Containerized Horizon: expose "DocumentRoot" on host
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
Medium
|
Cédric Jeanneret deactivated |
Bug Description
Dear Stackers,
In order to proceed the webroot validation for Let's Encrypt, we have to allow horizon container access the validation token.
Currently, horizon httpd vhost has a "DocumentRoot" set to /var/www - this location is empty, except two directories, cgi-bin and html. They are also empty.
The validation process will be as follow:
on the host, certbot will be launched, with the right options, in order to either create or renew the certificate.
It will create a directory, /var/www/
Exposing the container's /var/www directory tree on the host, in the same location, with a read-only flag, should be sufficient in order to get the validation working.
In order to do that, adding the following line:
- /var/www/
in openstack-
Care to validate this idea, as well as the modification location? I'm testing it on my lab in parallel, but of course having some insight will be nice :)
Thank you!
Cheers,
C.
Changed in tripleo: | |
status: | New → Triaged |
importance: | Undecided → Medium |
milestone: | none → rocky-2 |
tags: | added: pike-backport-potential queens-backport-potential |
Fix proposed to branch: master /review. openstack. org/565753
Review: https:/