puppet/services/database/mysql-internal-tls-certmonger.yaml

   1 heat_template_version: 2016-10-14
   2
   3 description: >
   4   MySQL configurations for using TLS via certmonger.
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   # The following parameters are not needed by the template but are
  14   # required to pass the pep8 tests
  15   DefaultPasswords:
  16     default: {}
  17     type: json
  18   EndpointMap:
  19     default: {}
  20     description: Mapping of service endpoint -> protocol. Typically set
  21                  via parameter_defaults in the resource registry.
  22     type: json
  23
  24 outputs:
  25   role_data:
  26     description: MySQL configurations for using TLS via certmonger.
  27     value:
  28       service_name: mysql_internal_tls_certmonger
  29       config_settings:
  30         generate_service_certificates: true
  31         tripleo::profile::base::database::mysql::certificate_specs:
  32           service_certificate: '/etc/pki/tls/certs/mysql.crt'
  33           service_key: '/etc/pki/tls/private/mysql.key'
  34           hostname:
  35             str_replace:
  36               template: "%{hiera('cloud_name_NETWORK')}"
  37               params:
  38                 NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}
  39           principal:
  40             str_replace:
  41               template: "mysql/%{hiera('cloud_name_NETWORK')}"
  42               params:
  43                 NETWORK: {get_param: [ServiceNetMap, MysqlNetwork]}