python-keystone: get things working with stable/pike

Since we need to ensure the setup is run after postgresql is setup and running we can't use a postinst as it runs too early in the boot process. Instead we have a simple service which will run after postgresql-init to complete the setup. On completion the service disables itself, avoiding being run again on subsequent boots. Update configuration data to match keystone setup as described on the upstream project pages. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
author: Mark Asselstine <mark.asselstine@windriver.com> 2017-11-22 11:08:46 -0500
committer: Bruce Ashfield <bruce.ashfield@windriver.com> 2017-11-27 10:39:51 -0500
commit: fc1d523aa0f734ec88907f5b4ecc510d8fa56f51 (patch)
tree: a0cc468741ea2449683fb93fc17b7756de9e61f3 /meta-openstack/recipes-devtools/python/python-keystone_git.bb
parent: 54c4cb239e3bfd8d9efe75f073aef8e4a671bc7b (diff)
download: meta-cloud-services-fc1d523aa0f734ec88907f5b4ecc510d8fa56f51.tar.gz
1 files changed, 48 insertions, 81 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
index b5f92dd..d7f6400 100644
--- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb
+++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -7,9 +7,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=1dece7821bf3fd70fe1309eaa37d52a2"
 SRCNAME = "keystone"
 SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/pike \
+           file://keystone-init \
+           file://keystone-init.service \
           file://keystone.conf \
           file://identity.sh \
-           file://keystone \
           file://convert_keystone_backend.py \
           file://wsgi-keystone.conf \
           "
@@ -24,11 +25,14 @@ PV = "12.0.0+git${SRCPV}"
 S = "${WORKDIR}/git"
-inherit setuptools update-rc.d identity hosts default_configs monitor
+inherit setuptools identity hosts default_configs monitor useradd systemd
 SERVICE_TOKEN = "password"
 TOKEN_FORMAT ?= "PKI"
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM_${PN} = "--system -m -s /bin/false keystone"
 LDAP_DN ?= "dc=my-domain,dc=com"
 SERVICECREATE_PACKAGES = "${SRCNAME}-setup"
@@ -64,79 +68,67 @@ do_install_append() {
    KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
    KEYSTONE_PACKAGE_DIR=${D}${PYTHON_SITEPACKAGES_DIR}/keystone
    APACHE_CONF_DIR=${D}${sysconfdir}/apache2/conf.d/
-    KEYSTONE_PY_DIR=${D}${datadir}/openstack-dashboard/openstack_dashboard/api/
-    KEYSTONE_CGI_DIR=${D}${localstatedir}/www/cgi-bin/keystone/
-    # Apache needs to read the configs.
+    # Create directories
    install -m 755 -d ${KEYSTONE_CONF_DIR}
    install -m 755 -d ${APACHE_CONF_DIR}
    install -d ${D}${localstatedir}/log/${SRCNAME}
-    install -m 755 -d ${KEYSTONE_CGI_DIR}
-    #install -m 755 -d ${KEYSTONE_PY_DIR}
+    # Setup the systemd service file
+    install -d ${D}${systemd_unitdir}/system/
+    KS_INIT_SERVICE_FILE=${D}${systemd_unitdir}/system/keystone-init.service
+    install -m 644 ${WORKDIR}/keystone-init.service ${KS_INIT_SERVICE_FILE}
+    sed -e "s:%SYSCONFIGDIR%:${sysconfdir}:g" -i ${KS_INIT_SERVICE_FILE}
+    # Setup the keystone initialization script
+    KS_INIT_FILE=${KEYSTONE_CONF_DIR}/keystone-init
+    install -m 755 ${WORKDIR}/keystone-init ${KS_INIT_FILE}
+    sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KS_INIT_FILE}
+    sed -e "s:%KEYSTONE_USER%:keystone:g" -i ${KS_INIT_FILE}
+    sed -e "s:%KEYSTONE_GROUP%:keystone:g" -i ${KS_INIT_FILE}
+    sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KS_INIT_FILE}
+    sed -e "s:%ADMIN_USER%:${ADMIN_USER}:g" -i ${KS_INIT_FILE}
+    sed -e "s:%ADMIN_PASSWORD%:${ADMIN_PASSWORD}:g" -i ${KS_INIT_FILE}
+    sed -e "s:%ADMIN_ROLE%:${ADMIN_ROLE}:g" -i ${KS_INIT_FILE}
+    # Install various configuration files. We have to select suitable
+    # permissions as packages such as Apache require read access.
+    #
    # Apache needs to read the keystone.conf
    install -m 644 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/
    # Apache needs to read the wsgi-keystone.conf
-    install -m 644 ${WORKDIR}/wsgi-keystone.conf ${APACHE_CONF_DIR}
+    install -m 644 ${WORKDIR}/wsgi-keystone.conf \
+        ${APACHE_CONF_DIR}/keystone.conf
    install -m 755 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/
    install -m 600 ${S}${sysconfdir}/logging.conf.sample \
        ${KEYSTONE_CONF_DIR}/logging.conf
    install -m 600 ${S}${sysconfdir}/keystone.conf.sample \
        ${KEYSTONE_CONF_DIR}/keystone.conf.sample
-    # Apache user needs to read these files.
-    #install -m 644 ${S}${sysconfdir}/policy.json \
-    #    ${KEYSTONE_CONF_DIR}/policy.json
    install -m 644 ${S}${sysconfdir}/keystone-paste.ini \
        ${KEYSTONE_CONF_DIR}/keystone-paste.ini
-    #install -m 644 ${S}/httpd/keystone.py \
-    #    ${KEYSTONE_PY_DIR}/keystone-httpd.py
-    #install -m 644 ${S}/httpd/keystone.py \
-    #    ${KEYSTONE_CGI_DIR}/admin
-    #install -m 644 ${S}/httpd/keystone.py \
-    #    ${KEYSTONE_CGI_DIR}/main
+    # Copy examples from upstream
    cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR}
-    if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)};
+    # Edit the configuration to allow it to work out of the box
-    then
+    KEYSTONE_CONF_FILE=${KEYSTONE_CONF_DIR}/keystone.conf
-        install -d ${D}${sysconfdir}/init.d
-        install -m 0755 ${WORKDIR}/keystone ${D}${sysconfdir}/init.d/keystone
-    fi
    sed "/# admin_endpoint = .*/a \
        public_endpoint = http://%CONTROLLER_IP%:8081/keystone/main/ " \
-        -i ${KEYSTONE_CONF_DIR}/keystone.conf
+        -i ${KEYSTONE_CONF_FILE}
    sed "/# admin_endpoint = .*/a \
        admin_endpoint = http://%CONTROLLER_IP%:8081/keystone/admin/ " \
-        -i ${KEYSTONE_CONF_DIR}/keystone.conf
+        -i ${KEYSTONE_CONF_FILE}
    
-    sed -e "s:%SERVICE_TOKEN%:${SERVICE_TOKEN}:g" \
+    sed -e "s:%SERVICE_TOKEN%:${SERVICE_TOKEN}:g" -i ${KEYSTONE_CONF_FILE}
-        -i ${KEYSTONE_CONF_DIR}/keystone.conf
+    sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KEYSTONE_CONF_FILE}
-    sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KEYSTONE_CONF_DIR}/keystone.conf
+    sed -e "s:%DB_PASSWORD%:${DB_PASSWORD}:g" -i ${KEYSTONE_CONF_FILE}
-    sed -e "s:%DB_PASSWORD%:${DB_PASSWORD}:g" \
+    sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KEYSTONE_CONF_FILE}
-        -i ${KEYSTONE_CONF_DIR}/keystone.conf
+    sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KEYSTONE_CONF_FILE}
+    sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" -i ${KEYSTONE_CONF_FILE}
-    sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" \
-        -i ${KEYSTONE_CONF_DIR}/keystone.conf
-    sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" \
-        -i ${KEYSTONE_CONF_DIR}/identity.sh
-    sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" \
-        -i ${KEYSTONE_CONF_DIR}/keystone.conf
-#    sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" \
-#       -i ${D}${sysconfdir}/init.d/keystone
-#    sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" \
-#       -i ${D}${sysconfdir}/init.d/keystone
-#    sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" \
-#       -i ${D}${sysconfdir}/init.d/keystone
    
    install -d ${KEYSTONE_PACKAGE_DIR}/tests/tmp
    if [ -e "${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf" ];then
        sed -e "s:%KEYSTONE_PACKAGE_DIR%:${PYTHON_SITEPACKAGES_DIR}/keystone:g" \
            -i ${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf
@@ -180,38 +172,13 @@ role_member_attribute = member \
 role_id_attribute = cn \
 role_name_attribute = ou \
 role_tree_dn = ou=Roles,${LDAP_DN} \
-' ${D}${sysconfdir}/keystone/keystone.conf
+' ${KEYSTONE_CONF_FILE}
        install -m 0755 ${WORKDIR}/convert_keystone_backend.py \
            ${D}${sysconfdir}/keystone/convert_keystone_backend.py
    fi
 }
-pkg_postinst_${SRCNAME}-setup () {
-    # python-keystone postinst start
-    if [ -z "$D" ]; then
-        # This is to make sure postgres is configured and running
-        if ! pidof postmaster > /dev/null; then
-            /etc/init.d/postgresql-init
-            /etc/init.d/postgresql start
-            sleep 2
-        fi
-        # This is to make sure keystone is configured and running
-        PIDFILE="/var/run/keystone-all.pid"
-        if [ -z `cat $PIDFILE 2>/dev/null` ]; then
-            sudo -u postgres createdb keystone
-            keystone-manage db_sync
-            keystone-manage pki_setup --keystone-user=root --keystone-group=daemon
-            if ${@bb.utils.contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then
-                /etc/init.d/openldap start
-            fi
-            /etc/init.d/keystone start
-        fi
-    fi
-}
 # By default tokens are expired after 1 day so by default we can set
 # this token flush cronjob to run every 2 days
 KEYSTONE_TOKEN_FLUSH_TIME ??= "0 0 */2 * *"
@@ -226,7 +193,12 @@ pkg_postinst_${SRCNAME}-cronjobs () {
 PACKAGES += " ${SRCNAME}-tests ${SRCNAME} ${SRCNAME}-setup ${SRCNAME}-cronjobs"
-ALLOW_EMPTY_${SRCNAME}-setup = "1"
+SYSTEMD_PACKAGES += "${SRCNAME}-setup"
+SYSTEMD_SERVICE_${SRCNAME}-setup = "keystone-init.service"
+FILES_${SRCNAME}-setup = " \
+    ${systemd_unitdir}/system \
+    "
 ALLOW_EMPTY_${SRCNAME}-cronjobs = "1"
@@ -237,10 +209,9 @@ FILES_${SRCNAME}-tests = "${sysconfdir}/${SRCNAME}/run_tests.sh"
 FILES_${SRCNAME} = "${bindir}/* \
    ${sysconfdir}/${SRCNAME}/* \
-    ${sysconfdir}/init.d/* \
    ${localstatedir}/* \
    ${datadir}/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py \
-    ${sysconfdir}/apache2/conf.d/wsgi-keystone.conf \
+    ${sysconfdir}/apache2/conf.d/keystone.conf \
    "
 DEPENDS += " \
@@ -306,9 +277,5 @@ RDEPENDS_${SRCNAME} = " \
 RDEPENDS_${SRCNAME}-setup = "postgresql sudo ${SRCNAME}"
 RDEPENDS_${SRCNAME}-cronjobs = "cronie ${SRCNAME}"
-INITSCRIPT_PACKAGES = "${SRCNAME}"
-INITSCRIPT_NAME_${SRCNAME} = "keystone"
-INITSCRIPT_PARAMS_${SRCNAME} = "${OS_DEFAULT_INITSCRIPT_PARAMS}"
 MONITOR_SERVICE_PACKAGES = "${SRCNAME}"
 MONITOR_SERVICE_${SRCNAME} = "keystone"
author	Mark Asselstine <mark.asselstine@windriver.com>	2017-11-22 11:08:46 -0500
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2017-11-27 10:39:51 -0500
commit	fc1d523aa0f734ec88907f5b4ecc510d8fa56f51 (patch)
tree	a0cc468741ea2449683fb93fc17b7756de9e61f3 /meta-openstack/recipes-devtools/python/python-keystone_git.bb
parent	54c4cb239e3bfd8d9efe75f073aef8e4a671bc7b (diff)
download	meta-cloud-services-fc1d523aa0f734ec88907f5b4ecc510d8fa56f51.tar.gz

diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index b5f92dd..d7f6400 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb
@@ -7,9 +7,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=1dece7821bf3fd70fe1309eaa37d52a2"
7	SRCNAME = "keystone"	7	SRCNAME = "keystone"
8		8
9	SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/pike \	9	SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/pike \
		10	file://keystone-init \
		11	file://keystone-init.service \
10	file://keystone.conf \	12	file://keystone.conf \
11	file://identity.sh \	13	file://identity.sh \
12	file://keystone \
13	file://convert_keystone_backend.py \	14	file://convert_keystone_backend.py \
14	file://wsgi-keystone.conf \	15	file://wsgi-keystone.conf \
15	"	16	"
@@ -24,11 +25,14 @@ PV = "12.0.0+git${SRCPV}"
24		25
25	S = "${WORKDIR}/git"	26	S = "${WORKDIR}/git"
26		27
27	inherit setuptools update-rc.d identity hosts default_configs monitor	28	inherit setuptools identity hosts default_configs monitor useradd systemd
28		29
29	SERVICE_TOKEN = "password"	30	SERVICE_TOKEN = "password"
30	TOKEN_FORMAT ?= "PKI"	31	TOKEN_FORMAT ?= "PKI"
31		32
		33	USERADD_PACKAGES = "${PN}"
		34	USERADD_PARAM_${PN} = "--system -m -s /bin/false keystone"
		35
32	LDAP_DN ?= "dc=my-domain,dc=com"	36	LDAP_DN ?= "dc=my-domain,dc=com"
33		37
34	SERVICECREATE_PACKAGES = "${SRCNAME}-setup"	38	SERVICECREATE_PACKAGES = "${SRCNAME}-setup"
@@ -64,79 +68,67 @@ do_install_append() {
64		68
65	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone	69	KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone
66	KEYSTONE_PACKAGE_DIR=${D}${PYTHON_SITEPACKAGES_DIR}/keystone	70	KEYSTONE_PACKAGE_DIR=${D}${PYTHON_SITEPACKAGES_DIR}/keystone
67
68	APACHE_CONF_DIR=${D}${sysconfdir}/apache2/conf.d/	71	APACHE_CONF_DIR=${D}${sysconfdir}/apache2/conf.d/
69	KEYSTONE_PY_DIR=${D}${datadir}/openstack-dashboard/openstack_dashboard/api/
70	KEYSTONE_CGI_DIR=${D}${localstatedir}/www/cgi-bin/keystone/
71		72
72	# Apache needs to read the configs.	73	# Create directories
73	install -m 755 -d ${KEYSTONE_CONF_DIR}	74	install -m 755 -d ${KEYSTONE_CONF_DIR}
74	install -m 755 -d ${APACHE_CONF_DIR}	75	install -m 755 -d ${APACHE_CONF_DIR}
75
76	install -d ${D}${localstatedir}/log/${SRCNAME}	76	install -d ${D}${localstatedir}/log/${SRCNAME}
77	install -m 755 -d ${KEYSTONE_CGI_DIR}
78	#install -m 755 -d ${KEYSTONE_PY_DIR}
79		77
		78	# Setup the systemd service file
		79	install -d ${D}${systemd_unitdir}/system/
		80	KS_INIT_SERVICE_FILE=${D}${systemd_unitdir}/system/keystone-init.service
		81	install -m 644 ${WORKDIR}/keystone-init.service ${KS_INIT_SERVICE_FILE}
		82	sed -e "s:%SYSCONFIGDIR%:${sysconfdir}:g" -i ${KS_INIT_SERVICE_FILE}
		83
		84	# Setup the keystone initialization script
		85	KS_INIT_FILE=${KEYSTONE_CONF_DIR}/keystone-init
		86	install -m 755 ${WORKDIR}/keystone-init ${KS_INIT_FILE}
		87	sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KS_INIT_FILE}
		88	sed -e "s:%KEYSTONE_USER%:keystone:g" -i ${KS_INIT_FILE}
		89	sed -e "s:%KEYSTONE_GROUP%:keystone:g" -i ${KS_INIT_FILE}
		90	sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KS_INIT_FILE}
		91	sed -e "s:%ADMIN_USER%:${ADMIN_USER}:g" -i ${KS_INIT_FILE}
		92	sed -e "s:%ADMIN_PASSWORD%:${ADMIN_PASSWORD}:g" -i ${KS_INIT_FILE}
		93	sed -e "s:%ADMIN_ROLE%:${ADMIN_ROLE}:g" -i ${KS_INIT_FILE}
		94
		95	# Install various configuration files. We have to select suitable
		96	# permissions as packages such as Apache require read access.
		97	#
80	# Apache needs to read the keystone.conf	98	# Apache needs to read the keystone.conf
81	install -m 644 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/	99	install -m 644 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/
82	# Apache needs to read the wsgi-keystone.conf	100	# Apache needs to read the wsgi-keystone.conf
83	install -m 644 ${WORKDIR}/wsgi-keystone.conf ${APACHE_CONF_DIR}	101	install -m 644 ${WORKDIR}/wsgi-keystone.conf \
		102	${APACHE_CONF_DIR}/keystone.conf
84	install -m 755 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/	103	install -m 755 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/
85	install -m 600 ${S}${sysconfdir}/logging.conf.sample \	104	install -m 600 ${S}${sysconfdir}/logging.conf.sample \
86	${KEYSTONE_CONF_DIR}/logging.conf	105	${KEYSTONE_CONF_DIR}/logging.conf
87	install -m 600 ${S}${sysconfdir}/keystone.conf.sample \	106	install -m 600 ${S}${sysconfdir}/keystone.conf.sample \
88	${KEYSTONE_CONF_DIR}/keystone.conf.sample	107	${KEYSTONE_CONF_DIR}/keystone.conf.sample
89	# Apache user needs to read these files.
90	#install -m 644 ${S}${sysconfdir}/policy.json \
91	# ${KEYSTONE_CONF_DIR}/policy.json
92	install -m 644 ${S}${sysconfdir}/keystone-paste.ini \	108	install -m 644 ${S}${sysconfdir}/keystone-paste.ini \
93	${KEYSTONE_CONF_DIR}/keystone-paste.ini	109	${KEYSTONE_CONF_DIR}/keystone-paste.ini
94	#install -m 644 ${S}/httpd/keystone.py \
95	# ${KEYSTONE_PY_DIR}/keystone-httpd.py
96	#install -m 644 ${S}/httpd/keystone.py \
97	# ${KEYSTONE_CGI_DIR}/admin
98	#install -m 644 ${S}/httpd/keystone.py \
99	# ${KEYSTONE_CGI_DIR}/main
100		110
		111	# Copy examples from upstream
101	cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR}	112	cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR}
102		113
103	if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)};	114	# Edit the configuration to allow it to work out of the box
104	then	115	KEYSTONE_CONF_FILE=${KEYSTONE_CONF_DIR}/keystone.conf
105	install -d ${D}${sysconfdir}/init.d
106	install -m 0755 ${WORKDIR}/keystone ${D}${sysconfdir}/init.d/keystone
107	fi
108
109	sed "/# admin_endpoint = .*/a \	116	sed "/# admin_endpoint = .*/a \
110	public_endpoint = http://%CONTROLLER_IP%:8081/keystone/main/ " \	117	public_endpoint = http://%CONTROLLER_IP%:8081/keystone/main/ " \
111	-i ${KEYSTONE_CONF_DIR}/keystone.conf	118	-i ${KEYSTONE_CONF_FILE}
112		119
113	sed "/# admin_endpoint = .*/a \	120	sed "/# admin_endpoint = .*/a \
114	admin_endpoint = http://%CONTROLLER_IP%:8081/keystone/admin/ " \	121	admin_endpoint = http://%CONTROLLER_IP%:8081/keystone/admin/ " \
115	-i ${KEYSTONE_CONF_DIR}/keystone.conf	122	-i ${KEYSTONE_CONF_FILE}
116		123
117	sed -e "s:%SERVICE_TOKEN%:${SERVICE_TOKEN}:g" \	124	sed -e "s:%SERVICE_TOKEN%:${SERVICE_TOKEN}:g" -i ${KEYSTONE_CONF_FILE}
118	-i ${KEYSTONE_CONF_DIR}/keystone.conf	125	sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KEYSTONE_CONF_FILE}
119	sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KEYSTONE_CONF_DIR}/keystone.conf	126	sed -e "s:%DB_PASSWORD%:${DB_PASSWORD}:g" -i ${KEYSTONE_CONF_FILE}
120	sed -e "s:%DB_PASSWORD%:${DB_PASSWORD}:g" \	127	sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KEYSTONE_CONF_FILE}
121	-i ${KEYSTONE_CONF_DIR}/keystone.conf	128	sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KEYSTONE_CONF_FILE}
122		129	sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" -i ${KEYSTONE_CONF_FILE}
123	sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" \
124	-i ${KEYSTONE_CONF_DIR}/keystone.conf
125	sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" \
126	-i ${KEYSTONE_CONF_DIR}/identity.sh
127
128	sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" \
129	-i ${KEYSTONE_CONF_DIR}/keystone.conf
130
131	# sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" \
132	# -i ${D}${sysconfdir}/init.d/keystone
133	# sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" \
134	# -i ${D}${sysconfdir}/init.d/keystone
135	# sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" \
136	# -i ${D}${sysconfdir}/init.d/keystone
137		130
138	install -d ${KEYSTONE_PACKAGE_DIR}/tests/tmp	131	install -d ${KEYSTONE_PACKAGE_DIR}/tests/tmp
139
140	if [ -e "${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf" ];then	132	if [ -e "${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf" ];then
141	sed -e "s:%KEYSTONE_PACKAGE_DIR%:${PYTHON_SITEPACKAGES_DIR}/keystone:g" \	133	sed -e "s:%KEYSTONE_PACKAGE_DIR%:${PYTHON_SITEPACKAGES_DIR}/keystone:g" \
142	-i ${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf	134	-i ${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf
@@ -180,38 +172,13 @@ role_member_attribute = member \
180	role_id_attribute = cn \	172	role_id_attribute = cn \
181	role_name_attribute = ou \	173	role_name_attribute = ou \
182	role_tree_dn = ou=Roles,${LDAP_DN} \	174	role_tree_dn = ou=Roles,${LDAP_DN} \
183	' ${D}${sysconfdir}/keystone/keystone.conf	175	' ${KEYSTONE_CONF_FILE}
184		176
185	install -m 0755 ${WORKDIR}/convert_keystone_backend.py \	177	install -m 0755 ${WORKDIR}/convert_keystone_backend.py \
186	${D}${sysconfdir}/keystone/convert_keystone_backend.py	178	${D}${sysconfdir}/keystone/convert_keystone_backend.py
187	fi	179	fi
188	}	180	}
189		181
190	pkg_postinst_${SRCNAME}-setup () {
191	# python-keystone postinst start
192	if [ -z "$D" ]; then
193	# This is to make sure postgres is configured and running
194	if ! pidof postmaster > /dev/null; then
195	/etc/init.d/postgresql-init
196	/etc/init.d/postgresql start
197	sleep 2
198	fi
199
200	# This is to make sure keystone is configured and running
201	PIDFILE="/var/run/keystone-all.pid"
202	if [ -z `cat $PIDFILE 2>/dev/null` ]; then
203	sudo -u postgres createdb keystone
204	keystone-manage db_sync
205	keystone-manage pki_setup --keystone-user=root --keystone-group=daemon
206
207	if ${@bb.utils.contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then
208	/etc/init.d/openldap start
209	fi
210	/etc/init.d/keystone start
211	fi
212	fi
213	}
214
215	# By default tokens are expired after 1 day so by default we can set	182	# By default tokens are expired after 1 day so by default we can set
216	# this token flush cronjob to run every 2 days	183	# this token flush cronjob to run every 2 days
217	KEYSTONE_TOKEN_FLUSH_TIME ??= "0 0 /2 *"	184	KEYSTONE_TOKEN_FLUSH_TIME ??= "0 0 /2 *"
@@ -226,7 +193,12 @@ pkg_postinst_${SRCNAME}-cronjobs () {
226		193
227	PACKAGES += " ${SRCNAME}-tests ${SRCNAME} ${SRCNAME}-setup ${SRCNAME}-cronjobs"	194	PACKAGES += " ${SRCNAME}-tests ${SRCNAME} ${SRCNAME}-setup ${SRCNAME}-cronjobs"
228		195
229	ALLOW_EMPTY_${SRCNAME}-setup = "1"	196	SYSTEMD_PACKAGES += "${SRCNAME}-setup"
		197	SYSTEMD_SERVICE_${SRCNAME}-setup = "keystone-init.service"
		198
		199	FILES_${SRCNAME}-setup = " \
		200	${systemd_unitdir}/system \
		201	"
230		202
231	ALLOW_EMPTY_${SRCNAME}-cronjobs = "1"	203	ALLOW_EMPTY_${SRCNAME}-cronjobs = "1"
232		204
@@ -237,10 +209,9 @@ FILES_${SRCNAME}-tests = "${sysconfdir}/${SRCNAME}/run_tests.sh"
237		209
238	FILES_${SRCNAME} = "${bindir}/* \	210	FILES_${SRCNAME} = "${bindir}/* \
239	${sysconfdir}/${SRCNAME}/* \	211	${sysconfdir}/${SRCNAME}/* \
240	${sysconfdir}/init.d/* \
241	${localstatedir}/* \	212	${localstatedir}/* \
242	${datadir}/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py \	213	${datadir}/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py \
243	${sysconfdir}/apache2/conf.d/wsgi-keystone.conf \	214	${sysconfdir}/apache2/conf.d/keystone.conf \
244	"	215	"
245		216
246	DEPENDS += " \	217	DEPENDS += " \
@@ -306,9 +277,5 @@ RDEPENDS_${SRCNAME} = " \
306	RDEPENDS_${SRCNAME}-setup = "postgresql sudo ${SRCNAME}"	277	RDEPENDS_${SRCNAME}-setup = "postgresql sudo ${SRCNAME}"
307	RDEPENDS_${SRCNAME}-cronjobs = "cronie ${SRCNAME}"	278	RDEPENDS_${SRCNAME}-cronjobs = "cronie ${SRCNAME}"
308		279
309	INITSCRIPT_PACKAGES = "${SRCNAME}"
310	INITSCRIPT_NAME_${SRCNAME} = "keystone"
311	INITSCRIPT_PARAMS_${SRCNAME} = "${OS_DEFAULT_INITSCRIPT_PARAMS}"
312
313	MONITOR_SERVICE_PACKAGES = "${SRCNAME}"	280	MONITOR_SERVICE_PACKAGES = "${SRCNAME}"
314	MONITOR_SERVICE_${SRCNAME} = "keystone"	281	MONITOR_SERVICE_${SRCNAME} = "keystone"