Redis: Enable SSL

This updates the redis server/client configuration so that ssl is
enabled if the scenario globally enables ssl.

Change-Id: Ic5c2bcc5ec256bc91e2dcd08337f8d1fa0ea49d8

manifests/config.pp

@@ -69,5 +69,5 @@ class openstack_integration::config (
   $base_url           = "${proto}://${ip_for_url}"
   $keystone_auth_uri  = "${base_url}:5000"
   $keystone_admin_uri = "${base_url}:5000"
-  $tooz_url           = "redis://:a_big_secret@${ip_for_url}:6379"
+  $tooz_url           = "redis://:a_big_secret@${ip_for_url}:6379?ssl=${::openstack_integration::config::ssl}"
 }

manifests/redis.pp

@@ -1,9 +1,30 @@
 class openstack_integration::redis {
   include openstack_integration::config
 
+  $port = $openstack_integration::config::ssl ? {
+    true    => 0,
+    default => 6379
+  }
+  $tls_port = $openstack_integration::config::ssl ? {
+    true    => 6379,
+    default => 0
+  }
+
   class { 'redis':
     bind             => $::openstack_integration::config::host,
+    port             => $port,
+    tls_port         => $tls_port,
+    tls_cert_file    => $::openstack_integration::params::cert_path,
+    tls_key_file     => "/etc/redis/ssl/private/${facts['networking']['fqdn']}.pem",
+    tls_ca_cert_file => $::openstack_integration::params::ca_bundle_cert_path,
     ulimit_managed   => false,
     requirepass      => 'a_big_secret',
   }
+
+  if $::openstack_integration::config::ssl {
+    openstack_integration::ssl_key { 'redis':
+      require => Package[$::redis::package_name],
+      notify  => Service[$::redis::service_name],
+    }
+  }
 }