Merge "Pass hieradata for internal TLS for RabbitMQ"

1 files changed, 47 insertions, 0 deletions

diff --git a/puppet/services/rabbitmq-internal-tls-certmonger.yaml b/puppet/services/rabbitmq-internal-tls-certmonger.yaml
new file mode 100644
index 00000000..39d6b903
--- /dev/null
+++ b/puppet/services/rabbitmq-internal-tls-certmonger.yaml
@@ -0,0 +1,47 @@
+heat_template_version: ocata
+
+description: >
+  RabbitMQ configurations for using TLS via certmonger.
+
+parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  # The following parameters are not needed by the template but are
+  # required to pass the pep8 tests
+  DefaultPasswords:
+    default: {}
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+
+outputs:
+  role_data:
+    description: RabbitMQ configurations for using TLS via certmonger.
+    value:
+      service_name: rabbitmq_internal_tls_certmonger
+      config_settings:
+        generate_service_certificates: true
+        tripleo::profile::base::rabbitmq::certificate_specs:
+          service_certificate: '/etc/pki/tls/certs/rabbitmq.crt'
+          service_key: '/etc/pki/tls/private/rabbitmq.key'
+          hostname:
+            str_replace:
+              template: "%{hiera('fqdn_NETWORK')}"
+              params:
+                NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+          principal:
+            str_replace:
+              template: "rabbitmq/%{hiera('fqdn_NETWORK')}"
+              params:
+                NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+      metadata_settings:
+        - service: rabbitmq
+          network: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+          type: node