Add OpenstackID SSL Certs

Add openstackid ssl cert in site.pp and pass ssl cert contents to underlying openstackid classes. Change-Id: I5d26f42ceacc38389703ea9921b265e4ddeed00f
2014-03-03 16:43:22 +01:00 · 2014-03-03 16:43:22 +01:00 · 7df5b877bf
commit 7df5b877bf
parent 5cb08da4bc
2 changed files with 19 additions and 7 deletions
--- a/manifests/site.pp
+++ b/manifests/site.pp
@ -774,13 +774,16 @@ node /^fedora18-dev\d+\.slave\.openstack\.org$/ {

 node 'openstackid-dev.openstack.org' {
  class { 'openstack_project::openstackid_dev':
-    sysadmins            => hiera('sysadmins'),
-    site_admin_password  => hiera('openstackid_dev_site_admin_password'),
-    id_mysql_host        => hiera('openstackid_dev_id_mysql_host'),
-    id_mysql_password    => hiera('openstackid_dev_id_mysql_password'),
-    ss_mysql_host        => hiera('openstackid_dev_ss_mysql_host'),
-    ss_mysql_password    => hiera('openstackid_dev_ss_mysql_password'),
-    redis_password       => hiera('openstackid_dev_redis_password'),
+    sysadmins               => hiera('sysadmins'),
+    site_admin_password     => hiera('openstackid_dev_site_admin_password'),
+    id_mysql_host           => hiera('openstackid_dev_id_mysql_host'),
+    id_mysql_password       => hiera('openstackid_dev_id_mysql_password'),
+    ss_mysql_host           => hiera('openstackid_dev_ss_mysql_host'),
+    ss_mysql_password       => hiera('openstackid_dev_ss_mysql_password'),
+    redis_password          => hiera('openstackid_dev_redis_password'),
+    ssl_cert_file_contents  => hiera('openstackid_dev_ssl_cert_file_contents'),
+    ssl_key_file_contents   => hiera('openstackid_dev_ssl_key_file_contents'),
+    ssl_chain_file_contents => hiera('openstackid_dev_ssl_chain_file_contents'),
  }
 }

--- a/modules/openstack_project/manifests/openstackid_dev.pp
+++ b/modules/openstack_project/manifests/openstackid_dev.pp
@ -35,6 +35,9 @@ class openstack_project::openstackid_dev (
  $id_log_error_to_email = '',
  $id_log_error_from_email = '',
  $id_environment = 'dev',
+  $ssl_cert_file_contents = '',
+  $ssl_key_file_contents = '',
+  $ssl_chain_file_contents = ''
 ) {

  realize (
@ -65,6 +68,12 @@ class openstack_project::openstackid_dev (
    id_log_error_to_email    => $id_log_error_to_email,
    id_log_error_from_email  => $id_log_error_from_email,
    id_environment           => $id_environment,
+    ssl_cert_file            => "/etc/ssl/certs/${::fqdn}.pem",
+    ssl_key_file             => "/etc/ssl/private/${::fqdn}.key",
+    ssl_chain_file           => '/etc/ssl/certs/intermediate.pem',
+    ssl_cert_file_contents   => $ssl_cert_file_contents,
+    ssl_key_file_contents    => $ssl_key_file_contents,
+    ssl_chain_file_contents  => $ssl_chain_file_contents,
  }

  # redis (custom module written by tipit)