Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "Set the MySQL root password"
[apex-tripleo-heat-templates.git] / ssl-source.yaml
diff --git a/ssl-source.yaml b/ssl-source.yaml
index 9127555..ac1ef42 100644 (file)
--- a/ssl-source.yaml
+++ b/ssl-source.yaml
@@ -1,43 +1,73 @@
-Description: 'ssl-source: SSL endpoint metadata for openstack'
-Parameters:
+description: 'ssl-source: SSL endpoint metadata for openstack'
+parameters:
   SSLCertificate:
-    Default: ''
-    Description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
-    Type: String
-    NoEcho: true
+    default: ''
+    description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
+    type: string
+    hidden: true
   SSLKey:
-    Default: ''
-    Description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
-    Type: String
-    NoEcho: true
-Resources:
-  notcomputeConfig:
-    Type: AWS::AutoScaling::LaunchConfiguration
-    Metadata:
-      stunnel:
-        cert:
-          Ref: SSLCertificate
-        key:
-          Ref: SSLKey
-        ports:
-         - name: 'ec2'
-           accept: 13773
-           connect: 8773
-         - name: 'image'
-           accept: 13292
-           connect: 9292
-         - name: 'identity'
-           accept: 13000
-           connect: 5000
-         - name: 'network'
-           accept: 13696
-           connect: 9696
-         - name: 'compute'
-           accept: 13774
-           connect: 8774
-         - name: 'swift-proxy'
-           accept: 13080
-           connect: 8080
-         - name: 'cinder'
-           accept: 13776
-           connect: 8776
+    default: ''
+    description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
+    type: string
+    hidden: true
+  SSLCACertificate:
+    default: ''
+    description: If set, the contents of an SSL certificate authority file.
+    type: string
+resources:
+  SSLConfig:
+    type: OS::Heat::StructuredConfig
+    properties:
+      group: os-apply-config
+      config:
+        ssl:
+          ca_certificate:
+            get_input: ssl_ca_certificate
+        stunnel:
+          cert:
+            get_input: ssl_certificate
+          key:
+            get_input: ssl_key
+          cacert:
+            get_input: ssl_ca_certificate
+          ports:
+           - name: 'ec2'
+             accept: 13773
+             connect: 8773
+             connect_host:
+               get_input: controller_host
+           - name: 'image'
+             accept: 13292
+             connect: 9292
+             connect_host:
+               get_input: controller_host
+           - name: 'identity'
+             accept: 13000
+             connect: 5000
+             connect_host:
+               get_input: controller_host
+           - name: 'network'
+             accept: 13696
+             connect: 9696
+             connect_host:
+               get_input: controller_host
+           - name: 'compute'
+             accept: 13774
+             connect: 8774
+             connect_host:
+               get_input: controller_host
+           - name: 'swift-proxy'
+             accept: 13080
+             connect: 8080
+             connect_host:
+               get_input: controller_host
+           - name: 'cinder'
+             accept: 13776
+             connect: 8776
+             connect_host:
+               get_input: controller_host
+           - name: 'ceilometer'
+             accept: 13777
+             connect: 8777
+             connect_host:
+               get_input: controller_host