# configure frontend
args = []
ftype = spec.rgw_frontend_type or "beast"
+
+ # if an ssl_certificate arg was passed as part of rgw_frontend_extra_args
+ # then we shouldn't add it automatically else the rgw won't start
+ extra_ssl_cert_provided = any(
+ arg.startswith("ssl_certificate=")
+ for arg in (spec.rgw_frontend_extra_args or [])
+ )
+
+ if extra_ssl_cert_provided and spec.generate_cert:
+ raise OrchestratorError("Cannot provide ssl_certificate in combination with generate_cert")
+
if ftype == 'beast':
if spec.ssl:
if daemon_spec.ip:
args.append(f"ssl_port={port}")
if spec.generate_cert:
args.append(f"ssl_certificate=config://rgw/cert/{daemon_spec.name()}")
- else:
+ elif not extra_ssl_cert_provided:
args.append(f"ssl_certificate=config://rgw/cert/{spec.service_name()}")
else:
if daemon_spec.ip:
args.append(f"port={port}s") # note the 's' suffix on port
if spec.generate_cert:
args.append(f"ssl_certificate=config://rgw/cert/{daemon_spec.name()}")
- else:
+ elif not extra_ssl_cert_provided:
args.append(f"ssl_certificate=config://rgw/cert/{spec.service_name()}")
else:
if daemon_spec.ip:
projects / ceph.git / commitdiff