11516e0e4b
This renames zk-ca to opendev-ca and allows us to operate more than one ca on bridge. This way we can keep the CAs for ZooKeeper and Jaeger distinct (so that a compromise of the jaeger server could not be used to access the ZooKeeper cluster). This also starts a new jaeger-ca and uses it on the Jaeger server. Change-Id: I4e5bc4e3ccd78284ce785c971f7e6ad6e721f887
8 lines
282 B
YAML
8 lines
282 B
YAML
# Do not define a default here to make sure we select a specific CA
|
|
# opendev_ca_name: zk
|
|
opendev_ca_root: /var/{{ opendev_ca_name }}-ca
|
|
opendev_ca_server: "{{ inventory_hostname }}"
|
|
# opendev_ca_cert_dir: /etc/zuul
|
|
opendev_ca_cert_dir_owner: 10001
|
|
opendev_ca_cert_dir_group: 10001
|