From 8322306912c3983dda3609f8995d1ecf5f082aa1 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Tue, 27 May 2014 19:31:01 +0000
Subject: [PATCH] Get the fedmsg crl directly from proxy01.stg in staging.

---
 roles/fedmsg/base/templates/ssl.py.j2 | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/fedmsg/base/templates/ssl.py.j2 b/roles/fedmsg/base/templates/ssl.py.j2
index 0952ee11d6..47fcc96eb0 100644
--- a/roles/fedmsg/base/templates/ssl.py.j2
+++ b/roles/fedmsg/base/templates/ssl.py.j2
@@ -27,7 +27,12 @@ config = dict(
     validate_signatures=True,
     ssldir="/etc/pki/fedmsg",
 
+    {% if env == 'staging' %}
+    # In staging, we use the internal IP of proxy01 without ssl.
+    crl_location="http://10.5.126.88/fedmsg/crl.pem",
+    {% else %}
     crl_location="https://fedoraproject.org/fedmsg/crl.pem",
+    {% endif %}
     crl_cache="/var/run/fedmsg/crl.pem",
     crl_cache_expiry=86400,  # Daily