diff options
| author |   Jenkins <jenkins@review.openstack.org> | 2017-08-18 15:25:44 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <review@openstack.org> | 2017-08-18 15:25:44 +0000 |
| commit | 8865ab2985d0baf039c5f03ac0fab07ff8f2bab4 (patch) | |
| tree | 34c93cb301339017f3527e9f4d955ceb4e372c3e /puppet/services | |
| parent | 9adfd2fc2ae228a36367441fcfdf2c6fb0334d7d (diff) | |
| parent | 1df5f72688d39490822137f5ac92f58ef70f6bc9 (diff) | |
Merge "Enable listening on TLS for the internal network for horizon"
Diffstat (limited to 'puppet/services')
| -rw-r--r-- | puppet/services/horizon.yaml | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/puppet/services/horizon.yaml b/puppet/services/horizon.yaml index 63ab92eb..642a0f09 100644 --- a/puppet/services/horizon.yaml +++ b/puppet/services/horizon.yaml @@ -67,6 +67,14 @@ parameters: MonitoringSubscriptionHorizon: default: 'overcloud-horizon' type: string + EnableInternalTLS: + type: boolean + default: false + InternalTLSCAFile: + default: '/etc/ipa/ca.crt' + type: string + description: Specifies the default CA cert to use if TLS is used for + services in the internal network. conditions: @@ -109,6 +117,14 @@ outputs: - {get_param: [DefaultPasswords, horizon_secret]} horizon::secure_cookies: {get_param: [HorizonSecureCookies]} memcached_ipv6: {get_param: MemcachedIPv6} + horizon::servername: + str_replace: + template: + "%{hiera('fqdn_$NETWORK')}" + params: + $NETWORK: {get_param: [ServiceNetMap, HorizonNetwork]} + horizon::listen_ssl: {get_param: EnableInternalTLS} + horizon::horizon_ca: {get_param: InternalTLSCAFile} - if: - debug_unset |