projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
add ssh-wrapper + userkeys config for buildd rsync uploads
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
keystone.pp
diff --git
a/modules/roles/manifests/keystone.pp
b/modules/roles/manifests/keystone.pp
index
d153f25
..
e265e54
100644
(file)
--- a/
modules/roles/manifests/keystone.pp
+++ b/
modules/roles/manifests/keystone.pp
@@
-1,11
+1,13
@@
class roles::keystone {
class roles::keystone {
+ Exec { logoutput => 'on_failure' }
+
include roles::openstack::params
$keystone_dbpass = $roles::openstack::params::keystone_dbpass
$admin_token = $roles::openstack::params::admin_token
$admin_pass = $roles::openstack::params::admin_pass
include roles::openstack::params
$keystone_dbpass = $roles::openstack::params::keystone_dbpass
$admin_token = $roles::openstack::params::admin_token
$admin_pass = $roles::openstack::params::admin_pass
- $rabbit_pass
= $roles::openstack::params::rabbit_pass
+ $rabbit_pass = $roles::openstack::params::rabbit_pass
class { '::keystone':
verbose => true,
class { '::keystone':
verbose => true,
@@
-21,18
+23,21
@@
class roles::keystone {
rabbit_virtual_host => '/keystone',
memcache_servers => ['localhost:11211'],
cache_backend => 'keystone.cache.memcache_pool',
rabbit_virtual_host => '/keystone',
memcache_servers => ['localhost:11211'],
cache_backend => 'keystone.cache.memcache_pool',
+ admin_endpoint => 'https://openstack.bm.debian.org:35357/',
+ validate_cacert => '/etc/ssl/debian/certs/ca.crt',
+ validate_service => true,
}
}
- class { 'keystone::roles::admin':
+ class { '
::
keystone::roles::admin':
email => 'test@puppetlabs.com',
password => $admin_pass,
}
email => 'test@puppetlabs.com',
password => $admin_pass,
}
- class { 'keystone::endpoint':
- public_url =>
"https://${::fqdn}:5000/"
,
- admin_url =>
"https://${::fqdn}:35357/"
,
+ class { '
::
keystone::endpoint':
+ public_url =>
'https://openstack.bm.debian.org:5000/'
,
+ admin_url =>
'https://openstack.bm.debian.org:35357/'
,
}
include apache
}
include apache
- class { 'keystone::wsgi::apache':
+ class { '
::
keystone::wsgi::apache':
ssl => true,
ssl_cert => '/etc/ssl/debian/certs/openstack.bm.debian.org.crt-chained',
ssl_key => '/etc/ssl/private/openstack.bm.debian.org.key',
ssl => true,
ssl_cert => '/etc/ssl/debian/certs/openstack.bm.debian.org.crt-chained',
ssl_key => '/etc/ssl/private/openstack.bm.debian.org.key',