# configure frontend
args = []
ftype = spec.rgw_frontend_type or "beast"
+
+ # if an ssl_certificate arg was passed as part of rgw_frontend_extra_args
+ # then we shouldn't add it automatically else the rgw won't start
+ extra_ssl_cert_provided = any(
+ arg.startswith("ssl_certificate=")
+ for arg in (spec.rgw_frontend_extra_args or [])
+ )
+
if ftype == 'beast':
if spec.ssl:
if daemon_spec.ip:
f"ssl_endpoint={build_url(host=daemon_spec.ip, port=port).lstrip('/')}")
else:
args.append(f"ssl_port={port}")
- args.append(f"ssl_certificate=config://rgw/cert/{spec.service_name()}")
+ if not extra_ssl_cert_provided:
+ args.append(f"ssl_certificate=config://rgw/cert/{spec.service_name()}")
else:
if daemon_spec.ip:
args.append(f"endpoint={build_url(host=daemon_spec.ip, port=port).lstrip('/')}")
args.append(f"port={build_url(host=daemon_spec.ip, port=port).lstrip('/')}s")
else:
args.append(f"port={port}s") # note the 's' suffix on port
- args.append(f"ssl_certificate=config://rgw/cert/{spec.service_name()}")
+ if not extra_ssl_cert_provided:
+ args.append(f"ssl_certificate=config://rgw/cert/{spec.service_name()}")
else:
if daemon_spec.ip:
args.append(f"port={build_url(host=daemon_spec.ip, port=port).lstrip('/')}")
projects / ceph.git / commitdiff