2 changed files with 6 additions and 7 deletions
--- a/global/overlay/etc/puppet/modules/cdn/manifests/mqtt.pp
+++ b/global/overlay/etc/puppet/modules/cdn/manifests/mqtt.pp
@ -9,7 +9,6 @@ class cdn::mqtt(
 )
 {
  include sunet::packages::certbot
  include cdn::ca_trust
  package {'mosquitto': ensure => installed }
--- a/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb
+++ b/global/overlay/etc/puppet/modules/cdn/templates/mqtt/cdn.conf.erb
@ -1,7 +1,7 @@
 listener 8883
-cafile /etc/mosquitto/ca_certificates/chain.pem
+cafile /etc/mosquitto/ca_certificates/ca.crt
-certfile /etc/mosquitto/certs/cert.pem
+certfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.crt
-keyfile /etc/mosquitto/certs/privkey.pem
+keyfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.key
 require_certificate true
 use_identity_as_username true
 acl_file /etc/mosquitto/aclfile
@ -12,8 +12,8 @@ log_type all
 connection <%= @dc %>-to-<%= remote_dc %>
 address <%= bridge_config['address'] %>:address <%= bridge_config['port'] %>:
 topic cdn/<%= @dc %>/purge out 1
-bridge_cafile /usr/local/share/ca-certificates/step_ca_root.crt
+bridge_cafile /etc/mosquitto/ca_certificates/ca.crt
-bridge_certfile /etc/mosquitto/certs/cert.pem
+bridge_certfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.crt
-bridge_keyfile /etc/mosquitto/certs/privkey.pem
+bridge_keyfile /etc/mosquitto/certs/<%= @networking['fqdn'] %>.key
 <% end -%>