Enable Zaqar API SSL
This sets the SSL flag in the docker service and expose the parameter in the docker service. Depends-On: I4c68a662c2433398249f770ac50ba0791449fe71 Change-Id: Ic3df2b9ab7432ffbed5434943e04085a781774a0
This commit is contained in:
Thomas Herve
Juan Antonio Osorio Robles
parent
8193431e94
commit
03af5f8f4d
@ -40,9 +40,13 @@ parameters:
|
|||||||
default: {}
|
default: {}
|
||||||
description: Parameters specific to the role
|
description: Parameters specific to the role
|
||||||
type: json
|
type: json
|
||||||
|
EnableInternalTLS:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
|
||||||
conditions:
|
conditions:
|
||||||
zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
|
zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
|
||||||
|
internal_tls_enabled: {get_param: EnableInternalTLS}
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
|
|
||||||
@ -58,6 +62,7 @@ resources:
|
|||||||
DefaultPasswords: {get_param: DefaultPasswords}
|
DefaultPasswords: {get_param: DefaultPasswords}
|
||||||
RoleName: {get_param: RoleName}
|
RoleName: {get_param: RoleName}
|
||||||
RoleParameters: {get_param: RoleParameters}
|
RoleParameters: {get_param: RoleParameters}
|
||||||
|
EnableInternalTLS: {get_param: EnableInternalTLS}
|
||||||
|
|
||||||
outputs:
|
outputs:
|
||||||
role_data:
|
role_data:
|
||||||
@ -137,6 +142,16 @@ outputs:
|
|||||||
- /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
|
- /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro
|
||||||
- /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
|
- /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro
|
||||||
- /var/log/containers/zaqar:/var/log/zaqar
|
- /var/log/containers/zaqar:/var/log/zaqar
|
||||||
|
-
|
||||||
|
if:
|
||||||
|
- internal_tls_enabled
|
||||||
|
- /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
|
||||||
|
- ''
|
||||||
|
-
|
||||||
|
if:
|
||||||
|
- internal_tls_enabled
|
||||||
|
- /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
|
||||||
|
- ''
|
||||||
environment:
|
environment:
|
||||||
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
- KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
|
||||||
zaqar_websocket:
|
zaqar_websocket:
|
||||||
@ -162,3 +177,5 @@ outputs:
|
|||||||
- name: Stop and disable zaqar service
|
- name: Stop and disable zaqar service
|
||||||
tags: step2
|
tags: step2
|
||||||
service: name=httpd state=stopped enabled=no
|
service: name=httpd state=stopped enabled=no
|
||||||
|
metadata_settings:
|
||||||
|
get_attr: [ZaqarBase, role_data, metadata_settings]
|
||||||
|
|||||||
@ -105,7 +105,7 @@ outputs:
|
|||||||
- {get_param: ZaqarDebug }
|
- {get_param: ZaqarDebug }
|
||||||
zaqar::server::service_name: 'httpd'
|
zaqar::server::service_name: 'httpd'
|
||||||
zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
|
zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
|
||||||
zaqar::wsgi::apache::ssl: false
|
zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||||
zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
|
zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
|
||||||
zaqar::message_pipeline: 'zaqar.notification.notifier'
|
zaqar::message_pipeline: 'zaqar.notification.notifier'
|
||||||
zaqar::unreliable: true
|
zaqar::unreliable: true
|
||||||
@ -178,6 +178,8 @@ outputs:
|
|||||||
- {}
|
- {}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::zaqar
|
include ::tripleo::profile::base::zaqar
|
||||||
|
metadata_settings:
|
||||||
|
get_attr: [ApacheServiceBase, role_data, metadata_settings]
|
||||||
upgrade_tasks:
|
upgrade_tasks:
|
||||||
yaql:
|
yaql:
|
||||||
expression: $.data.apache_upgrade + $.data.zaqar_upgrade
|
expression: $.data.apache_upgrade + $.data.zaqar_upgrade
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user