summaryrefslogtreecommitdiffstats
path: root/roles/openshift_hosted
diff options
context:
space:
mode:
authorKenny Woodson <kwoodson@redhat.com>2017-06-26 18:53:03 -0400
committerKenny Woodson <kwoodson@redhat.com>2017-06-29 11:35:46 -0400
commit54fc9c9d8fe47097d8bb1da2520ec5b2471d3954 (patch)
treeb25bf467ad7c6b710086101d7976233a3966bb47 /roles/openshift_hosted
parentd108da5c4447950f07f9f0ead181383d8c6b4b02 (diff)
downloadopenshift-54fc9c9d8fe47097d8bb1da2520ec5b2471d3954.tar.gz
openshift-54fc9c9d8fe47097d8bb1da2520ec5b2471d3954.tar.bz2
openshift-54fc9c9d8fe47097d8bb1da2520ec5b2471d3954.tar.xz
openshift-54fc9c9d8fe47097d8bb1da2520ec5b2471d3954.zip
Adding disk encryption to storageclasses and to openshift registry
Diffstat (limited to 'roles/openshift_hosted')
-rw-r--r--roles/openshift_hosted/templates/registry_config.j25
1 files changed, 4 insertions, 1 deletions
diff --git a/roles/openshift_hosted/templates/registry_config.j2 b/roles/openshift_hosted/templates/registry_config.j2
index dc8a9f089..9673841bf 100644
--- a/roles/openshift_hosted/templates/registry_config.j2
+++ b/roles/openshift_hosted/templates/registry_config.j2
@@ -21,7 +21,10 @@ storage:
regionendpoint: {{ openshift_hosted_registry_storage_s3_regionendpoint }}
{% endif %}
bucket: {{ openshift_hosted_registry_storage_s3_bucket }}
- encrypt: false
+ encrypt: {{ openshift_hosted_registry_storage_s3_encrypt | default(false) }}
+{% if openshift_hosted_registry_storage_s3_kmskeyid %}
+ keyid: {{ openshift_hosted_registry_storage_s3_kmskeyid }}
+{% endif %}
secure: true
v4auth: true
rootdirectory: {{ openshift_hosted_registry_storage_s3_rootdirectory | default('/registry') }}