octavia/elements/certs-ramfs/init-scripts/upstart/certs-ramfs.conf

description "Creates an encrypted ramfs for Octavia certs"

start on started cloud-config
stop on runlevel [!2345]

pre-start script
    /usr/local/bin/certfs-ramfs
end script

post-stop script
    certs_path=$(awk "/base_cert_dir / {printf \$3}" /etc/octavia/amphora-agent.conf)
    umount "${certs_path}"
    cryptsetup luksClose /dev/mapper/certfs-ramfs
end script