From aa737c5c424fa7fab43b2518e1bda25db9a8241f Mon Sep 17 00:00:00 2001
From: Jonathan Rosser <jonathan.rosser@rd.bbc.co.uk>
Date: Tue, 28 Apr 2020 17:08:44 +0100
Subject: [PATCH] Allow ansible group for self signed certificate distribution
 to be overidden

If this role is used outside the context of openstack-ansible then the
self signed certificate distribution tasks will fail if the haproxy_all
group is not defined, even if self signed certificates are not being used.

Change-Id: Iebc4a293fa8e3566bc910de305e6519a25f2884f
---
 defaults/main.yml                    | 3 +++
 tasks/haproxy_ssl_key_distribute.yml | 8 ++++----
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index f470e66..269261e 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -152,3 +152,6 @@ haproxy_bind_internal_lb_vip_address: "{{ internal_lb_vip_address }}"
 # Make the log socket available to the chrooted filesystem
 haproxy_log_socket: "/dev/log"
 haproxy_log_mount_point: "/var/lib/haproxy/dev/log"
+
+# Ansible group name which should be used for distrtibuting self signed SSL Certificates
+haproxy_ansible_group_name: haproxy_all
diff --git a/tasks/haproxy_ssl_key_distribute.yml b/tasks/haproxy_ssl_key_distribute.yml
index 3bbf8bd..b9e5afe 100644
--- a/tasks/haproxy_ssl_key_distribute.yml
+++ b/tasks/haproxy_ssl_key_distribute.yml
@@ -16,9 +16,9 @@
 - name: Distribute self signed ssl key
   copy:
     dest: "{{ haproxy_ssl_key }}"
-    content: "{{ hostvars[groups['haproxy_all'][0]]['haproxy_ssl_key_fact'] | b64decode }}"
+    content: "{{ hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_key_fact'] | b64decode }}"
     mode: "0640"
-  when: hostvars[groups['haproxy_all'][0]]['haproxy_ssl_key_fact'] is defined
+  when: hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_key_fact'] is defined
   notify:
     - regen pem
   tags:
@@ -27,9 +27,9 @@
 - name: Distribute self signed ssl cert
   copy:
     dest: "{{ haproxy_ssl_cert }}"
-    content: "{{ hostvars[groups['haproxy_all'][0]]['haproxy_ssl_cert_fact'] | b64decode }}"
+    content: "{{ hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_cert_fact'] | b64decode }}"
     mode: "0640"
-  when: hostvars[groups['haproxy_all'][0]]['haproxy_ssl_cert_fact'] is defined
+  when: hostvars[groups[haproxy_ansible_group_name][0]]['haproxy_ssl_cert_fact'] is defined
   notify:
     - regen pem
   tags: