summaryrefslogtreecommitdiffstats
path: root/environments/ssl/enable-internal-tls.yaml
blob: 287ed19f28be71808815537fa8733a1124bd5604 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# *******************************************************************
# This file was created automatically by the sample environment
# generator. Developers should use `tox -e genconfig` to update it.
# Users are recommended to make changes to a copy of the file instead
# of the original, if any customizations are needed.
# *******************************************************************
# title: Enable SSL on OpenStack Internal Endpoints
# description: |
#   A Heat environment file which can be used to enable TLS for the internal
#   network via certmonger
parameter_defaults:
  # ******************************************************
  # Static parameters - these are values that must be
  # included in the environment but should not be changed.
  # ******************************************************
  # 
  # Type: boolean
  EnableInternalTLS: True

  # Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host.
  # Type: string
  RabbitClientUseSSL: True

  # Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API.
  # Type: json
  ServerMetadata:
    ipa_enroll: True

  # *********************
  # End static parameters
  # *********************
resource_registry:
  OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml
  OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml
  OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml
  OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml