make oyens a keystone host

author Martin Zobel-Helas <zobel@debian.org>

Wed, 1 Jul 2015 19:43:52 +0000 (19:43 +0000)

committer Martin Zobel-Helas <zobel@debian.org>

Wed, 1 Jul 2015 19:43:52 +0000 (19:43 +0000)
author Martin Zobel-Helas <zobel@debian.org>
Wed, 1 Jul 2015 19:43:52 +0000 (19:43 +0000)
committer Martin Zobel-Helas <zobel@debian.org>
Wed, 1 Jul 2015 19:43:52 +0000 (19:43 +0000)
diff --git a/modules/roles/manifests/keystone.pp b/modules/roles/manifests/keystone.pp

index 78e0692..92642b3 100644 (file)
--- a/modules/roles/manifests/keystone.pp
+++ b/modules/roles/manifests/keystone.pp
@@ -1,4 +1,31 @@
  class roles::keystone {
+
+       $keystone_postgres_password = hkdf('/etc/puppet/secret', "openstack-keystone")
+
+       class { 'keystone':
+               verbose        => true,
+               debug          => true,
+               sql_connection => 'postgresql://keystone:$keystone_postgres_password@bmdb1.debian.org/keystone',
+               catalog_type   => 'sql',
+               admin_token    => 'admin_token',
+               enabled        => false,
+       }
+       class { 'keystone::roles::admin':
+               email    => 'test@puppetlabs.com',
+               password => 'ChangeMe',
+       }
+       class { 'keystone::endpoint':
+               public_url => "https://${::fqdn}:5000/",
+               admin_url  => "https://${::fqdn}:35357/",
+       }
+
+       keystone_config { 'ssl/enable': value => true }
+
+       include apache
+       class { 'keystone::wsgi::apache':
+               ssl => true
+       }
+
         ssl::service { 'openstack.bm.debian.org':
                 notify => Service['apache2'],
         }
author	Martin Zobel-Helas <zobel@debian.org>
	Wed, 1 Jul 2015 19:43:52 +0000 (19:43 +0000)
committer	Martin Zobel-Helas <zobel@debian.org>
	Wed, 1 Jul 2015 19:43:52 +0000 (19:43 +0000)