modules/puppetmaster/manifests/db.pp
modules/exim/files/email-virtualdomains/
modules/roles/manifests/pubsub/params.pp
+modules/roles/manifests/openstack/params.pp
*.swp
*~
/secret
class roles::keystone {
- $keystone_postgres_password = hkdf('/etc/puppet/secret', "openstack-keystone")
+ include roles::openstack::params
- class { 'keystone':
+ $keystone_dbpass = $roles::openstack::params::keystone_dbpass
+ $admin_token = roles::openstack::params::admin_token
+ $admin_pass = roles::openstack::params::admin_pass
+
+ class { '::keystone':
verbose => true,
debug => true,
sql_connection => 'postgresql://keystone:$keystone_postgres_password@bmdb1.debian.org/keystone',
catalog_type => 'sql',
- admin_token => 'admin_token',
+ admin_token => $admin_token,
enabled => false,
}
class { 'keystone::roles::admin':
email => 'test@puppetlabs.com',
- password => 'ChangeMe',
+ password => $admin_pass,
}
class { 'keystone::endpoint':
public_url => "https://${::fqdn}:5000/",
admin_url => "https://${::fqdn}:35357/",
}
- keystone_config { 'ssl/enable': value => true }
-
include apache
class { 'keystone::wsgi::apache':
- ssl => true
- }
+ ssl => true,
+ ssl_cert => '/etc/ssl/debian/certs/openstack.bm.debian.org.crt-chained',
+ ssl_key => '/etc/ssl/private/openstack.bm.debian.org.key',
- ssl::service { 'openstack.bm.debian.org':
- notify => Service['apache2'],
}
}
projects / mirror / dsa-puppet.git / commitdiff