summaryrefslogtreecommitdiffstats
path: root/puppet/services
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-06-09 10:55:13 +0000
committerGerrit Code Review <review@openstack.org>2017-06-09 10:55:13 +0000
commite7dda1bfa332bdfb38afdc0be11b67012eacb4fc (patch)
treec6cf8038746194c77bbdda9117fc094df7525a80 /puppet/services
parent6927a4166530c3de8ae469a1911ed3475b4f4bdc (diff)
parent35c22be1fe1feced538ba56cb88445a3502997b0 (diff)
Merge "Configure crl file for HAProxy"
Diffstat (limited to 'puppet/services')
-rw-r--r--puppet/services/haproxy.yaml6
1 files changed, 6 insertions, 0 deletions
diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index a71491c0..619cf131 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -50,6 +50,11 @@ parameters:
type: string
description: Specifies the default CA cert to use if TLS is used for
services in the internal network.
+ InternalTLSCRLPEMFile:
+ default: '/etc/pki/CA/crl/overcloud-crl.pem'
+ type: string
+ description: Specifies the default CRL PEM file to use for revocation if
+ TLS is used for services in the internal network.
resources:
@@ -89,6 +94,7 @@ outputs:
tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
tripleo::haproxy::redis_password: {get_param: RedisPassword}
tripleo::haproxy::ca_bundle: {get_param: InternalTLSCAFile}
+ tripleo::haproxy::crl_file: {get_param: InternalTLSCRLPEMFile}
tripleo::profile::base::haproxy::certificates_specs:
map_merge:
- get_attr: [HAProxyPublicTLS, role_data, certificates_specs]