X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=ssl-source.yaml;h=a9357323c0c490975b36fa16461b59766a2df6c6;hb=410707efe8e0785fa7420078ebe540426e3f6588;hp=9127555a2518df0dd1e261204102c069138d82aa;hpb=01fe17fe1ba0f5d43d14890dc3b7fc0150f67ac8;p=apex-tripleo-heat-templates.git

diff --git a/ssl-source.yaml b/ssl-source.yaml
index 9127555a..a9357323 100644
--- a/ssl-source.yaml
+++ b/ssl-source.yaml
@@ -1,43 +1,54 @@
-Description: 'ssl-source: SSL endpoint metadata for openstack'
-Parameters:
+description: 'ssl-source: SSL endpoint metadata for openstack'
+parameters:
+  SSLCACertificate:
+    default: ''
+    description: If set, the contents of an SSL certificate authority file.
+    type: string
   SSLCertificate:
-    Default: ''
-    Description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
-    Type: String
-    NoEcho: true
+    default: ''
+    description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
+    type: string
+    hidden: true
   SSLKey:
-    Default: ''
-    Description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
-    Type: String
-    NoEcho: true
-Resources:
-  notcomputeConfig:
-    Type: AWS::AutoScaling::LaunchConfiguration
-    Metadata:
-      stunnel:
-        cert:
-          Ref: SSLCertificate
-        key:
-          Ref: SSLKey
-        ports:
-         - name: 'ec2'
-           accept: 13773
-           connect: 8773
-         - name: 'image'
-           accept: 13292
-           connect: 9292
-         - name: 'identity'
-           accept: 13000
-           connect: 5000
-         - name: 'network'
-           accept: 13696
-           connect: 9696
-         - name: 'compute'
-           accept: 13774
-           connect: 8774
-         - name: 'swift-proxy'
-           accept: 13080
-           connect: 8080
-         - name: 'cinder'
-           accept: 13776
-           connect: 8776
+    default: ''
+    description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
+    type: string
+    hidden: true
+resources:
+  SSLConfig:
+    type: OS::Heat::StructuredConfig
+    properties:
+      group: os-apply-config
+      config:
+        ssl:
+          ca_certificate: {get_input: ssl_ca_certificate}
+        stunnel:
+          cert: {get_input: ssl_certificate}
+          key: {get_input: ssl_key}
+          cacert: {get_input: ssl_ca_certificate}
+          connect_host: {get_input: controller_host}
+          ports:
+           - name: 'ec2'
+             accept: 13773
+             connect: 8773
+           - name: 'image'
+             accept: 13292
+             connect: 9292
+           - name: 'identity'
+             accept: 13000
+             connect: 5000
+           - name: 'network'
+             accept: 13696
+             connect: 9696
+           - name: 'compute'
+             accept: 13774
+             connect: 8774
+           - name: 'swift-proxy'
+             accept: 13080
+             connect: 8080
+           - name: 'cinder'
+             accept: 13776
+             connect: 8776
+           - name: 'ceilometer'
+             accept: 13777
+             connect: 8777