54 lines
2.0 KiB
YAML
54 lines
2.0 KiB
YAML
- id: ssl-keys-saving
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-controller, controller, compute, cinder, primary-mongo, mongo, ceph-osd, virt,
|
|
primary-keystone, keystone]
|
|
requires: [firewall]
|
|
condition:
|
|
yaql_exp: >
|
|
(($.public_ssl.horizon or $.public_ssl.services) and
|
|
$.public_ssl.cert_source = 'user_uploaded' and
|
|
changed($.public_ssl.cert_data)) or
|
|
(changed($.get('use_ssl')) and len($.get('use_ssl', [])) > 0)
|
|
required_for: [deploy_end]
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/ssl/ssl_keys_saving.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|
|
test_pre:
|
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/ssl/ssl_keys_saving_pre.rb
|
|
|
|
- id: ssl-add-trust-chain
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-controller, controller, compute, cinder, primary-mongo, mongo, ceph-osd, virt,
|
|
primary-keystone, keystone]
|
|
requires: [firewall, ssl-keys-saving]
|
|
condition:
|
|
yaql_exp: &public_ssl_enabled >
|
|
(changed($.public_ssl) and
|
|
($.public_ssl.horizon or $.public_ssl.services)) or
|
|
(changed($.get('use_ssl')) and (len($.get('use_ssl', [])) > 0))
|
|
required_for: [hosts]
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/ssl/ssl_add_trust_chain.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|
|
test_pre:
|
|
cmd: ruby /etc/puppet/modules/osnailyfacter/modular/ssl/ssl_keys_saving_pre.rb
|
|
|
|
- id: ssl-dns-setup
|
|
type: puppet
|
|
version: 2.1.0
|
|
groups: [primary-controller, controller, compute, cinder, primary-mongo, mongo, ceph-osd, virt,
|
|
primary-rabbitmq, rabbitmq, primary-database, database,
|
|
primary-keystone, keystone, primary-neutron, neutron]
|
|
requires: [firewall, ssl-add-trust-chain]
|
|
condition:
|
|
yaql_exp: *public_ssl_enabled
|
|
required_for: [hosts]
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/ssl/ssl_dns_setup.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 120
|