diff options
Diffstat (limited to 'manifests/profile/base/panko/api.pp')
| -rw-r--r-- | manifests/profile/base/panko/api.pp | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/manifests/profile/base/panko/api.pp b/manifests/profile/base/panko/api.pp index 45ee0c0..90e80a2 100644 --- a/manifests/profile/base/panko/api.pp +++ b/manifests/profile/base/panko/api.pp @@ -18,6 +18,10 @@ # # === Parameters # +# [*bootstrap_node*] +# (Optional) The hostname of the node responsible for bootstrapping tasks +# Defaults to hiera('bootstrap_nodeid') +# # [*certificates_specs*] # (Optional) The specifications to give to certmonger for the certificate(s) # it will create. @@ -34,14 +38,6 @@ # (Optional) Whether TLS in the internal network is enabled or not. # Defaults to hiera('enable_internal_tls', false) # -# [*generate_service_certificates*] -# (Optional) Whether or not certmonger will generate certificates for -# HAProxy. This could be as many as specified by the $certificates_specs -# variable. -# Note that this doesn't configure the certificates in haproxy, it merely -# creates the certificates. -# Defaults to hiera('generate_service_certificate', false). -# # [*panko_network*] # (Optional) The network name where the panko endpoint is listening on. # This is set by t-h-t. @@ -53,19 +49,21 @@ # Defaults to hiera('step') # class tripleo::profile::base::panko::api ( + $bootstrap_node = hiera('bootstrap_nodeid', undef), $certificates_specs = hiera('apache_certificates_specs', {}), $enable_internal_tls = hiera('enable_internal_tls', false), - $generate_service_certificates = hiera('generate_service_certificates', false), $panko_network = hiera('panko_api_network', undef), $step = hiera('step'), ) { + if $::hostname == downcase($bootstrap_node) { + $sync_db = true + } else { + $sync_db = false + } + include ::tripleo::profile::base::panko if $enable_internal_tls { - if $generate_service_certificates { - ensure_resources('tripleo::certmonger::httpd', $certificates_specs) - } - if !$panko_network { fail('panko_api_network is not set in the hieradata.') } @@ -76,8 +74,11 @@ class tripleo::profile::base::panko::api ( $tls_keyfile = undef } - if $step >= 4 { - include ::panko::api + if $step >= 4 or ( $step >= 3 and $sync_db ) { + include ::panko::db + class { '::panko::api': + sync_db => $sync_db, + } class { '::panko::wsgi::apache': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, |