/flatpak-cache/templates/squid.conf
+++ b/roles/openshift-apps/flatpak-cache/templates/squid.conf
@ -1,5 +1,6 @@
 acl openqa src 10.3.174.21-10.3.174.64
 acl batcave src 10.3.163.35
 acl proxies src 10.128.4.1
 acl SSL_ports port 443
 acl Safe_ports port 80 443
@ -25,6 +26,8 @@ cache deny !cacheDomain
 # And finally deny all other access to this proxy
 http_access deny all
 # Trust proxies to have correct X-Forwarded-For
 follow_x_forwarded_for allow proxies
 http_port 3128 tcpkeepalive=60,30,3 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB tls-cert=/etc/pki/squid/ca/ca.crt tls-key=/etc/pki/squid/key/ca.key tls-dh=prime256v1:/etc/pki/squid/dhparam/dh.pem