From fa745ad9dfc7e2c0a493da339f64683e076cf7d3 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Wed, 17 Jun 2015 15:59:58 +0000
Subject: [PATCH] Try declaring fedmsg certs automatically from our host vars.

---
 roles/fedmsg/base/templates/ssl.py.j2 | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/roles/fedmsg/base/templates/ssl.py.j2 b/roles/fedmsg/base/templates/ssl.py.j2
index 8a28e55256..285b59c76f 100644
--- a/roles/fedmsg/base/templates/ssl.py.j2
+++ b/roles/fedmsg/base/templates/ssl.py.j2
@@ -22,8 +22,16 @@ config = dict(
     crl_cache="/var/run/fedmsg/crl.pem",
     crl_cache_expiry=86400,  # Daily
 
-    certnames=dict(
-    [
+    certnames=dict([
+    # This is the set of certs for this host, dynamically generated from the
+    # ``fedmsg_certs`` host vars
+    {% for cert in fedmsg_certs %}
+       ("{{cert['service']}}.{{inventory_hostname_short}}",
+        "{{cert['service']}}-{{fedmsg_fqdn | default(ansible_fqdn)}}"),
+    {% endfor %}
+    ] + [
+        # This is the beginning of the static list.  We should eventually remove
+        # this.
         ("bugzilla.bugzilla2fedmsg01", "bugzilla2fedmsg-bugzilla2fedmsg01.%s" % suffix)
     ] + [
         ("shell.bugzilla2fedmsg01", "shell-bugzilla2fedmsg01.%s" % suffix)