55b83f9e22
This adds a manifest to install the controller components as referenced
in the Infra Cloud guide[1]:
- single-node mysql
- single-node rabbitmq
- keystone using the uuid token provider and apache/wsgi with ssl
- glance api and registry
- neutron server and ml2 linuxbridge plugin and agent supporting a
provider network[2]
- nova api, scheduler, conductor
[1] http://docs.openstack.org/infra/system-config/infra-cloud.html
[2] http://docs.openstack.org/networking-guide/deploy_scenario4b.html
Change-Id: I380f62e48b29103d5abffad24abd9aeca4621f02
54 lines
1.2 KiB
Puppet
54 lines
1.2 KiB
Puppet
define infracloud::ssl(
|
|
$key_content,
|
|
$cert_content,
|
|
$key_path = undef,
|
|
$cert_path = undef,
|
|
) {
|
|
if $key_path == undef {
|
|
$_key_path = "/etc/${name}/ssl/private/${::fqdn}.pem"
|
|
} else {
|
|
$_key_path = $key_path
|
|
}
|
|
if $cert_path == undef {
|
|
$_cert_path = "/etc/${name}/ssl/certs/${::fqdn}.pem"
|
|
} else {
|
|
$_cert_path = $cert_path
|
|
}
|
|
|
|
# If the user isn't providing an unexpected path, create the directory
|
|
# structure.
|
|
if $key_path == undef and $cert_path == undef {
|
|
file { "/etc/${name}/ssl":
|
|
ensure => directory,
|
|
owner => $name,
|
|
mode => '0775',
|
|
}
|
|
file { "/etc/${name}/ssl/private":
|
|
ensure => directory,
|
|
owner => $name,
|
|
mode => '0755',
|
|
require => File["/etc/${name}/ssl"],
|
|
before => File[$_key_path]
|
|
}
|
|
file { "/etc/${name}/ssl/certs":
|
|
ensure => directory,
|
|
owner => $name,
|
|
mode => '0750',
|
|
require => File["/etc/${name}/ssl"],
|
|
before => File[$_cert_path],
|
|
}
|
|
}
|
|
|
|
file { $_key_path:
|
|
ensure => present,
|
|
content => $key_content,
|
|
owner => $name,
|
|
mode => '0600',
|
|
}
|
|
file { $_cert_path:
|
|
ensure => present,
|
|
content => $cert_content,
|
|
mode => '0644',
|
|
}
|
|
}
|