From 5e9e30b207aa532a69bf249b6306231f0625ff94 Mon Sep 17 00:00:00 2001
From: Ricardo Carrillo Cruz <ricardo.carrillo.cruz@gmail.com>
Date: Thu, 15 May 2014 10:01:53 +0000
Subject: [PATCH] Parameterize SSL certificate attributes on review.pp manifest

review.pp manifest contains site specific values for
SSL certificate attributes.
The hostname may change overtime and forces other developers
willing to use the manifest to give SSL certificate names
that are not descriptive of their environment.
This change parameterize those values by adding SSL certificate
parameters on review.pp and gerrit.pp and defining sane
defaults for both.

Closes-Bug: 1319746
Change-Id: I245c3caaf267f3d354daa5c7d5897d62239dcf9e
---
 modules/openstack_project/manifests/gerrit.pp |  6 +++---
 modules/openstack_project/manifests/review.pp | 11 ++++++-----
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/modules/openstack_project/manifests/gerrit.pp b/modules/openstack_project/manifests/gerrit.pp
index 48848abd94..3fe36b71d6 100644
--- a/modules/openstack_project/manifests/gerrit.pp
+++ b/modules/openstack_project/manifests/gerrit.pp
@@ -11,9 +11,9 @@ class openstack_project::gerrit (
   $serveradmin = 'webmaster@openstack.org',
   $ssh_host_key = '/home/gerrit2/review_site/etc/ssh_host_rsa_key',
   $ssh_project_key = '/home/gerrit2/review_site/etc/ssh_project_rsa_key',
-  $ssl_cert_file = '',
-  $ssl_key_file = '',
-  $ssl_chain_file = '',
+  $ssl_cert_file = "/etc/ssl/certs/${::fqdn}.pem",
+  $ssl_key_file = "/etc/ssl/private/${::fqdn}.key",
+  $ssl_chain_file = '/etc/ssl/certs/intermediate.pem',
   $ssl_cert_file_contents = '',
   $ssl_key_file_contents = '',
   $ssl_chain_file_contents = '',
diff --git a/modules/openstack_project/manifests/review.pp b/modules/openstack_project/manifests/review.pp
index 9ec2331787..33ad12d548 100644
--- a/modules/openstack_project/manifests/review.pp
+++ b/modules/openstack_project/manifests/review.pp
@@ -46,8 +46,11 @@ class openstack_project::review (
   $gerritbot_ssh_rsa_key_contents = '',
   $gerritbot_ssh_rsa_pubkey_contents = '',
   # Register SSL keys and pass their contents in.
+  $ssl_cert_file = "/etc/ssl/certs/${::fqdn}.pem",
   $ssl_cert_file_contents = '',
+  $ssl_key_file = "/etc/ssl/private/${::fqdn}.key",
   $ssl_key_file_contents = '',
+  $ssl_chain_file = '/etc/ssl/certs/intermediate.pem',
   $ssl_chain_file_contents = '',
   # Create SSH server key by hand and supply here.
   $ssh_dsa_key_contents = '',
@@ -79,11 +82,9 @@ class openstack_project::review (
 ) {
 
   class { 'openstack_project::gerrit':
-    ssl_cert_file                       =>
-      '/etc/ssl/certs/review.openstack.org.pem',
-    ssl_key_file                        =>
-      '/etc/ssl/private/review.openstack.org.key',
-    ssl_chain_file                      => '/etc/ssl/certs/intermediate.pem',
+    ssl_cert_file                       => $ssl_cert_file,
+    ssl_key_file                        => $ssl_key_file,
+    ssl_chain_file                      => $ssl_chain_file,
     ssl_cert_file_contents              => $ssl_cert_file_contents,
     ssl_key_file_contents               => $ssl_key_file_contents,
     ssl_chain_file_contents             => $ssl_chain_file_contents,