Use the rabbitmq certs
This commit is contained in:
Aurélien Bompard
parent
1d4dd97959
commit
bf895f0aa6
3 changed files with 30 additions and 8 deletions
|
|
@ -26,6 +26,16 @@
|
||||||
secret_name: fedmsg-cert
|
secret_name: fedmsg-cert
|
||||||
key: fedmsg-fedmsg-migration-tools.crt
|
key: fedmsg-fedmsg-migration-tools.crt
|
||||||
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt"
|
privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt"
|
||||||
|
- role: openshift/secret-file
|
||||||
|
app: messaging-bridges
|
||||||
|
secret_name: rabbitmq-key
|
||||||
|
key: rabbitmq-fedmsg-migration-tools.key
|
||||||
|
privatefile: "rabbitmq/{{env}}/pki/private/messaging-bridge{{env_suffix}}.fedoraproject.org.crt"
|
||||||
|
- role: openshift/secret-file
|
||||||
|
app: messaging-bridges
|
||||||
|
secret_name: rabbitmq-cert
|
||||||
|
key: rabbitmq-fedmsg-migration-tools.crt
|
||||||
|
privatefile: "rabbitmq/{{env}}/pki/issued/messaging-bridge{{env_suffix}}.fedoraproject.org.crt"
|
||||||
|
|
||||||
- role: openshift/object
|
- role: openshift/object
|
||||||
app: messaging-bridges
|
app: messaging-bridges
|
||||||
|
|
|
||||||
|
|
@ -42,6 +42,12 @@ items:
|
||||||
- name: fedmsg-crt-volume
|
- name: fedmsg-crt-volume
|
||||||
mountPath: /etc/pki/fedmsg/crt
|
mountPath: /etc/pki/fedmsg/crt
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- name: rabbitmq-key-volume
|
||||||
|
mountPath: /etc/pki/rabbitmq/key
|
||||||
|
readOnly: true
|
||||||
|
- name: rabbitmq-crt-volume
|
||||||
|
mountPath: /etc/pki/rabbitmq/crt
|
||||||
|
readOnly: true
|
||||||
#readinessProbe:
|
#readinessProbe:
|
||||||
# timeoutSeconds: 1
|
# timeoutSeconds: 1
|
||||||
# initialDelaySeconds: 5
|
# initialDelaySeconds: 5
|
||||||
|
|
@ -67,6 +73,12 @@ items:
|
||||||
- name: fedmsg-crt-volume
|
- name: fedmsg-crt-volume
|
||||||
secret:
|
secret:
|
||||||
secretName: fedmsg-cert
|
secretName: fedmsg-cert
|
||||||
|
- name: rabbitmq-key-volume
|
||||||
|
secret:
|
||||||
|
secretName: rabbitmq-key
|
||||||
|
- name: rabbitmq-crt-volume
|
||||||
|
secret:
|
||||||
|
secretName: rabbitmq-cert
|
||||||
|
|
||||||
triggers:
|
triggers:
|
||||||
- type: ConfigChange
|
- type: ConfigChange
|
||||||
|
|
|
||||||
|
|
@ -10,10 +10,10 @@ data:
|
||||||
amqp_url = "amqp://rabbitmq01{{ env_suffix }}.phx2.fedoraproject.org"
|
amqp_url = "amqp://rabbitmq01{{ env_suffix }}.phx2.fedoraproject.org"
|
||||||
publish_exchange = "amq.topic"
|
publish_exchange = "amq.topic"
|
||||||
|
|
||||||
#[tls]
|
[tls]
|
||||||
#ca_cert = "/etc/pki/tls/certs/ca-bundle.crt"
|
ca_cert = "/etc/pki/tls/certs/ca-bundle.crt"
|
||||||
#keyfile = "/my/client/key.pem"
|
keyfile = "/etc/pki/rabbitmq/key/rabbitmq-fedmsg-migration-tools.key"
|
||||||
#certfile = "/my/client/cert.pem"
|
certfile = "/etc/pki/rabbitmq/crt/rabbitmq-fedmsg-migration-tools.crt"
|
||||||
|
|
||||||
[client_properties]
|
[client_properties]
|
||||||
app = "fedmsg-migration-tools"
|
app = "fedmsg-migration-tools"
|
||||||
|
|
@ -51,10 +51,10 @@ data:
|
||||||
exchange = "amq.topic"
|
exchange = "amq.topic"
|
||||||
routing_keys = ["#"]
|
routing_keys = ["#"]
|
||||||
|
|
||||||
#[tls]
|
[tls]
|
||||||
#ca_cert = "/etc/pki/tls/certs/ca-bundle.crt"
|
ca_cert = "/etc/pki/tls/certs/ca-bundle.crt"
|
||||||
#keyfile = "/my/client/key.pem"
|
keyfile = "/etc/pki/rabbitmq/key/rabbitmq-fedmsg-migration-tools.key"
|
||||||
#certfile = "/my/client/cert.pem"
|
certfile = "/etc/pki/rabbitmq/crt/rabbitmq-fedmsg-migration-tools.crt"
|
||||||
|
|
||||||
[client_properties]
|
[client_properties]
|
||||||
app = "AMQP to ZMQ"
|
app = "AMQP to ZMQ"
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue