From 9d081e2453285599b78ade93ff9617a28b3d1f02 Mon Sep 17 00:00:00 2001
From: Florian Faltermeier <florian.faltermeier@uibk.ac.at>
Date: Wed, 18 Dec 2019 14:31:57 +0100
Subject: [PATCH] ceph-rgw-loadbalancer: Fix SSL newline issue

The ad7a5da commit introduced a regression when using TLS on haproxy
via the haproxy_frontend_ssl_certificate variable.
This cause the "stats socket" and the "tune.ssl.default-dh-param"
parameters to be on the same line resulting haproxy failing to start.

[ALERT] 351/140240 (21388) : parsing [xxxxx] : 'stats socket' : unknown
keyword 'tune.ssl.default-dh-param'. Registered
[ALERT] 351/140240 (21388) : Fatal errors found in configuration.

Fixes: #4869

Signed-off-by: Florian Faltermeier <florian.faltermeier@uibk.ac.at>
---
 roles/ceph-rgw-loadbalancer/templates/haproxy.cfg.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/ceph-rgw-loadbalancer/templates/haproxy.cfg.j2 b/roles/ceph-rgw-loadbalancer/templates/haproxy.cfg.j2
index c7c08b726..0fea9ab52 100644
--- a/roles/ceph-rgw-loadbalancer/templates/haproxy.cfg.j2
+++ b/roles/ceph-rgw-loadbalancer/templates/haproxy.cfg.j2
@@ -9,7 +9,7 @@ global
     group       haproxy
     daemon
     stats socket /var/lib/haproxy/stats
-{%- if haproxy_frontend_ssl_certificate %}
+{% if haproxy_frontend_ssl_certificate %}
     tune.ssl.default-dh-param {{ haproxy_ssl_dh_param }}
     ssl-default-bind-ciphers {{ haproxy_ssl_ciphers | join(':') }}
     ssl-default-bind-options {{ haproxy_ssl_options | join(' ') }}