From d146beeb918b42b61c6bc5ef51bf85ad4eda7e7a Mon Sep 17 00:00:00 2001
From: Jose Luis Franco Arza <jfrancoa@redhat.com>
Date: Wed, 19 Jul 2017 09:26:35 +0200
Subject: [PATCH] Set right endpoint IP in ssh tunnel

Depending on the TripleO configuration, the endpoints can be deployed
with tls or without it. The public endpoint IP will defer depending on this
setting, therefor it should be taken into account when assigning the
ssh tunnel IP. Otherwise traffic is not correctly tunnel when TripleO is
deployed with tls (undercloud_generate_service_certificate = true)

Change-Id: I0f312f78a87182116e0c4b274ed145f3f08c8197
---
 roles/libvirt/setup/undercloud/defaults/main.yml               | 1 -
 roles/libvirt/setup/undercloud/templates/ssh-tunnel.service.j2 | 2 ++
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/libvirt/setup/undercloud/defaults/main.yml b/roles/libvirt/setup/undercloud/defaults/main.yml
index cf100dfe6..567eeb5dc 100644
--- a/roles/libvirt/setup/undercloud/defaults/main.yml
+++ b/roles/libvirt/setup/undercloud/defaults/main.yml
@@ -6,4 +6,3 @@ undercloud_custom_vmlinuz: "{{ working_dir }}/overcloud-full.vmlinuz"
 undercloud_custom_initrd: "{{ working_dir }}/overcloud-full.initrd"
 
 ssh_tunnel_service_file: ssh-tunnel.service.j2
-ssh_tunnel_target_ip: "{{ undercloud_network_cidr|nthhost(1) }}"
diff --git a/roles/libvirt/setup/undercloud/templates/ssh-tunnel.service.j2 b/roles/libvirt/setup/undercloud/templates/ssh-tunnel.service.j2
index 95b4f5a02..c28d4b279 100644
--- a/roles/libvirt/setup/undercloud/templates/ssh-tunnel.service.j2
+++ b/roles/libvirt/setup/undercloud/templates/ssh-tunnel.service.j2
@@ -1,3 +1,5 @@
+{% set ssh_tunnel_target_ip = "https://%s" % undercloud_network_cidr|nthhost(2)  if undercloud_generate_service_certificate|bool else "http://%s:3000" % undercloud_network_cidr|nthhost(1) %}
+
 [Unit]
 Description=Set up ssh tunneling for TripleO
 After=network.target