Copy ODCS rabbitmq certs to /etc/odcs

2019-10-22 08:39:33 +00:00 · 2019-10-22 08:39:33 +00:00 · a72e70f698
commit a72e70f698
parent 343eea7df5
2 changed files with 39 additions and 3 deletions
--- a/roles/odcs/base/tasks/main.yml
+++ b/roles/odcs/base/tasks/main.yml
@ -196,3 +196,39 @@
  - odcs
  - odcs/backend

+- name: copy the odcs rabbitmq crt.
+  copy:
+    src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/odcs-private-queue{{env_suffix}}.crt"
+    dest: /etc/odcs/odcs-private-queue.crt
+    owner: odcs
+    group: fedmsg
+    mode: 0640
+  tags:
+  - odcs
+  - odcs/backend
+  - odcs/frontend
+
+- name: copy the odcs rabbitmq key.
+  copy:
+    src: "{{private}}/files/rabbitmq/{{env}}/pki/private/odcs-private-queue{{env_suffix}}.key"
+    dest: /etc/odcs/odcs-private-queue.key
+    owner: odcs
+    group: fedmsg
+    mode: 0640
+  tags:
+  - odcs
+  - odcs/backend
+  - odcs/frontend
+
+- name: copy the odcs rabbitmq CA cert.
+  copy:
+    src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt"
+    dest: /etc/odcs/ca.crt
+    owner: odcs
+    group: fedmsg
+    mode: 0640
+  tags:
+  - odcs
+  - odcs/backend
+  - odcs/frontend
+
--- a/roles/odcs/base/templates/etc/odcs/config.py.j2
+++ b/roles/odcs/base/templates/etc/odcs/config.py.j2
@ -155,9 +155,9 @@ class ProdConfiguration(BaseConfiguration):

    CELERY_BROKER_URL = "amqps://odcs-private-queue{{ env_suffix }}@rabbitmq01{{ env_suffix }}.phx2.fedoraproject.org/odcs"
    CELERY_CONFIG = {
-        'certfile': "{{private}}/files/rabbitmq/{{env}}/pki/issued/odcs-private-queue{{env_suffix}}.crt",
-        'keyfile': "{{private}}/files/rabbitmq/{{env}}/pki/private/odcs-private-queue{{env_suffix}}.key",
-        'ca_certs': "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt",
+        'certfile': "/etc/odcs/odcs-private-queue.crt",
+        'keyfile': "/etc/odcs/odcs-private-queue.key",
+        'ca_certs': "/etc/odcs/ca.crt",
    }

 {% if odcs_celery_router_config %}