From 7433201bb69f7c4273fb46958b407f12a9b8be54 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Tue, 3 Jun 2014 16:18:27 +0000
Subject: [PATCH] Fix ssl for staging.

---
 .../files/{koji-ssl.conf => koji-ssl.conf.stg}        |  4 ++--
 roles/koji_hub/tasks/main.yml                         | 11 ++++++++---
 2 files changed, 10 insertions(+), 5 deletions(-)
 rename roles/koji_hub/files/{koji-ssl.conf => koji-ssl.conf.stg} (98%)

diff --git a/roles/koji_hub/files/koji-ssl.conf b/roles/koji_hub/files/koji-ssl.conf.stg
similarity index 98%
rename from roles/koji_hub/files/koji-ssl.conf
rename to roles/koji_hub/files/koji-ssl.conf.stg
index 93696c8330..a9b23bf0ba 100644
--- a/roles/koji_hub/files/koji-ssl.conf
+++ b/roles/koji_hub/files/koji-ssl.conf.stg
@@ -109,14 +109,14 @@ SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
 # the certificate is encrypted, then you will be prompted for a
 # pass phrase.  Note that a kill -HUP will prompt again.  A new
 # certificate can be generated using the genkey(1) command.
-SSLCertificateFile /etc/pki/tls/certs/koji_cert.pem
+SSLCertificateFile /etc/pki/tls/certs/koji.stg_cert.pem
 
 #   Server Private Key:
 #   If the key is not combined with the certificate, use this
 #   directive to point at the key file.  Keep in mind that if
 #   you've both a RSA and a DSA private key you can configure
 #   both in parallel (to also allow the use of DSA ciphers, etc.)
-SSLCertificateKeyFile /etc/pki/tls/private/koji_key.pem
+SSLCertificateKeyFile /etc/pki/tls/private/koji.stg_key.pem
 
 #   Server Certificate Chain:
 #   Point SSLCertificateChainFile at a file containing the
diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml
index b15a53d7df..6be6f82934 100644
--- a/roles/koji_hub/tasks/main.yml
+++ b/roles/koji_hub/tasks/main.yml
@@ -60,13 +60,18 @@
   - mash.conf
   - rel-eng.conf
   - repo.conf
-  - kojira.conf
   tags:
   - config
   notify: restart httpd
 
-- name: koji ssl config
-  copy: src=koji-ssl.conf dest=/etc/httpd/conf.d/ssl.conf
+- name: koji staging ssl config
+  copy: src=koji-ssl.conf.stg dest=/etc/httpd/conf.d/ssl.conf
+  tags:
+  - config
+  when: env == "staging"
+
+- name: kojira config
+  copy: src=kojira.conf dest=/etc/kojira/kojira.conf
   tags:
   - config