← Back to branch summary

~corey.bryant/charms/trusty/keystone/python-six

« back to all changes in this revision

Viewing changes to hooks/charmhelpers/contrib/hahelpers/apache.py

  • Committer: James Page
  • Date: 2014-03-27 10:54:38 UTC
  • mfrom: (55.1.22 keystone)
  • mto: (52.4.7 keystone)
  • mto: This revision was merged to the branch mainline in revision 60.
  • Revision ID: james.page@canonical.com-20140327105438-oid8czi9ud51iut1
Merge ssl-everywhere branch (may break stuff)

Show diffs side-by-side

added added

removed removed

Lines of Context:
hooks/charmhelpers/contrib/hahelpers/apache.py
 
1
#
 
2
# Copyright 2012 Canonical Ltd.
 
3
#
 
4
# This file is sourced from lp:openstack-charm-helpers
 
5
#
 
6
# Authors:
 
7
#  James Page <james.page@ubuntu.com>
 
8
#  Adam Gandelman <adamg@ubuntu.com>
 
9
#
 
10
 
 
11
import subprocess
 
12
 
 
13
from charmhelpers.core.hookenv import (
 
14
    config as config_get,
 
15
    relation_get,
 
16
    relation_ids,
 
17
    related_units as relation_list,
 
18
    log,
 
19
    INFO,
 
20
)
 
21
 
 
22
 
 
23
def get_cert():
 
24
    cert = config_get('ssl_cert')
 
25
    key = config_get('ssl_key')
 
26
    if not (cert and key):
 
27
        log("Inspecting identity-service relations for SSL certificate.",
 
28
            level=INFO)
 
29
        cert = key = None
 
30
        for r_id in relation_ids('identity-service'):
 
31
            for unit in relation_list(r_id):
 
32
                if not cert:
 
33
                    cert = relation_get('ssl_cert',
 
34
                                        rid=r_id, unit=unit)
 
35
                if not key:
 
36
                    key = relation_get('ssl_key',
 
37
                                       rid=r_id, unit=unit)
 
38
    return (cert, key)
 
39
 
 
40
 
 
41
def get_ca_cert():
 
42
    ca_cert = config_get('ssl_ca')
 
43
    if ca_cert is None:
 
44
        log("Inspecting identity-service relations for CA SSL certificate.",
 
45
            level=INFO)
 
46
        for r_id in relation_ids('identity-service'):
 
47
            for unit in relation_list(r_id):
 
48
                if ca_cert is None:
 
49
                    ca_cert = relation_get('ca_cert',
 
50
                                           rid=r_id, unit=unit)
 
51
    return ca_cert
 
52
 
 
53
 
 
54
def install_ca_cert(ca_cert):
 
55
    if ca_cert:
 
56
        with open('/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt',
 
57
                  'w') as crt:
 
58
            crt.write(ca_cert)
 
59
        subprocess.check_call(['update-ca-certificates', '--fresh'])