Deploy f-messaging certs for faf

Signed-off-by: Martin Kutlak <mkutlak@redhat.com>

roles/abrt/faf/tasks/config.yml

@@ -8,6 +8,30 @@
 - name: create the config folder for fedora-messaging
   file: path=/etc/fedora-messaging/ owner=root group=root mode=0755 state=directory
 
+- name: create folders where we place certs for fedora-messaging
+  file: path=/etc/fedora-messaging/faf owner=root group=root mode=0755 state=directory
+
+- name: install certs for fedora-messaging
+  copy: src={{ item.src }}
+        dest=/etc/fedora-messaging/faf/{{ item.dest }}
+        owner={{ item.owner }} group=root mode={{ item.mode }}
+  loop:
+    - { src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt",
+        dest: "ca.crt",
+        owner: faf,
+        mode: 0644
+      }
+    - { src: "{{private}}/files/rabbitmq/{{env}}/pki/private/faf.key",
+        dest: "faf.key",
+        owner: faf,
+        mode: "600"
+      }
+    - { src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/faf.crt",
+        dest: "faf.crt",
+        owner: faf,
+        mode: 0644
+      }
+
 - name: provide configuration for fedora-messaging
   template: src=etc-fedora-messaging-config.toml.j2
             dest=/etc/fedora-messaging/config.toml

roles/abrt/faf/templates/etc-fedora-messaging-config.toml.j2

@@ -15,5 +15,10 @@ passive_declares = true
       topic_prefix = "org.fedoraproject.prod"
 {% endif %}
 
+[tls]
+ca_cert = "/etc/fedora-messaging/faf/ca.crt"
+keyfile = "/etc/fedora-messaging/faf/faf.key"
+certfile = "/etc/fedora-messaging/faf/faf.crt"
+
 [client_properties]
 app = "FAF"