Eevans has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/342088 )
Change subject: WIP: TLS configuration for RESTBase ...................................................................... WIP: TLS configuration for RESTBase Change-Id: I8e7348cd39cf62cac66305c6f29defdaa1341668 --- M hieradata/regex.yaml M modules/restbase/manifests/init.pp M modules/restbase/templates/config.yaml.erb 3 files changed, 14 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/88/342088/1 diff --git a/hieradata/regex.yaml b/hieradata/regex.yaml index c69afa3..cccb5f4 100644 --- a/hieradata/regex.yaml +++ b/hieradata/regex.yaml @@ -201,6 +201,10 @@ restbase::skip_updates: true cassandra::start_rpc: 'true' cassandra::target_version: '2.2' + cassandra::cassandra_tls: + key: foo + cert: bar + ca: baz cassandra_test_codfw: __regex: !ruby/regexp /^restbase-test200[1-3]\.codfw\.wmnet$/ diff --git a/modules/restbase/manifests/init.pp b/modules/restbase/manifests/init.pp index fba046a..7740a4c 100644 --- a/modules/restbase/manifests/init.pp +++ b/modules/restbase/manifests/init.pp @@ -25,6 +25,9 @@ # [*cassandra_datacenters*] # The full list of member datacenters. # +# [*cassandra_tls*] +# An associative array of TLS options for the Cassandra driver. +# # [*port*] # Port where to run the restbase service. Default: 7231 # @@ -100,6 +103,7 @@ $cassandra_default_consistency = 'localQuorum', $cassandra_local_dc = 'datacenter1', $cassandra_datacenters = [ 'datacenter1' ], + $cassandra_tls = undef, $port = 7231, $salt_key = 'secretkey', $page_size = 250, diff --git a/modules/restbase/templates/config.yaml.erb b/modules/restbase/templates/config.yaml.erb index ada8eb1..28a1f22 100644 --- a/modules/restbase/templates/config.yaml.erb +++ b/modules/restbase/templates/config.yaml.erb @@ -23,6 +23,12 @@ username: <%= @cassandra_user %> password: <%= @cassandra_password %> defaultConsistency: <%= @cassandra_default_consistency %> + <% if @cassandra_tls.keys.size > 0 %> + tls: + <% @cassandra_tls.keys.sort.each do |tls_key| -%> + <%= tls_key %>: <%= @cassandra_tls[tls_key] %> + <% end -> + <% end %> storage_groups: - name: phase0.group.local domains: -- To view, visit https://gerrit.wikimedia.org/r/342088 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I8e7348cd39cf62cac66305c6f29defdaa1341668 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Eevans <eev...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits