diff options
author | Liam R. Howlett <Liam.Howlett@WindRiver.com> | 2014-09-19 15:51:17 -0400 |
---|---|---|
committer | Bruce Ashfield <bruce.ashfield@windriver.com> | 2014-09-22 11:46:42 -0400 |
commit | bf51fa4f053a6aecb816ed7b4dcca64e9bd5b9b3 (patch) | |
tree | 02bdfd5520ab5c73183b2428baa42d686bb71d77 /meta-openstack/recipes-devtools/python/python-keystone_git.bb | |
parent | dcfac869bea8a501177c8419c8fd11c3ed03b21e (diff) | |
download | meta-cloud-services-bf51fa4f053a6aecb816ed7b4dcca64e9bd5b9b3.tar.gz |
python-keystone: Add apache vhost server.
This patch set configures an apache vhost server on port 8081 which will
serve as the main authentication method and documents the change in
README.keystone.
Signed-off-by: Liam R. Howlett <Liam.Howlett@WindRiver.com>
Diffstat (limited to 'meta-openstack/recipes-devtools/python/python-keystone_git.bb')
-rw-r--r-- | meta-openstack/recipes-devtools/python/python-keystone_git.bb | 69 |
1 files changed, 53 insertions, 16 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index a3511db..49aa278 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb | |||
@@ -14,6 +14,7 @@ SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=master \ | |||
14 | file://keystone-search-in-etc-directory-for-config-files.patch \ | 14 | file://keystone-search-in-etc-directory-for-config-files.patch \ |
15 | file://keystone-remove-git-commands-in-tests.patch \ | 15 | file://keystone-remove-git-commands-in-tests.patch \ |
16 | file://convert_keystone_backend.py \ | 16 | file://convert_keystone_backend.py \ |
17 | file://wsgi-keystone.conf \ | ||
17 | " | 18 | " |
18 | 19 | ||
19 | SRCREV="73ad4036d62b3aa7cf50e11ddf7bee8278bbe4d0" | 20 | SRCREV="73ad4036d62b3aa7cf50e11ddf7bee8278bbe4d0" |
@@ -51,9 +52,9 @@ SERVICECREATE_PARAM_${SRCNAME}-setup = "name type description region publicurl a | |||
51 | python () { | 52 | python () { |
52 | flags = {'type':'identity',\ | 53 | flags = {'type':'identity',\ |
53 | 'description':'OpenStack Identity',\ | 54 | 'description':'OpenStack Identity',\ |
54 | 'publicurl':"'http://${KEYSTONE_HOST}:5000/v2.0'",\ | 55 | 'publicurl':"'http://${KEYSTONE_HOST}:8081/keystone/main/v2.0'",\ |
55 | 'adminurl':"'http://${KEYSTONE_HOST}:35357/v2.0'",\ | 56 | 'adminurl':"'http://${KEYSTONE_HOST}:8081/keystone/admin/v2.0'",\ |
56 | 'internalurl':"'http://${KEYSTONE_HOST}:5000/v2.0'"} | 57 | 'internalurl':"'http://${KEYSTONE_HOST}:8081/keystone/main/v2.0'"} |
57 | d.setVarFlags("SERVICECREATE_PARAM_%s-setup" % d.getVar('SRCNAME',True), flags) | 58 | d.setVarFlags("SERVICECREATE_PARAM_%s-setup" % d.getVar('SRCNAME',True), flags) |
58 | } | 59 | } |
59 | 60 | ||
@@ -62,19 +63,38 @@ do_install_append() { | |||
62 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone | 63 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone |
63 | KEYSTONE_PACKAGE_DIR=${D}${PYTHON_SITEPACKAGES_DIR}/keystone | 64 | KEYSTONE_PACKAGE_DIR=${D}${PYTHON_SITEPACKAGES_DIR}/keystone |
64 | 65 | ||
65 | install -m 750 -d ${KEYSTONE_CONF_DIR} | 66 | APACHE_CONF_DIR=${D}${sysconfdir}/apache2/conf.d/ |
67 | KEYSTONE_PY_DIR=${D}${datadir}/openstack-dashboard/openstack_dashboard/api/ | ||
68 | KEYSTONE_CGI_DIR=${D}${localstatedir}/www/cgi-bin/keystone/ | ||
69 | |||
70 | # Apache needs to read the configs. | ||
71 | install -m 755 -d ${KEYSTONE_CONF_DIR} | ||
72 | install -m 755 -d ${APACHE_CONF_DIR} | ||
66 | 73 | ||
67 | install -d ${D}${localstatedir}/log/${SRCNAME} | 74 | install -d ${D}${localstatedir}/log/${SRCNAME} |
75 | install -g users -m 755 -d ${KEYSTONE_CGI_DIR} | ||
76 | install -g users -m 755 -d ${KEYSTONE_PY_DIR} | ||
68 | 77 | ||
69 | install -m 600 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/ | 78 | # Apache needs to read the keystone.conf |
79 | install -m 644 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/ | ||
80 | # Apache needs to read the wsgi-keystone.conf | ||
81 | install -m 644 ${WORKDIR}/wsgi-keystone.conf ${APACHE_CONF_DIR} | ||
70 | install -m 755 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/ | 82 | install -m 755 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/ |
71 | install -m 600 ${S}/etc/logging.conf.sample \ | 83 | install -m 600 ${S}${sysconfdir}/logging.conf.sample \ |
72 | ${KEYSTONE_CONF_DIR}/logging.conf | 84 | ${KEYSTONE_CONF_DIR}/logging.conf |
73 | install -m 600 ${S}/etc/policy.json ${KEYSTONE_CONF_DIR}/policy.json | 85 | install -m 600 ${S}${sysconfdir}/keystone.conf.sample \ |
74 | install -m 600 ${S}/etc/keystone.conf.sample \ | ||
75 | ${KEYSTONE_CONF_DIR}/keystone.conf.sample | 86 | ${KEYSTONE_CONF_DIR}/keystone.conf.sample |
76 | install -m 600 ${S}/etc/keystone-paste.ini \ | 87 | # Apache user needs to read these files. |
88 | install -m 644 ${S}${sysconfdir}/policy.json \ | ||
89 | ${KEYSTONE_CONF_DIR}/policy.json | ||
90 | install -m 644 ${S}${sysconfdir}/keystone-paste.ini \ | ||
77 | ${KEYSTONE_CONF_DIR}/keystone-paste.ini | 91 | ${KEYSTONE_CONF_DIR}/keystone-paste.ini |
92 | install -g users -m 644 ${S}/httpd/keystone.py \ | ||
93 | ${KEYSTONE_PY_DIR}/keystone-httpd.py | ||
94 | install -g users -m 644 ${S}/httpd/keystone.py \ | ||
95 | ${KEYSTONE_CGI_DIR}/admin | ||
96 | install -g users -m 644 ${S}/httpd/keystone.py \ | ||
97 | ${KEYSTONE_CGI_DIR}/main | ||
78 | 98 | ||
79 | cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR} | 99 | cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR} |
80 | 100 | ||
@@ -92,6 +112,14 @@ do_install_append() { | |||
92 | sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" \ | 112 | sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" \ |
93 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | 113 | -i ${KEYSTONE_CONF_DIR}/keystone.conf |
94 | 114 | ||
115 | sed "/# admin_endpoint = .*/a \ | ||
116 | public_endpoint = http://${CONTROLLER_IP}:8081/keystone/main/ " \ | ||
117 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | ||
118 | |||
119 | sed "/# admin_endpoint = .*/a \ | ||
120 | admin_endpoint = http://${CONTROLLER_IP}:8081/keystone/admin/ " \ | ||
121 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | ||
122 | |||
95 | if ${@base_contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; | 123 | if ${@base_contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; |
96 | then | 124 | then |
97 | install -d ${D}${sysconfdir}/init.d | 125 | install -d ${D}${sysconfdir}/init.d |
@@ -121,7 +149,7 @@ driver = keystone.identity.backends.hybrid_identity.Identity \ | |||
121 | \ | 149 | \ |
122 | [assignment]\ | 150 | [assignment]\ |
123 | driver = keystone.assignment.backends.hybrid_assignment.Assignment\ | 151 | driver = keystone.assignment.backends.hybrid_assignment.Assignment\ |
124 | ' ${D}/etc/keystone/keystone.conf | 152 | ' ${D}${sysconfdir}/keystone/keystone.conf |
125 | 153 | ||
126 | sed -i -e '/^\[ldap\]/a \ | 154 | sed -i -e '/^\[ldap\]/a \ |
127 | url = ldap://localhost \ | 155 | url = ldap://localhost \ |
@@ -152,7 +180,7 @@ role_member_attribute = member \ | |||
152 | role_id_attribute = cn \ | 180 | role_id_attribute = cn \ |
153 | role_name_attribute = ou \ | 181 | role_name_attribute = ou \ |
154 | role_tree_dn = ou=Roles,${LDAP_DN} \ | 182 | role_tree_dn = ou=Roles,${LDAP_DN} \ |
155 | ' ${D}/etc/keystone/keystone.conf | 183 | ' ${D}${sysconfdir}/keystone/keystone.conf |
156 | 184 | ||
157 | install -m 0755 ${WORKDIR}/convert_keystone_backend.py \ | 185 | install -m 0755 ${WORKDIR}/convert_keystone_backend.py \ |
158 | ${D}${sysconfdir}/keystone/convert_keystone_backend.py | 186 | ${D}${sysconfdir}/keystone/convert_keystone_backend.py |
@@ -177,10 +205,9 @@ pkg_postinst_${SRCNAME}-setup () { | |||
177 | if [ -z `cat $PIDFILE 2>/dev/null` ]; then | 205 | if [ -z `cat $PIDFILE 2>/dev/null` ]; then |
178 | sudo -u postgres createdb keystone | 206 | sudo -u postgres createdb keystone |
179 | keystone-manage db_sync | 207 | keystone-manage db_sync |
180 | keystone-manage pki_setup --keystone-user=root --keystone-group=root | 208 | keystone-manage pki_setup --keystone-user=root --keystone-group=daemon |
181 | 209 | ||
182 | if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; | 210 | if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then |
183 | then | ||
184 | /etc/init.d/openldap start | 211 | /etc/init.d/openldap start |
185 | fi | 212 | fi |
186 | /etc/init.d/keystone start | 213 | /etc/init.d/keystone start |
@@ -203,7 +230,8 @@ ALLOW_EMPTY_${SRCNAME}-setup = "1" | |||
203 | 230 | ||
204 | ALLOW_EMPTY_${SRCNAME}-cronjobs = "1" | 231 | ALLOW_EMPTY_${SRCNAME}-cronjobs = "1" |
205 | 232 | ||
206 | FILES_${PN} = "${libdir}/*" | 233 | FILES_${PN} = "${libdir}/* \ |
234 | " | ||
207 | 235 | ||
208 | FILES_${SRCNAME}-tests = "${sysconfdir}/${SRCNAME}/run_tests.sh" | 236 | FILES_${SRCNAME}-tests = "${sysconfdir}/${SRCNAME}/run_tests.sh" |
209 | 237 | ||
@@ -211,6 +239,8 @@ FILES_${SRCNAME} = "${bindir}/* \ | |||
211 | ${sysconfdir}/${SRCNAME}/* \ | 239 | ${sysconfdir}/${SRCNAME}/* \ |
212 | ${sysconfdir}/init.d/* \ | 240 | ${sysconfdir}/init.d/* \ |
213 | ${localstatedir}/* \ | 241 | ${localstatedir}/* \ |
242 | ${datadir}/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py \ | ||
243 | ${sysconfdir}/apache2/conf.d/wsgi-keystone.conf \ | ||
214 | " | 244 | " |
215 | 245 | ||
216 | DEPENDS += " \ | 246 | DEPENDS += " \ |
@@ -248,7 +278,14 @@ PACKAGECONFIG[OpenLDAP] = ",,,python-ldap python-keystone-hybrid-backend" | |||
248 | # TODO: | 278 | # TODO: |
249 | # if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS | 279 | # if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS |
250 | 280 | ||
251 | RDEPENDS_${SRCNAME} = "${PN} postgresql postgresql-client python-psycopg2" | 281 | RDEPENDS_${SRCNAME} = " \ |
282 | ${PN} \ | ||
283 | postgresql \ | ||
284 | postgresql-client \ | ||
285 | python-psycopg2 \ | ||
286 | apache2 \ | ||
287 | " | ||
288 | |||
252 | RDEPENDS_${SRCNAME}-setup = "postgresql sudo ${SRCNAME}" | 289 | RDEPENDS_${SRCNAME}-setup = "postgresql sudo ${SRCNAME}" |
253 | RDEPENDS_${SRCNAME}-cronjobs = "cronie ${SRCNAME}" | 290 | RDEPENDS_${SRCNAME}-cronjobs = "cronie ${SRCNAME}" |
254 | 291 | ||