diff options
-rw-r--r-- | manifests/profile/base/database/mysql/client.pp | 7 | ||||
-rw-r--r-- | manifests/profile/base/snmp.pp | 1 |
2 files changed, 6 insertions, 2 deletions
diff --git a/manifests/profile/base/database/mysql/client.pp b/manifests/profile/base/database/mysql/client.pp index 014ef35..3de1e97 100644 --- a/manifests/profile/base/database/mysql/client.pp +++ b/manifests/profile/base/database/mysql/client.pp @@ -35,6 +35,10 @@ # (Optional) Client IP address of the host that will be written in the mysql_read_default_file # Defaults to undef # +# [*ssl_ca*] +# (Optional) The SSL CA file to use to verify the MySQL server's certificate. +# Defaults to '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt' +# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. @@ -45,6 +49,7 @@ class tripleo::profile::base::database::mysql::client ( $mysql_read_default_file = '/etc/my.cnf.d/tripleo.cnf', $mysql_read_default_group = 'tripleo', $mysql_client_bind_address = undef, + $ssl_ca = '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt', $step = hiera('step'), ) { if $step >= 1 { @@ -68,7 +73,7 @@ class tripleo::profile::base::database::mysql::client ( if $enable_ssl { $changes_ssl = [ "set ${mysql_read_default_group}/ssl '1'", - "set ${mysql_read_default_group}/ssl-ca '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt'" + "set ${mysql_read_default_group}/ssl-ca '${ssl_ca}'" ] } else { $changes_ssl = [ diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp index 301ac9a..d12e34d 100644 --- a/manifests/profile/base/snmp.pp +++ b/manifests/profile/base/snmp.pp @@ -42,7 +42,6 @@ class tripleo::profile::base::snmp ( authpass => $snmpd_password, } class { '::snmp': - agentaddress => ['udp:161','udp6:[::1]:161'], snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), join(['rouser ', $snmpd_user]), 'proc cron', |