Code Review / apex-puppet-tripleo.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: ee2a53a) | patch
Ensure directory exists for certificates for haproxy
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>
Wed, 2 Aug 2017 07:19:48 +0000 (10:19 +0300)
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>
Wed, 2 Aug 2017 08:13:00 +0000 (11:13 +0300)
commita9695bd47038776ee4e38c584b593551c1f64250
tree02560c6c22da0afefa2f4121b40ffec83a284e2btree | snapshot
parentee2a53afb1ad8f45be7d3986f5de2b6731048c65commit | diff
Ensure directory exists for certificates for haproxy

We used to rely on a standard directory for the certificates and keys
that are requested by certmonger. However, given the approach we plan to
take for containers that's described in the blueprint, we need to use
service-specific directories for the certs/keys, since we plan to
bind-mount these into the containers, and we don't want to bind mount
any keys/certs from other services.

Thus, we start by creating this directories if they don't exist in the
filesystem and adding the proper selinux labels.

bp tls-via-certmonger-containers

Change-Id: Iba3adb9464a755e67c6f87d1233b3affa8be565a
manifests/certmonger/haproxy.pp diff | blob | history
manifests/certmonger/haproxy_dirs.pp [new file with mode: 0644] blob
manifests/profile/base/certmonger_user.pp diff | blob | history