From e5ce5dd1cdf10fc2eabf4e318fadc0757f6c8d1a Mon Sep 17 00:00:00 2001
From: Patrik Lundin <patlu@sunet.se>
Date: Sun, 6 Oct 2024 14:50:07 +0200
Subject: [PATCH] Start managing cdn.conf

---
 .../modules/cdn/templates/mqtt/cdn.conf.erb   | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb

diff --git a/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb b/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb
new file mode 100644
index 0000000..2a47568
--- /dev/null
+++ b/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb
@@ -0,0 +1,19 @@
+listener 8883
+cafile /etc/mosquitto/ca_certificates/ca.crt
+certfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.crt
+keyfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.key
+require_certificate true
+use_identity_as_username true
+acl_file /etc/mosquitto/aclfile
+
+log_type all
+
+<% @bridges.each do |remote_dc, bridge_config| -%>
+connection <%= @dc %>-to-<%= remote_dc %>
+address <%= bridge_config['address'] %>:address <%= bridge_config['port'] %>:
+topic cdn/<%= @dc %>/purge out 1
+bridge_cafile /etc/mosquitto/ca_certificates/ca.crt
+bridge_certfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.crt
+bridge_keyfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.key
+
+<% end -%>