summaryrefslogtreecommitdiffstats
path: root/manifests/profile/base/panko
AgeCommit message (Collapse)AuthorFilesLines
2017-11-13Create dedicated "apache" base profileCédric Jeanneret1-1/+1
This profile has multiple purposes: - group common httpd configurations/instructions - correct a small issue with the "status" mod Until now, only Horizon was specifically including this mode, and as httpd wasn't listening on localhost, it wasn't in use at all. With this commit, all API using apache will be able to provide the httpd server status on 127.0.0.1/server-status. Change-Id: If6d64f807c244d7e56852a67ac7dbad26c4c002f Closes-Bug: 1724751 (cherry picked from commit 0933bc5fd896ac2474872bb1b4b217ad8f430885)
2017-06-14Ensure hiera step value is an integerSteve Baker1-1/+1
The step is typically set with the hieradata setting an integer value: {"step": 1} However it would be useful for the value to be a string so that substitutions are possible, for example: {"step": "%{::step}"} This change ensures the step parameter defaults to an integer by calling Integer(hiera('step')) This change was made by manually removing the undef defaults from fluentd.pp, uchiwa.pp, and sensu.pp then bulk updating with: find ./ -type f -print0 |xargs -0 sed -i "s/= hiera('step')/= Integer(hiera('step'))/" Change-Id: I8a47ca53a7dea8391103abcb8960a97036a6f5b3
2017-04-18Ensure we configure ssl.confLukas Bezdicka1-0/+1
Every time we call apache module regardless of using SSL we have to configure mod_ssl from puppet-apache or we'll hit issue during package update. File /etc/httpd/conf.d/ssl.conf from mod_ssl package contains Listen 443 while apache::mod::ssl just configures SSL bits but does not add Listen. If the apache::mod::ssl is not included the ssl.conf file is removed and recreated during mod_ssl package update. This causes conflict on port 443. Change-Id: Ic5a0719f67d3795a9edca25284d1cf6f088073e8 Related-Bug: 1682448 Resolves: rhbz#1441977
2017-03-26Remove certificate request bits from service profilesJuan Antonio Osorio Robles1-13/+0
This is now the job of the certmonger_user profile. So these bits are not needed anymore in the service profiles. Change-Id: Iaa3137d7d13d5e707f587d3905a5a32598c08800 Depends-On: Ibf58dfd7d783090e927de6629e487f968f7e05b6
2017-03-10panko: Do db_sync in api manifestJuan Antonio Osorio Robles1-2/+16
The db_sync from panko comes from the panko-api package; So we move the db_sync to be done in the api manifest as it's done for other services such as barbican. This is necessary since in cases where the overcloud deploy requires puppet to do the installations, with the previous setup it failed since the command wasn't available in the step it was being done. Change-Id: I20a549cbaa2ee4b2c762dbae97f5cbf4d0b517c8 Closes-Bug: #1671716
2016-11-25Enable TLS in the internal network for Panko APIJuan Antonio Osorio Robles1-2/+53
This optionally enables TLS for Panko API in the internal network. If internal TLS is enabled, each node that is serving the Panko API service will use certmonger to request its certificate. bp tls-via-certmonger Change-Id: Ie9be7ce19601435b1b83b4ba58d9c7e8d53f23ba
2016-11-14Add panko service supportPradeep Kilambi1-0/+35
Change-Id: I35f283bdf8dd0ed979c65633724f0464695130a4