Merge pull request #9 from awood/master

Update Candlepin configuration
theforeman · Jul 1, 2014 · e940ba2 · e940ba2
2 parents a5bc5ea + 4a3d73a
commit e940ba2
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 7 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -77,12 +77,14 @@
 
   $ca_key = $candlepin::params::ca_key,
   $ca_cert = $candlepin::params::ca_crt,
-  $ca_key_password = $candlepin::params::ca_key_password
+  $ca_key_password = $candlepin::params::ca_key_password,
+  $qpid_ssl_port = $candlepin::params::qpid_ssl_port
 
   ) inherits candlepin::params {
 
   $weburl = "https://${::fqdn}/${candlepin::deployment_url}/distributors?uuid="
   $apiurl = "https://${::fqdn}/${candlepin::deployment_url}/api/distributors/"
+  $amqpurl = "tcp://${::fqdn}:${qpid_ssl_port}?ssl='true'&ssl_cert_alias='amqp-client'"
 
   class { 'candlepin::install': } ~>
   class { 'candlepin::config': } ~>

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -16,6 +16,8 @@
 
   # this comes from keystore
   $db_password = cache_data('candlepin_db_password', random_password(32))
+  $amqp_keystore_password = $::certs::candlepin::keystore_password
+  $amqp_truststore_password = $::certs::candlepin::keystore_password
 
   # where to store output from cpsetup execution
   $log_dir  = '/var/log/candlepin'
@@ -39,4 +41,6 @@
 
   $deployment_url = 'candlepin'
 
+  $qpid_ssl_port = 5671
+
 }
diff --git a/templates/candlepin.conf.erb b/templates/candlepin.conf.erb
@@ -16,6 +16,11 @@ candlepin.auth.trusted.enable = false
 candlepin.enable_cert_v3=true
 candlepin.export.prefix.weburl=<%= @weburl %>
 candlepin.export.prefix.apiurl=<%= @apiurl %>
+# enable events via AMQP
+candlepin.amqp.enable=true
+candlepin.amqp.connect=<%= @amqpurl %>
+candlepin.amqp.keystore_password=<%= @amqp_keystore_password %>
+candlepin.amqp.truststore_password=<%= @amqp_truststore_password %>
 
 <% if @oauth_key != "" -%>
 module.config.katello=org.candlepin.katello.KatelloModule

diff --git a/templates/tomcat/server.xml.erb b/templates/tomcat/server.xml.erb
@@ -100,9 +100,7 @@
                     TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
                     TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
                     TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
-                    TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA,
-                    TLS_ECDH_anon_WITH_AES_128_CBC_SHA,
-                    TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
+                    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
                truststorePass="<%= scope.lookupvar("candlepin::keystore_password") %>" />
 
     <!-- Define an AJP 1.3 Connector on port 8009 -->

diff --git a/templates/tomcat6/server.xml.erb b/templates/tomcat6/server.xml.erb
@@ -101,9 +101,7 @@
                     TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
                     TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
                     TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
-                    TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA,
-                    TLS_ECDH_anon_WITH_AES_128_CBC_SHA,
-                    TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
+                    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
                truststorePass="<%= scope.lookupvar("candlepin::keystore_password") %>" />
 
     <!-- Define an AJP 1.3 Connector on port 8009 -->