From 265f7d478f749a18216d5e83176a176047272ed6 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Tue, 24 Jun 2014 15:12:53 +0000
Subject: [PATCH] Look for certs in all the right places.

---
 roles/bugzilla2fedmsg/tasks/main.yml                | 2 ++
 roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini | 8 ++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/roles/bugzilla2fedmsg/tasks/main.yml b/roles/bugzilla2fedmsg/tasks/main.yml
index 994fc28dd0..e5fc7e0106 100644
--- a/roles/bugzilla2fedmsg/tasks/main.yml
+++ b/roles/bugzilla2fedmsg/tasks/main.yml
@@ -39,6 +39,7 @@
   copy: >
     src="{{ private }}/files/bugzilla2fedmsg/{{ item }}"
     dest="/etc/pki/fedmsg/{{ item }}"
+    mode=0640 owner=fedmsg group=fedmsg
   with_items:
   - fedora.devel.engineering.redhat.com.crt
   - fedora.devel.engineering.redhat.com.key
@@ -50,6 +51,7 @@
   copy: >
     src="{{ private }}/files/bugzilla2fedmsg/{{ item }}"
     dest="/etc/pki/fedmsg/{{ item }}"
+    mode=0640 owner=fedmsg group=fedmsg
   with_items:
   - fuse-fabric-fedoraproject.org.crt 
   - fuse-fabric-fedoraproject.org.key
diff --git a/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini b/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini
index e3f7ef6df7..eab2635f12 100644
--- a/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini
+++ b/roles/bugzilla2fedmsg/templates/bugzilla2fedmsg.ini
@@ -17,12 +17,12 @@ bugzilla.password = {{ bugzilla_password }}
 # Stomp broker configuration.
 {% if env == 'staging' %}
 stomp_uri = fuse-fabric-01.stg.jboss.org:61617,fuse-fabric-02.stg.jboss.org:61617,fuse-fabric-03.stg.jboss.org:61617
-stomp_ssl_crt = /etc/fedmsg/pki/fedora.devel.engineering.redhat.com.crt
-stomp_ssl_key = /etc/fedmsg/pki/fedora.devel.engineering.redhat.com.key
+stomp_ssl_crt = /etc/pki/fedmsg/fedora.devel.engineering.redhat.com.crt
+stomp_ssl_key = /etc/pki/fedmsg/fedora.devel.engineering.redhat.com.key
 {% else %}
 stomp_uri = fuse-fabric-01.jboss.org:61617,fuse-fabric-02.jboss.org:61617,fuse-fabric-03.jboss.org:61617
-stomp_ssl_crt = /etc/fedmsg/pki/fuse-fabric-fedoraproject.org.crt
-stomp_ssl_key = /etc/fedmsg/pki/fuse-fabric-fedoraproject.org.key
+stomp_ssl_crt = /etc/pki/fedmsg/fuse-fabric-fedoraproject.org.crt
+stomp_ssl_key = /etc/pki/fedmsg/fuse-fabric-fedoraproject.org.key
 {% endif %}
 
 stomp_user = {{ redhat_dmz_broker_username }}