4deea3a46b
The default command didn't work, so we need to fix that. The script additionally copies the certificates in the right place and instead of restarting stunnel, triggers a configuration reload. Related-Bug: #1811401 Needed-By: I49811a6cab5416d965ce1da93a71728ad5b1d27c Change-Id: I437d69fef45d1662e8908c5ca0f7063be6cb9b32
15 lines
500 B
Bash
15 lines
500 B
Bash
#!/bin/bash
|
|
|
|
|
|
container_cli=$(hiera -c /etc/puppet/hiera.yaml container_cli docker)
|
|
|
|
container_name=$($container_cli ps --format="{{.Names}}" | grep redis_tls_proxy)
|
|
|
|
service_pem="$(hiera -c /etc/puppet/hiera.yaml tripleo::redis::service_certificate)"
|
|
|
|
# Copy the new cert from the mount-point to the real path
|
|
$container_cli exec "$container_name" cp "/var/lib/kolla/config_files/src-tls$service_pem" "$service_pem"
|
|
|
|
# Trigger a reload for stunnel to read the new certificates
|
|
pkill -o -HUP stunnel
|