X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=ssl-source.yaml;h=ac1ef42d3aaa2d3e57e00d94b70e7bdb7d0a42fe;hb=eb7fe9bb9bb1298e5e2daed43622b57033c76c34;hp=14b0eb110eed3a5e3a1f3131dba9ec4924644e79;hpb=a830cea3b1071f70485f427877ac4577f5d13e16;p=apex-tripleo-heat-templates.git

diff --git a/ssl-source.yaml b/ssl-source.yaml
index 14b0eb11..ac1ef42d 100644
--- a/ssl-source.yaml
+++ b/ssl-source.yaml
@@ -1,43 +1,73 @@
-Description: 'ssl-source: SSL endpoint metadata for openstack'
-Parameters:
+description: 'ssl-source: SSL endpoint metadata for openstack'
+parameters:
   SSLCertificate:
-    Default: ''
-    Description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
-    Type: String
-    NoEcho: true
+    default: ''
+    description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
+    type: string
+    hidden: true
   SSLKey:
-    Default: ''
-    Description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
-    Type: String
-    NoEcho: true
-Resources:
-  controller0Config:
-    Type: AWS::AutoScaling::LaunchConfiguration
-    Metadata:
-      stunnel:
-        cert:
-          Ref: SSLCertificate
-        key:
-          Ref: SSLKey
-        ports:
-         - name: 'ec2'
-           accept: 13773
-           connect: 8773
-         - name: 'image'
-           accept: 13292
-           connect: 9292
-         - name: 'identity'
-           accept: 13000
-           connect: 5000
-         - name: 'network'
-           accept: 13696
-           connect: 9696
-         - name: 'compute'
-           accept: 13774
-           connect: 8774
-         - name: 'swift-proxy'
-           accept: 13080
-           connect: 8080
-         - name: 'cinder'
-           accept: 13776
-           connect: 8776
+    default: ''
+    description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
+    type: string
+    hidden: true
+  SSLCACertificate:
+    default: ''
+    description: If set, the contents of an SSL certificate authority file.
+    type: string
+resources:
+  SSLConfig:
+    type: OS::Heat::StructuredConfig
+    properties:
+      group: os-apply-config
+      config:
+        ssl:
+          ca_certificate:
+            get_input: ssl_ca_certificate
+        stunnel:
+          cert:
+            get_input: ssl_certificate
+          key:
+            get_input: ssl_key
+          cacert:
+            get_input: ssl_ca_certificate
+          ports:
+           - name: 'ec2'
+             accept: 13773
+             connect: 8773
+             connect_host:
+               get_input: controller_host
+           - name: 'image'
+             accept: 13292
+             connect: 9292
+             connect_host:
+               get_input: controller_host
+           - name: 'identity'
+             accept: 13000
+             connect: 5000
+             connect_host:
+               get_input: controller_host
+           - name: 'network'
+             accept: 13696
+             connect: 9696
+             connect_host:
+               get_input: controller_host
+           - name: 'compute'
+             accept: 13774
+             connect: 8774
+             connect_host:
+               get_input: controller_host
+           - name: 'swift-proxy'
+             accept: 13080
+             connect: 8080
+             connect_host:
+               get_input: controller_host
+           - name: 'cinder'
+             accept: 13776
+             connect: 8776
+             connect_host:
+               get_input: controller_host
+           - name: 'ceilometer'
+             accept: 13777
+             connect: 8777
+             connect_host:
+               get_input: controller_host