puppet-tripleo/files/certmonger-rabbitmq-refresh.sh
Cédric Jeanneret 86eab6ce8c Corrected default value for container_cli
Since Stein (OSP-15), we're using podman by default. We therefore must
reflect this in certmonger refresh secripts.

Change-Id: I377511aa0be7efbf58cd2a70e8b9a774bb679f61
2019-11-28 09:12:51 +01:00

18 lines
669 B
Bash

#!/bin/bash
container_cli=$(hiera -c /etc/puppet/hiera.yaml container_cli podman)
container_name=$($container_cli ps --format="{{.Names}}" | grep rabbitmq)
service_pem="$(hiera -c /etc/puppet/hiera.yaml tripleo::rabbitmq::service_certificate)"
# Copy the new cert from the mount-point to the real path
$container_cli exec "$container_name" cp "/var/lib/kolla/config_files/src-tls$service_pem" "$service_pem"
# Set appropriate permissions
$container_cli exec "$container_name" chown rabbitmq:rabbitmq "$service_pem"
# Trigger a pem cache clear in RabbitMQ to read the new certificates
$container_cli exec $container_name rabbitmqctl eval "ssl:clear_pem_cache()."