X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fkeystone.pp;h=600fbcb98c9f145ba819f9f60e454af93f885929;hb=1e21bed9a8238b5bf8e9f348993614ee5dc60a0d;hp=4b8fd1d2609f6b6a183d3d47094e9f62f764ef3e;hpb=5d260dadc83c7fb59a6d8c538c5e0b3179fefcf4;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/keystone.pp b/modules/roles/manifests/keystone.pp
index 4b8fd1d26..600fbcb98 100644
--- a/modules/roles/manifests/keystone.pp
+++ b/modules/roles/manifests/keystone.pp
@@ -1,38 +1,48 @@
 class roles::keystone {
 
+	Exec { logoutput => 'on_failure' }
+
 	include roles::openstack::params
 
 	$keystone_dbpass = $roles::openstack::params::keystone_dbpass
 	$admin_token     = $roles::openstack::params::admin_token
 	$admin_pass      = $roles::openstack::params::admin_pass
-	$rabbit_pass      = $roles::openstack::params::rabbit_pass
+	$rabbit_pass     = $roles::openstack::params::rabbit_pass
 
 	class { '::keystone':
 		verbose             => true,
 		debug               => true,
-		sql_connection      => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org/keystone",
+		database_connection => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org:5435/keystone",
 		catalog_type        => 'sql',
 		admin_token         => $admin_token,
 		enabled             => false,
+		rabbit_host         => undef,
 		rabbit_hosts        => ['rapoport.debian.org','rainier.debian.org'],
 		rabbit_password     => $rabbit_pass,
 		rabbit_userid       => 'openstack',
 		rabbit_virtual_host => '/keystone',
-		memcache_servers    => 'localhost',
-	}
-	class { 'keystone::roles::admin':
-		email    => 'test@puppetlabs.com',
-		password => $admin_pass,
+		memcache_servers    => ['localhost:11211'],
+		cache_backend       => 'keystone.cache.memcache_pool',
+		admin_endpoint      => 'https://openstack.bm.debian.org:35357/',
+		validate_cacert     => '/etc/ssl/ca-debian/spi-cacert-2008.pem',
+		validate_service    => true,
+		enable_ssl          => true,
+		validate_auth_url   => 'https://openstack.bm.debian.org:35357/',
+		signing_cert_subject => '/C=US/ST=Unset/L=Unset/O=Unset/CN=openstack.bm.debian.org',
 	}
-	class { 'keystone::endpoint':
-		public_url => "https://${::fqdn}:5000/",
-		admin_url  => "https://${::fqdn}:35357/",
+	#class { '::keystone::roles::admin':
+	#	email    => 'test@puppetlabs.com',
+	#	password => $admin_pass,
+	#}
+	class { '::keystone::endpoint':
+		public_url => 'https://openstack.bm.debian.org:5000/',
+		admin_url  => 'https://openstack.bm.debian.org:35357/',
 	}
 
-	include apache
-	class { 'keystone::wsgi::apache':
+	include ::apache
+	class { '::keystone::wsgi::apache':
 		ssl      => true,
-		ssl_cert => '/etc/ssl/debian/certs/openstack.bm.debian.org.crt-chained',
+		ssl_cert => '/etc/ssl/certs/openstack.bm.debian.org-chained.pem',
 		ssl_key  => '/etc/ssl/private/openstack.bm.debian.org.key',
 
 	}