350
355
ctxt['ssl_key'] = key
360
class ConsoleSSLContext(context.OSContextGenerator):
365
from nova_cc_utils import console_attributes
367
if (config('console-ssl-cert') and
368
config('console-ssl-key') and
369
config('console-access-protocol')):
370
ssl_dir = '/etc/nova/ssl/'
371
if not os.path.exists(ssl_dir):
372
log('Creating %s.' % ssl_dir, level=DEBUG)
375
cert_path = os.path.join(ssl_dir, 'nova_cert.pem')
376
decode_ssl_cert = b64decode(config('console-ssl-cert'))
378
key_path = os.path.join(ssl_dir, 'nova_key.pem')
379
decode_ssl_key = b64decode(config('console-ssl-key'))
381
with open(cert_path, 'w') as fh:
382
fh.write(decode_ssl_cert)
383
with open(key_path, 'w') as fh:
384
fh.write(decode_ssl_key)
386
ctxt['ssl_only'] = True
387
ctxt['ssl_cert'] = cert_path
388
ctxt['ssl_key'] = key_path
391
ip_addr = resolve_address(endpoint_type=PUBLIC)
393
ip_addr = unit_get('private-address')
395
ip_addr = format_ipv6_addr(ip_addr) or ip_addr
397
_proto = config('console-access-protocol')
398
url = "https://%s:%s%s" % (
400
console_attributes('proxy-port', proto=_proto),
401
console_attributes('proxy-page', proto=_proto))
403
if _proto == 'novnc':
404
ctxt['novncproxy_base_url'] = url
405
elif _proto == 'spice':
406
ctxt['html5proxy_base_url'] = url