diff options
-rw-r--r-- | meta-openstack/recipes-devtools/python/python-keystone_git.bb | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index df4b897..be511e2 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb | |||
@@ -27,6 +27,8 @@ inherit setuptools update-rc.d identity hosts default_configs | |||
27 | SERVICE_TOKEN = "password" | 27 | SERVICE_TOKEN = "password" |
28 | TOKEN_FORMAT ?= "PKI" | 28 | TOKEN_FORMAT ?= "PKI" |
29 | 29 | ||
30 | LDAP_DN ?= "dc=my-domain,dc=com" | ||
31 | |||
30 | do_install_append() { | 32 | do_install_append() { |
31 | 33 | ||
32 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone | 34 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone |
@@ -69,6 +71,47 @@ do_install_append() { | |||
69 | sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone | 71 | sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone |
70 | sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone | 72 | sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" -i ${D}${sysconfdir}/init.d/keystone |
71 | sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone | 73 | sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" -i ${D}${sysconfdir}/init.d/keystone |
74 | |||
75 | if ${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then | ||
76 | sed -i -e '/^\[identity\]/a \ | ||
77 | # Uncomment the following lines to enable the hybrid backend \ | ||
78 | # driver = keystone.identity.backends.hybrid_identity.Identity \ | ||
79 | #\ | ||
80 | # [assignment] \ | ||
81 | # driver = keystone.assignment.backends.hybrid_assignment.Assignment \ | ||
82 | ' ${D}/etc/keystone/keystone.conf | ||
83 | |||
84 | sed -i -e '/^\[ldap\]/a \ | ||
85 | url = ldap://localhost \ | ||
86 | user = cn=Manager,${LDAP_DN} \ | ||
87 | password = secret \ | ||
88 | suffix = ${LDAP_DN} \ | ||
89 | use_dumb_member = True \ | ||
90 | \ | ||
91 | user_tree_dn = ou=Users,${LDAP_DN} \ | ||
92 | user_attribute_ignore = enabled,email,tenants,default_project_id \ | ||
93 | user_id_attribute = uid \ | ||
94 | user_name_attribute = uid \ | ||
95 | user_mail_attribute = email \ | ||
96 | user_pass_attribute = keystonePassword \ | ||
97 | \ | ||
98 | tenant_tree_dn = ou=Groups,${LDAP_DN} \ | ||
99 | tenant_desc_attribute = description \ | ||
100 | tenant_domain_id_attribute = businessCategory \ | ||
101 | tenant_attribute_ignore = enabled \ | ||
102 | tenant_objectclass = groupOfNames \ | ||
103 | tenant_id_attribute = cn \ | ||
104 | tenant_member_attribute = member \ | ||
105 | tenant_name_attribute = ou \ | ||
106 | \ | ||
107 | role_attribute_ignore = enabled \ | ||
108 | role_objectclass = groupOfNames \ | ||
109 | role_member_attribute = member \ | ||
110 | role_id_attribute = cn \ | ||
111 | role_name_attribute = ou \ | ||
112 | role_tree_dn = ou=Roles,${LDAP_DN} \ | ||
113 | ' ${D}/etc/keystone/keystone.conf | ||
114 | fi | ||
72 | } | 115 | } |
73 | 116 | ||
74 | pkg_postinst_${SRCNAME}-setup () { | 117 | pkg_postinst_${SRCNAME}-setup () { |
@@ -152,6 +195,9 @@ RDEPENDS_${PN} += " \ | |||
152 | python-pbr \ | 195 | python-pbr \ |
153 | " | 196 | " |
154 | 197 | ||
198 | PACKAGECONFIG ?= "${@base_contains('DISTRO_FEATURES', 'OpenLDAP', 'OpenLDAP', '', d)}" | ||
199 | PACKAGECONFIG[OpenLDAP] = ",,,python-ldap python-keystone-hybrid-backend" | ||
200 | |||
155 | # TODO: | 201 | # TODO: |
156 | # if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS | 202 | # if DISTRO_FEATURE contains "tempest" then add *-tests to the main RDEPENDS |
157 | 203 | ||