From 7df5b877bfe71b35361255fb112c2fba20f164bf Mon Sep 17 00:00:00 2001 From: Marton Kiss Date: Mon, 3 Mar 2014 16:43:22 +0100 Subject: [PATCH] Add OpenstackID SSL Certs Add openstackid ssl cert in site.pp and pass ssl cert contents to underlying openstackid classes. Change-Id: I5d26f42ceacc38389703ea9921b265e4ddeed00f --- manifests/site.pp | 17 ++++++++++------- .../manifests/openstackid_dev.pp | 9 +++++++++ 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/manifests/site.pp b/manifests/site.pp index 3e0eabace7..109758db55 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -774,13 +774,16 @@ node /^fedora18-dev\d+\.slave\.openstack\.org$/ { node 'openstackid-dev.openstack.org' { class { 'openstack_project::openstackid_dev': - sysadmins => hiera('sysadmins'), - site_admin_password => hiera('openstackid_dev_site_admin_password'), - id_mysql_host => hiera('openstackid_dev_id_mysql_host'), - id_mysql_password => hiera('openstackid_dev_id_mysql_password'), - ss_mysql_host => hiera('openstackid_dev_ss_mysql_host'), - ss_mysql_password => hiera('openstackid_dev_ss_mysql_password'), - redis_password => hiera('openstackid_dev_redis_password'), + sysadmins => hiera('sysadmins'), + site_admin_password => hiera('openstackid_dev_site_admin_password'), + id_mysql_host => hiera('openstackid_dev_id_mysql_host'), + id_mysql_password => hiera('openstackid_dev_id_mysql_password'), + ss_mysql_host => hiera('openstackid_dev_ss_mysql_host'), + ss_mysql_password => hiera('openstackid_dev_ss_mysql_password'), + redis_password => hiera('openstackid_dev_redis_password'), + ssl_cert_file_contents => hiera('openstackid_dev_ssl_cert_file_contents'), + ssl_key_file_contents => hiera('openstackid_dev_ssl_key_file_contents'), + ssl_chain_file_contents => hiera('openstackid_dev_ssl_chain_file_contents'), } } diff --git a/modules/openstack_project/manifests/openstackid_dev.pp b/modules/openstack_project/manifests/openstackid_dev.pp index 575a860e60..e83c6d6bca 100644 --- a/modules/openstack_project/manifests/openstackid_dev.pp +++ b/modules/openstack_project/manifests/openstackid_dev.pp @@ -35,6 +35,9 @@ class openstack_project::openstackid_dev ( $id_log_error_to_email = '', $id_log_error_from_email = '', $id_environment = 'dev', + $ssl_cert_file_contents = '', + $ssl_key_file_contents = '', + $ssl_chain_file_contents = '' ) { realize ( @@ -65,6 +68,12 @@ class openstack_project::openstackid_dev ( id_log_error_to_email => $id_log_error_to_email, id_log_error_from_email => $id_log_error_from_email, id_environment => $id_environment, + ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", + ssl_key_file => "/etc/ssl/private/${::fqdn}.key", + ssl_chain_file => '/etc/ssl/certs/intermediate.pem', + ssl_cert_file_contents => $ssl_cert_file_contents, + ssl_key_file_contents => $ssl_key_file_contents, + ssl_chain_file_contents => $ssl_chain_file_contents, } # redis (custom module written by tipit)