Merge "Update keystone element to use os-refresh-config."

2013-03-08 03:04:56 +00:00 · 2013-03-08 03:04:56 +00:00 · 21720c6acd
commit 21720c6acd
parent b554030787 abbd8a61a8
7 changed files with 48 additions and 11 deletions
--- a/elements/keystone-config/element-deps
+++ b/elements/keystone-config/element-deps
@ -0,0 +1 @@
+os-config-applier
--- a/elements/keystone-config/os-config-applier/etc/keystone/keystone.conf
+++ b/elements/keystone-config/os-config-applier/etc/keystone/keystone.conf
@ -1,16 +1,45 @@
 [DEFAULT]
-admin_token = funkytonwn
+admin_token = {{admin-token}}
+
+debug = True

 [sql]
-connection = mysql://{{OpenStack::Keystone::Database.User}}:{{OpenStack::Keystone::Database.Password}}@{{OpenStack::Keystone::Database.Host}}/{{OpenStack::Keystone::Database.Database}}
+connection = {{keystone.db}}

 [identity]
+driver = keystone.identity.backends.sql.Identity
+
 [catalog]
+driver = keystone.catalog.backends.sql.Catalog
+
 [token]
+driver = keystone.token.backends.kvs.Token
+
+# Amount of time a token should remain valid (in seconds)
+# expiration = 86400
+
 [policy]
+# driver = keystone.policy.backends.sql.Policy
+
 [ec2]
+# driver = keystone.contrib.ec2.backends.kvs.Ec2
+
 [ssl]
+#enable = True
+#certfile = /etc/keystone/ssl/certs/keystone.pem
+#keyfile = /etc/keystone/ssl/private/keystonekey.pem
+#ca_certs = /etc/keystone/ssl/certs/ca.pem
+#cert_required = True
+
 [signing]
+#token_format = PKI
+#certfile = /etc/keystone/ssl/certs/signing_cert.pem
+#keyfile = /etc/keystone/ssl/private/signing_key.pem
+#ca_certs = /etc/keystone/ssl/certs/ca.pem
+#key_size = 1024
+#valid_days = 3650
+#ca_password = None
+
 [ldap]

 [filter:debug]
--- a/elements/keystone-config/os-config-applier/etc/keystone/logging.conf
+++ b/elements/keystone-config/os-config-applier/etc/keystone/logging.conf
@ -5,11 +5,11 @@ keys=root
 keys=normal,normal_with_name,debug

 [handlers]
-keys=production,file,devel
+keys=production,devel

 [logger_root]
 level=WARNING
-handlers=file
+handlers=

 [handler_production]
 class=handlers.SysLogHandler
@ -17,12 +17,6 @@ level=ERROR
 formatter=normal_with_name
 args=(('localhost', handlers.SYSLOG_UDP_PORT), handlers.SysLogHandler.LOG_USER)

-[handler_file]
-class=FileHandler
-level=DEBUG
-formatter=normal_with_name
-args=('keystone.log', 'a')
-
 [handler_devel]
 class=StreamHandler
 level=NOTSET
--- a/elements/keystone-config/os-config-applier/etc/keystone/policy.json
+++ b/elements/keystone-config/os-config-applier/etc/keystone/policy.json
--- a/elements/keystone/element-deps
+++ b/elements/keystone/element-deps
@ -1,2 +1,3 @@
+keystone-config
+os-refresh-config
 os-svc-install
-os-config-applier
--- a/elements/keystone/install.d/70-keystone
+++ b/elements/keystone/install.d/70-keystone
@ -0,0 +1,9 @@
+#!/bin/bash
+set -eux
+
+os-svc-install -n keystone -u keystone -r https://github.com/openstack/keystone.git
+os-svc-daemon keystone keystone /usr/local/bin/keystone-all "--config-dir /etc/keystone --log-config /etc/keystone/logging.conf"
+install -m 0755 -o keystone -g keystone -d /etc/keystone/ssl
+
+install -m 0755 -o root -g root $(dirname $0)/../post-configure \
+                                $(os-refresh-config --print-base)/post-configure.d/70-keystone
--- a/elements/keystone/post-configure
+++ b/elements/keystone/post-configure
@ -0,0 +1,3 @@
+#!/bin/bash
+set -eu
+service keystone restart