From 1ae06103e296ae03a2f0546278c02261cffc37bf Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Mon, 17 May 2021 09:26:10 +0000 Subject: [PATCH] Add variables for rabbitmq ssl configuration Change-Id: Ia2fef44b3ab22b9dfe35dad61d02b1bf8b3e31b5 --- defaults/main.yml | 4 ++++ templates/designate.conf.j2 | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index e4d97d0..78cebe2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -79,6 +79,8 @@ designate_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}" designate_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}" designate_oslomsg_rpc_userid: designate-rpc designate_oslomsg_rpc_vhost: /designate +designate_oslomsg_rpc_ssl_version: "{{ oslomsg_rpc_ssl_version | default('TLSv1_2') }}" +designate_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}" # Notify designate_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}" @@ -90,6 +92,8 @@ designate_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }} designate_oslomsg_notify_userid: "{{ designate_oslomsg_rpc_userid }}" designate_oslomsg_notify_password: "{{ designate_oslomsg_rpc_password }}" designate_oslomsg_notify_vhost: "{{ designate_oslomsg_rpc_vhost }}" +designate_oslomsg_notify_ssl_version: "{{ oslomsg_notify_ssl_version | default('TLSv1_2') }}" +designate_oslomsg_notify_ssl_ca_file: "{{ oslomsg_notify_ssl_ca_file | default('') }}" ## (Qdrouterd) info # TODO(ansmith): Change structure when more backends will be supported diff --git a/templates/designate.conf.j2 b/templates/designate.conf.j2 index b87312a..8944da3 100644 --- a/templates/designate.conf.j2 +++ b/templates/designate.conf.j2 @@ -24,7 +24,7 @@ root_helper = sudo designate-rootwrap /etc/designate/rootwrap.conf #network_api = neutron ## RabbitMQ RPC -transport_url = {{ designate_oslomsg_rpc_transport }}://{% for host in designate_oslomsg_rpc_servers.split(',') %}{{ designate_oslomsg_rpc_userid }}:{{ designate_oslomsg_rpc_password }}@{{ host }}:{{ designate_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ designate_oslomsg_rpc_vhost }}{% if designate_oslomsg_rpc_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} +transport_url = {{ designate_oslomsg_rpc_transport }}://{% for host in designate_oslomsg_rpc_servers.split(',') %}{{ designate_oslomsg_rpc_userid }}:{{ designate_oslomsg_rpc_password }}@{{ host }}:{{ designate_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ designate_oslomsg_rpc_vhost }}{% if designate_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ designate_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ designate_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} # RabbitMQ Config [oslo_messaging_rabbit] @@ -34,7 +34,7 @@ rabbit_notification_topic = notifications [oslo_messaging_notifications] driver = {{ (designate_ceilometer_enabled | bool) | ternary('messagingv2', 'noop') }} -transport_url = {{ designate_oslomsg_notify_transport }}://{% for host in designate_oslomsg_notify_servers.split(',') %}{{ designate_oslomsg_notify_userid }}:{{ designate_oslomsg_notify_password }}@{{ host }}:{{ designate_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ designate_oslomsg_notify_vhost }}{% if designate_oslomsg_notify_use_ssl | bool %}?ssl=1{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} +transport_url = {{ designate_oslomsg_notify_transport }}://{% for host in designate_oslomsg_notify_servers.split(',') %}{{ designate_oslomsg_notify_userid }}:{{ designate_oslomsg_notify_password }}@{{ host }}:{{ designate_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ designate_oslomsg_notify_vhost }}{% if designate_oslomsg_notify_use_ssl | bool %}?ssl=1&ssl_version={{ designate_oslomsg_notify_ssl_version }}&ssl_ca_file={{ designate_oslomsg_notify_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %} ######################## ## Service Configuration