use https for fed-cloud09

files/fedora-cloud/packstack-compute-answers.txt

@@ -83,7 +83,7 @@ CONFIG_AMQP_BACKEND=rabbitmq
 CONFIG_AMQP_HOST={{ controller_public_ip }}
 
 # Enable SSL for the AMQP service
-CONFIG_AMQP_ENABLE_SSL=n
+CONFIG_AMQP_ENABLE_SSL=y
 
 # Enable Authentication for the AMQP service
 CONFIG_AMQP_ENABLE_AUTH=n
@@ -345,15 +345,15 @@ CONFIG_NEUTRON_OVS_TUNNEL_IF=eth1
 CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789
 
 # To set up Horizon communication over https set this to "y"
-CONFIG_HORIZON_SSL=n
+CONFIG_HORIZON_SSL=y
 
 # PEM encoded certificate to be used for ssl on the https server,
 # leave blank if one should be generated, this certificate should not
 # require a passphrase
-CONFIG_SSL_CERT=
+CONFIG_SSL_CERT=/etc/pki/tls/private/fed-cloud09.pem
 
 # Keyfile corresponding to the certificate if one was entered
-CONFIG_SSL_KEY=
+CONFIG_SSL_KEY=/etc/pki/tls/private/fed-cloud09.crt
 
 # The password to use for the Swift to authenticate with Keystone
 CONFIG_SWIFT_KS_PW={{ SWIFT_PASS }}

playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml

@@ -34,6 +34,12 @@
 
   - template: src={{ files }}/hosts dest=/etc/hosts owner=root mode=0644
 
+  - name: add ssl cert
+    copy: src={{ private }}/files/openstack/fed-cloud09.pem dest=/etc/pki/tls/certs/fed-cloud09.pem mode=600 owner=root group=root
+
+  - name: add ssl key
+    copy: src={{ private }}/files/openstack/fed-cloud09.key dest=/etc/pki/tls/private/fed-cloud09.key mode=600 owner=root group=root
+
   # http://docs.openstack.org/trunk/install-guide/install/yum/content/basics-networking.html
   - service: name=NetworkManager state=stopped enabled=no
   - service: name=network state=started enabled=yes