Merge "Switch openstackid to LE certs"

This commit is contained in:
Zuul 2021-05-27 18:46:11 +00:00 committed by Gerrit Code Review
commit 1c7c304c88
2 changed files with 9 additions and 6 deletions

View File

@ -257,9 +257,9 @@ node /^openstackid\d*(\.openstack)?\.org$/ {
id_mysql_user => hiera('openstackid_id_mysql_user', 'username'), id_mysql_user => hiera('openstackid_id_mysql_user', 'username'),
id_db_name => hiera('openstackid_id_db_name'), id_db_name => hiera('openstackid_id_db_name'),
redis_password => hiera('openstackid_redis_password'), redis_password => hiera('openstackid_redis_password'),
ssl_cert_file_contents => hiera('openstackid_ssl_cert_file_contents'), ssl_cert_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.cer',
ssl_key_file_contents => hiera('openstackid_ssl_key_file_contents'), ssl_key_file => '/etc/letsencrypt-certs/openstackid.org/openstackid.org.key',
ssl_chain_file_contents => hiera('openstackid_ssl_chain_file_contents'), ssl_chain_file => '/etc/letsencrypt-certs/openstackid.org/ca.cer',
id_recaptcha_public_key => hiera('openstackid_recaptcha_public_key'), id_recaptcha_public_key => hiera('openstackid_recaptcha_public_key'),
id_recaptcha_private_key => hiera('openstackid_recaptcha_private_key'), id_recaptcha_private_key => hiera('openstackid_recaptcha_private_key'),
vhost_name => 'openstackid.org', vhost_name => 'openstackid.org',

View File

@ -31,6 +31,9 @@ class openstack_project::openstackid_prod (
$id_log_error_to_email = '', $id_log_error_to_email = '',
$id_log_error_from_email = '', $id_log_error_from_email = '',
$id_environment = 'production', $id_environment = 'production',
$ssl_cert_file = "/etc/ssl/certs/${::fqdn}.pem",
$ssl_key_file = "/etc/ssl/private/${::fqdn}.key",
$ssl_chain_file = '/etc/ssl/certs/intermediate.pem',
$ssl_cert_file_contents = '', $ssl_cert_file_contents = '',
$ssl_key_file_contents = '', $ssl_key_file_contents = '',
$ssl_chain_file_contents = '', $ssl_chain_file_contents = '',
@ -110,9 +113,9 @@ class openstack_project::openstackid_prod (
id_log_error_to_email => $id_log_error_to_email, id_log_error_to_email => $id_log_error_to_email,
id_log_error_from_email => $id_log_error_from_email, id_log_error_from_email => $id_log_error_from_email,
id_environment => $id_environment, id_environment => $id_environment,
ssl_cert_file => "/etc/ssl/certs/${::fqdn}.pem", ssl_cert_file => $ssl_cert_file,
ssl_key_file => "/etc/ssl/private/${::fqdn}.key", ssl_key_file => $ssl_key_file,
ssl_chain_file => '/etc/ssl/certs/intermediate.pem', ssl_chain_file => $ssl_chain_file,
ssl_cert_file_contents => $ssl_cert_file_contents, ssl_cert_file_contents => $ssl_cert_file_contents,
ssl_key_file_contents => $ssl_key_file_contents, ssl_key_file_contents => $ssl_key_file_contents,
ssl_chain_file_contents => $ssl_chain_file_contents, ssl_chain_file_contents => $ssl_chain_file_contents,