From efbb8c288fcd8148283a28df445dad56bbf1fa1f Mon Sep 17 00:00:00 2001
From: Travis Truman <travis_truman@cable.comcast.com>
Date: Fri, 4 Mar 2016 17:28:33 -0500
Subject: [PATCH] Role should default to no external SSL termination

Also, variable naming should match what is in
Id87fab39c929e0860abbc3755ad386aa6893b151

Change-Id: Iadf64979d01d15f459b8fcdd92a60b207745c006
---
 defaults/main.yml      | 4 +++-
 templates/nova.conf.j2 | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 247c97cc..5de00e06 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -164,8 +164,10 @@ nova_console_ssl_dir: "/etc/nova/ssl"
 nova_console_ssl_cert: "{{ nova_console_ssl_dir }}/nova-console.pem"
 nova_console_ssl_key: "{{ nova_console_ssl_dir }}/nova-console.key"
 
+# Set to true when terminating SSL/TLS at a load balancer
+nova_external_ssl: false
+
 # External SSL forwarding proto
-nova_ssl_external: true
 nova_secure_proxy_ssl_header: HTTP_X_FORWARDED_PROTO
 
 ## Nova global config
diff --git a/templates/nova.conf.j2 b/templates/nova.conf.j2
index d083117a..e73bb9d5 100644
--- a/templates/nova.conf.j2
+++ b/templates/nova.conf.j2
@@ -13,7 +13,7 @@ state_path = {{ nova_system_home_folder }}
 rootwrap_config = /etc/nova/rootwrap.conf
 service_down_time = 120
 
-{% if nova_ssl_external | bool %}
+{% if nova_external_ssl | bool %}
 secure_proxy_ssl_header = {{ nova_secure_proxy_ssl_header }}
 {% endif %}