From 03af5f8f4d01fe40253b355252e05548d5f50777 Mon Sep 17 00:00:00 2001 From: Thomas Herve Date: Wed, 19 Jul 2017 11:13:19 +0200 Subject: Enable Zaqar API SSL This sets the SSL flag in the docker service and expose the parameter in the docker service. Depends-On: I4c68a662c2433398249f770ac50ba0791449fe71 Change-Id: Ic3df2b9ab7432ffbed5434943e04085a781774a0 --- docker/services/zaqar.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'docker/services/zaqar.yaml') diff --git a/docker/services/zaqar.yaml b/docker/services/zaqar.yaml index 061a4a70..df57ad6a 100644 --- a/docker/services/zaqar.yaml +++ b/docker/services/zaqar.yaml @@ -40,9 +40,13 @@ parameters: default: {} description: Parameters specific to the role type: json + EnableInternalTLS: + type: boolean + default: false conditions: zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']} + internal_tls_enabled: {get_param: EnableInternalTLS} resources: @@ -58,6 +62,7 @@ resources: DefaultPasswords: {get_param: DefaultPasswords} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} + EnableInternalTLS: {get_param: EnableInternalTLS} outputs: role_data: @@ -137,6 +142,16 @@ outputs: - /var/lib/kolla/config_files/zaqar.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/zaqar/:/var/lib/kolla/config_files/src:ro - /var/log/containers/zaqar:/var/log/zaqar + - + if: + - internal_tls_enabled + - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro + - '' + - + if: + - internal_tls_enabled + - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro + - '' environment: - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS zaqar_websocket: @@ -162,3 +177,5 @@ outputs: - name: Stop and disable zaqar service tags: step2 service: name=httpd state=stopped enabled=no + metadata_settings: + get_attr: [ZaqarBase, role_data, metadata_settings] -- cgit 1.2.3-korg