--- # Copyright 2018, Red Hat, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # defaults file for ansible-qdrouterd # Package install state, options are 'present' and 'latest' qdrouterd_package_state: "latest" # Inventory group containg the hosts for the mesh qdrouterd_host_group: "qdrouterd_all" # Qdrouterd Service config qdrouterd_service_name: "{{ _qdrouterd_service_name }}" qdrouterd_etc_conf_path: "{{ _qdrouterd_etc_conf_path }}" qdrouterd_etc_conf_file: "{{ _qdrouterd_etc_conf_file }}" qdrouterd_log_file: "/var/log/qdrouterd/qdrouterd.log" # Qdrouterd router config qdrouterd_host_count: "{{ groups['qdrouterd_all'] | length}}" qdrouterd_mode: "{% if qdrouterd_host_count == '1' %}standalone{% else %}interior{% endif %}" qdrouterd_listener_addr: 0.0.0.0 qdrouterd_listener_port: 31459 qdrouterd_listener_auth_peer: "no" qdrouterd_listener_sasl_mech: "ANONYMOUS" qdrouterd_irl_addr: 0.0.0.0 qdrouterd_irl_port: 31460 qdrouterd_irl_auth_peer: "no" qdrouterd_irl_sasl_mech: "ANONYMOUS" qdrouterd_worker_threads: 4 qdrouterd_sasl_conf_path: "/etc/sasl2" qdrouterd_sasl_conf_file: "/etc/sasl2/qdrouterd.conf" qdrouterd_log_module: "DEFAULT" qdrouterd_log_enable: "info+" # Qdrouterd SSL support qdrouterd_require_ssl: "yes" qdrouterd_ssl_cert: "{{ qdrouterd_etc_conf_path }}/qdrouterd.pem" qdrouterd_ssl_key: "{{ qdrouterd_etc_conf_path }}/qdrouterd.key" #qdrouterd_ssl_ca_cert: "{{ qdrouterd_etc_conf_path }}/qdrouterd-ca.pem" # Set qdrouterd_ssl_sefl_signed_regen to true if you want to generate a new # SSL certificate for Qdrouterd when this playbook runs. You can also change # the subject of the self-signed certificate here if you prefer. qdrouterd_ssl_self_signed_regen: false qdrouterd_ssl_self_signed_subject: "/C=US/ST=Massachusetts/L=Boston/O=IT/CN={{ ansible_hostname }}" # Define user-provided SSL certificates in: # /etc/openstack_deploy/user_variables.yml #qdrouterd_user_ssl_cert: #qdrouterd_user_ssl_key: #qdrouterd_user_ssl_ca_cert: