diff --git a/files/fedora-cloud/packstack-compute-answers.txt b/files/fedora-cloud/packstack-compute-answers.txt index 4f31f425d1..3144389092 100644 --- a/files/fedora-cloud/packstack-compute-answers.txt +++ b/files/fedora-cloud/packstack-compute-answers.txt @@ -83,7 +83,7 @@ CONFIG_AMQP_BACKEND=rabbitmq CONFIG_AMQP_HOST={{ controller_public_ip }} # Enable SSL for the AMQP service -CONFIG_AMQP_ENABLE_SSL=n +CONFIG_AMQP_ENABLE_SSL=y # Enable Authentication for the AMQP service CONFIG_AMQP_ENABLE_AUTH=n @@ -345,15 +345,15 @@ CONFIG_NEUTRON_OVS_TUNNEL_IF=eth1 CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 # To set up Horizon communication over https set this to "y" -CONFIG_HORIZON_SSL=n +CONFIG_HORIZON_SSL=y # PEM encoded certificate to be used for ssl on the https server, # leave blank if one should be generated, this certificate should not # require a passphrase -CONFIG_SSL_CERT= +CONFIG_SSL_CERT=/etc/pki/tls/private/fed-cloud09.pem # Keyfile corresponding to the certificate if one was entered -CONFIG_SSL_KEY= +CONFIG_SSL_KEY=/etc/pki/tls/private/fed-cloud09.crt # The password to use for the Swift to authenticate with Keystone CONFIG_SWIFT_KS_PW={{ SWIFT_PASS }} diff --git a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml index 10712a312c..7e92214a02 100644 --- a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml +++ b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml @@ -34,6 +34,12 @@ - template: src={{ files }}/hosts dest=/etc/hosts owner=root mode=0644 + - name: add ssl cert + copy: src={{ private }}/files/openstack/fed-cloud09.pem dest=/etc/pki/tls/certs/fed-cloud09.pem mode=600 owner=root group=root + + - name: add ssl key + copy: src={{ private }}/files/openstack/fed-cloud09.key dest=/etc/pki/tls/private/fed-cloud09.key mode=600 owner=root group=root + # http://docs.openstack.org/trunk/install-guide/install/yum/content/basics-networking.html - service: name=NetworkManager state=stopped enabled=no - service: name=network state=started enabled=yes