puppet/services/rabbitmq-internal-tls-certmonger.yaml

   1 heat_template_version: ocata
   2
   3 description: >
   4   RabbitMQ configurations for using TLS via certmonger.
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   # The following parameters are not needed by the template but are
  14   # required to pass the pep8 tests
  15   DefaultPasswords:
  16     default: {}
  17     type: json
  18   EndpointMap:
  19     default: {}
  20     description: Mapping of service endpoint -> protocol. Typically set
  21                  via parameter_defaults in the resource registry.
  22     type: json
  23
  24 outputs:
  25   role_data:
  26     description: RabbitMQ configurations for using TLS via certmonger.
  27     value:
  28       service_name: rabbitmq_internal_tls_certmonger
  29       config_settings:
  30         generate_service_certificates: true
  31         tripleo::profile::base::rabbitmq::certificate_specs:
  32           service_certificate: '/etc/pki/tls/certs/rabbitmq.crt'
  33           service_key: '/etc/pki/tls/private/rabbitmq.key'
  34           hostname:
  35             str_replace:
  36               template: "%{hiera('fqdn_NETWORK')}"
  37               params:
  38                 NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
  39           principal:
  40             str_replace:
  41               template: "rabbitmq/%{hiera('fqdn_NETWORK')}"
  42               params:
  43                 NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
  44       metadata_settings:
  45         - service: rabbitmq
  46           network: {get_param: [ServiceNetMap, RabbitmqNetwork]}
  47           type: node