summaryrefslogtreecommitdiffstats
path: root/puppet
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-05-04 12:28:48 +0000
committerGerrit Code Review <review@openstack.org>2017-05-04 12:28:48 +0000
commita5e7dfaceb6e0de661f0d0693486304d74473839 (patch)
treea2f7e4a6ce45ab032d41c66a6402b1e41f05c54d /puppet
parentcc6663a5b7b524dd26962909fa93eb173380678e (diff)
parentbe4bc8f3f243b3282010848cc00f31d31c9f9ab8 (diff)
Merge "Internal TLS: Use specific CA file for mysql-client"
Diffstat (limited to 'puppet')
-rw-r--r--puppet/services/database/mysql-client.yaml6
1 files changed, 6 insertions, 0 deletions
diff --git a/puppet/services/database/mysql-client.yaml b/puppet/services/database/mysql-client.yaml
index 78456e28..b6bd060e 100644
--- a/puppet/services/database/mysql-client.yaml
+++ b/puppet/services/database/mysql-client.yaml
@@ -21,6 +21,11 @@ parameters:
EnableInternalTLS:
type: boolean
default: false
+ InternalTLSCAFile:
+ default: '/etc/ipa/ca.crt'
+ type: string
+ description: Specifies the default CA cert to use if TLS is used for
+ services in the internal network.
outputs:
role_data:
@@ -30,5 +35,6 @@ outputs:
config_settings:
tripleo::profile::base::database::mysql::client::mysql_client_bind_address: {get_param: [ServiceNetMap, MysqlNetwork]}
tripleo::profile::base::database::mysql::client::enable_ssl: {get_param: EnableInternalTLS}
+ tripleo::profile::base::database::mysql::client::ssl_ca: {get_param: InternalTLSCAFile}
step_config: |
include ::tripleo::profile::base::database::mysql::client