diff options
Diffstat (limited to 'meta-openstack/recipes-devtools/python/python-keystone_git.bb')
| -rw-r--r-- | meta-openstack/recipes-devtools/python/python-keystone_git.bb | 129 |
1 files changed, 48 insertions, 81 deletions
diff --git a/meta-openstack/recipes-devtools/python/python-keystone_git.bb b/meta-openstack/recipes-devtools/python/python-keystone_git.bb index b5f92dd..d7f6400 100644 --- a/meta-openstack/recipes-devtools/python/python-keystone_git.bb +++ b/meta-openstack/recipes-devtools/python/python-keystone_git.bb | |||
| @@ -7,9 +7,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=1dece7821bf3fd70fe1309eaa37d52a2" | |||
| 7 | SRCNAME = "keystone" | 7 | SRCNAME = "keystone" |
| 8 | 8 | ||
| 9 | SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/pike \ | 9 | SRC_URI = "git://github.com/openstack/${SRCNAME}.git;branch=stable/pike \ |
| 10 | file://keystone-init \ | ||
| 11 | file://keystone-init.service \ | ||
| 10 | file://keystone.conf \ | 12 | file://keystone.conf \ |
| 11 | file://identity.sh \ | 13 | file://identity.sh \ |
| 12 | file://keystone \ | ||
| 13 | file://convert_keystone_backend.py \ | 14 | file://convert_keystone_backend.py \ |
| 14 | file://wsgi-keystone.conf \ | 15 | file://wsgi-keystone.conf \ |
| 15 | " | 16 | " |
| @@ -24,11 +25,14 @@ PV = "12.0.0+git${SRCPV}" | |||
| 24 | 25 | ||
| 25 | S = "${WORKDIR}/git" | 26 | S = "${WORKDIR}/git" |
| 26 | 27 | ||
| 27 | inherit setuptools update-rc.d identity hosts default_configs monitor | 28 | inherit setuptools identity hosts default_configs monitor useradd systemd |
| 28 | 29 | ||
| 29 | SERVICE_TOKEN = "password" | 30 | SERVICE_TOKEN = "password" |
| 30 | TOKEN_FORMAT ?= "PKI" | 31 | TOKEN_FORMAT ?= "PKI" |
| 31 | 32 | ||
| 33 | USERADD_PACKAGES = "${PN}" | ||
| 34 | USERADD_PARAM_${PN} = "--system -m -s /bin/false keystone" | ||
| 35 | |||
| 32 | LDAP_DN ?= "dc=my-domain,dc=com" | 36 | LDAP_DN ?= "dc=my-domain,dc=com" |
| 33 | 37 | ||
| 34 | SERVICECREATE_PACKAGES = "${SRCNAME}-setup" | 38 | SERVICECREATE_PACKAGES = "${SRCNAME}-setup" |
| @@ -64,79 +68,67 @@ do_install_append() { | |||
| 64 | 68 | ||
| 65 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone | 69 | KEYSTONE_CONF_DIR=${D}${sysconfdir}/keystone |
| 66 | KEYSTONE_PACKAGE_DIR=${D}${PYTHON_SITEPACKAGES_DIR}/keystone | 70 | KEYSTONE_PACKAGE_DIR=${D}${PYTHON_SITEPACKAGES_DIR}/keystone |
| 67 | |||
| 68 | APACHE_CONF_DIR=${D}${sysconfdir}/apache2/conf.d/ | 71 | APACHE_CONF_DIR=${D}${sysconfdir}/apache2/conf.d/ |
| 69 | KEYSTONE_PY_DIR=${D}${datadir}/openstack-dashboard/openstack_dashboard/api/ | ||
| 70 | KEYSTONE_CGI_DIR=${D}${localstatedir}/www/cgi-bin/keystone/ | ||
| 71 | 72 | ||
| 72 | # Apache needs to read the configs. | 73 | # Create directories |
| 73 | install -m 755 -d ${KEYSTONE_CONF_DIR} | 74 | install -m 755 -d ${KEYSTONE_CONF_DIR} |
| 74 | install -m 755 -d ${APACHE_CONF_DIR} | 75 | install -m 755 -d ${APACHE_CONF_DIR} |
| 75 | |||
| 76 | install -d ${D}${localstatedir}/log/${SRCNAME} | 76 | install -d ${D}${localstatedir}/log/${SRCNAME} |
| 77 | install -m 755 -d ${KEYSTONE_CGI_DIR} | ||
| 78 | #install -m 755 -d ${KEYSTONE_PY_DIR} | ||
| 79 | 77 | ||
| 78 | # Setup the systemd service file | ||
| 79 | install -d ${D}${systemd_unitdir}/system/ | ||
| 80 | KS_INIT_SERVICE_FILE=${D}${systemd_unitdir}/system/keystone-init.service | ||
| 81 | install -m 644 ${WORKDIR}/keystone-init.service ${KS_INIT_SERVICE_FILE} | ||
| 82 | sed -e "s:%SYSCONFIGDIR%:${sysconfdir}:g" -i ${KS_INIT_SERVICE_FILE} | ||
| 83 | |||
| 84 | # Setup the keystone initialization script | ||
| 85 | KS_INIT_FILE=${KEYSTONE_CONF_DIR}/keystone-init | ||
| 86 | install -m 755 ${WORKDIR}/keystone-init ${KS_INIT_FILE} | ||
| 87 | sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KS_INIT_FILE} | ||
| 88 | sed -e "s:%KEYSTONE_USER%:keystone:g" -i ${KS_INIT_FILE} | ||
| 89 | sed -e "s:%KEYSTONE_GROUP%:keystone:g" -i ${KS_INIT_FILE} | ||
| 90 | sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KS_INIT_FILE} | ||
| 91 | sed -e "s:%ADMIN_USER%:${ADMIN_USER}:g" -i ${KS_INIT_FILE} | ||
| 92 | sed -e "s:%ADMIN_PASSWORD%:${ADMIN_PASSWORD}:g" -i ${KS_INIT_FILE} | ||
| 93 | sed -e "s:%ADMIN_ROLE%:${ADMIN_ROLE}:g" -i ${KS_INIT_FILE} | ||
| 94 | |||
| 95 | # Install various configuration files. We have to select suitable | ||
| 96 | # permissions as packages such as Apache require read access. | ||
| 97 | # | ||
| 80 | # Apache needs to read the keystone.conf | 98 | # Apache needs to read the keystone.conf |
| 81 | install -m 644 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/ | 99 | install -m 644 ${WORKDIR}/keystone.conf ${KEYSTONE_CONF_DIR}/ |
| 82 | # Apache needs to read the wsgi-keystone.conf | 100 | # Apache needs to read the wsgi-keystone.conf |
| 83 | install -m 644 ${WORKDIR}/wsgi-keystone.conf ${APACHE_CONF_DIR} | 101 | install -m 644 ${WORKDIR}/wsgi-keystone.conf \ |
| 102 | ${APACHE_CONF_DIR}/keystone.conf | ||
| 84 | install -m 755 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/ | 103 | install -m 755 ${WORKDIR}/identity.sh ${KEYSTONE_CONF_DIR}/ |
| 85 | install -m 600 ${S}${sysconfdir}/logging.conf.sample \ | 104 | install -m 600 ${S}${sysconfdir}/logging.conf.sample \ |
| 86 | ${KEYSTONE_CONF_DIR}/logging.conf | 105 | ${KEYSTONE_CONF_DIR}/logging.conf |
| 87 | install -m 600 ${S}${sysconfdir}/keystone.conf.sample \ | 106 | install -m 600 ${S}${sysconfdir}/keystone.conf.sample \ |
| 88 | ${KEYSTONE_CONF_DIR}/keystone.conf.sample | 107 | ${KEYSTONE_CONF_DIR}/keystone.conf.sample |
| 89 | # Apache user needs to read these files. | ||
| 90 | #install -m 644 ${S}${sysconfdir}/policy.json \ | ||
| 91 | # ${KEYSTONE_CONF_DIR}/policy.json | ||
| 92 | install -m 644 ${S}${sysconfdir}/keystone-paste.ini \ | 108 | install -m 644 ${S}${sysconfdir}/keystone-paste.ini \ |
| 93 | ${KEYSTONE_CONF_DIR}/keystone-paste.ini | 109 | ${KEYSTONE_CONF_DIR}/keystone-paste.ini |
| 94 | #install -m 644 ${S}/httpd/keystone.py \ | ||
| 95 | # ${KEYSTONE_PY_DIR}/keystone-httpd.py | ||
| 96 | #install -m 644 ${S}/httpd/keystone.py \ | ||
| 97 | # ${KEYSTONE_CGI_DIR}/admin | ||
| 98 | #install -m 644 ${S}/httpd/keystone.py \ | ||
| 99 | # ${KEYSTONE_CGI_DIR}/main | ||
| 100 | 110 | ||
| 111 | # Copy examples from upstream | ||
| 101 | cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR} | 112 | cp -r ${S}/examples ${KEYSTONE_PACKAGE_DIR} |
| 102 | 113 | ||
| 103 | if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; | 114 | # Edit the configuration to allow it to work out of the box |
| 104 | then | 115 | KEYSTONE_CONF_FILE=${KEYSTONE_CONF_DIR}/keystone.conf |
| 105 | install -d ${D}${sysconfdir}/init.d | ||
| 106 | install -m 0755 ${WORKDIR}/keystone ${D}${sysconfdir}/init.d/keystone | ||
| 107 | fi | ||
| 108 | |||
| 109 | sed "/# admin_endpoint = .*/a \ | 116 | sed "/# admin_endpoint = .*/a \ |
| 110 | public_endpoint = http://%CONTROLLER_IP%:8081/keystone/main/ " \ | 117 | public_endpoint = http://%CONTROLLER_IP%:8081/keystone/main/ " \ |
| 111 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | 118 | -i ${KEYSTONE_CONF_FILE} |
| 112 | 119 | ||
| 113 | sed "/# admin_endpoint = .*/a \ | 120 | sed "/# admin_endpoint = .*/a \ |
| 114 | admin_endpoint = http://%CONTROLLER_IP%:8081/keystone/admin/ " \ | 121 | admin_endpoint = http://%CONTROLLER_IP%:8081/keystone/admin/ " \ |
| 115 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | 122 | -i ${KEYSTONE_CONF_FILE} |
| 116 | 123 | ||
| 117 | sed -e "s:%SERVICE_TOKEN%:${SERVICE_TOKEN}:g" \ | 124 | sed -e "s:%SERVICE_TOKEN%:${SERVICE_TOKEN}:g" -i ${KEYSTONE_CONF_FILE} |
| 118 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | 125 | sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KEYSTONE_CONF_FILE} |
| 119 | sed -e "s:%DB_USER%:${DB_USER}:g" -i ${KEYSTONE_CONF_DIR}/keystone.conf | 126 | sed -e "s:%DB_PASSWORD%:${DB_PASSWORD}:g" -i ${KEYSTONE_CONF_FILE} |
| 120 | sed -e "s:%DB_PASSWORD%:${DB_PASSWORD}:g" \ | 127 | sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KEYSTONE_CONF_FILE} |
| 121 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | 128 | sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" -i ${KEYSTONE_CONF_FILE} |
| 122 | 129 | sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" -i ${KEYSTONE_CONF_FILE} | |
| 123 | sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" \ | ||
| 124 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | ||
| 125 | sed -e "s:%CONTROLLER_IP%:${CONTROLLER_IP}:g" \ | ||
| 126 | -i ${KEYSTONE_CONF_DIR}/identity.sh | ||
| 127 | |||
| 128 | sed -e "s:%TOKEN_FORMAT%:${TOKEN_FORMAT}:g" \ | ||
| 129 | -i ${KEYSTONE_CONF_DIR}/keystone.conf | ||
| 130 | |||
| 131 | # sed -e "s/%ADMIN_PASSWORD%/${ADMIN_PASSWORD}/g" \ | ||
| 132 | # -i ${D}${sysconfdir}/init.d/keystone | ||
| 133 | # sed -e "s/%SERVICE_PASSWORD%/${SERVICE_PASSWORD}/g" \ | ||
| 134 | # -i ${D}${sysconfdir}/init.d/keystone | ||
| 135 | # sed -e "s/%SERVICE_TENANT_NAME%/${SERVICE_TENANT_NAME}/g" \ | ||
| 136 | # -i ${D}${sysconfdir}/init.d/keystone | ||
| 137 | 130 | ||
| 138 | install -d ${KEYSTONE_PACKAGE_DIR}/tests/tmp | 131 | install -d ${KEYSTONE_PACKAGE_DIR}/tests/tmp |
| 139 | |||
| 140 | if [ -e "${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf" ];then | 132 | if [ -e "${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf" ];then |
| 141 | sed -e "s:%KEYSTONE_PACKAGE_DIR%:${PYTHON_SITEPACKAGES_DIR}/keystone:g" \ | 133 | sed -e "s:%KEYSTONE_PACKAGE_DIR%:${PYTHON_SITEPACKAGES_DIR}/keystone:g" \ |
| 142 | -i ${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf | 134 | -i ${KEYSTONE_PACKAGE_DIR}/tests/test_overrides.conf |
| @@ -180,38 +172,13 @@ role_member_attribute = member \ | |||
| 180 | role_id_attribute = cn \ | 172 | role_id_attribute = cn \ |
| 181 | role_name_attribute = ou \ | 173 | role_name_attribute = ou \ |
| 182 | role_tree_dn = ou=Roles,${LDAP_DN} \ | 174 | role_tree_dn = ou=Roles,${LDAP_DN} \ |
| 183 | ' ${D}${sysconfdir}/keystone/keystone.conf | 175 | ' ${KEYSTONE_CONF_FILE} |
| 184 | 176 | ||
| 185 | install -m 0755 ${WORKDIR}/convert_keystone_backend.py \ | 177 | install -m 0755 ${WORKDIR}/convert_keystone_backend.py \ |
| 186 | ${D}${sysconfdir}/keystone/convert_keystone_backend.py | 178 | ${D}${sysconfdir}/keystone/convert_keystone_backend.py |
| 187 | fi | 179 | fi |
| 188 | } | 180 | } |
| 189 | 181 | ||
| 190 | pkg_postinst_${SRCNAME}-setup () { | ||
| 191 | # python-keystone postinst start | ||
| 192 | if [ -z "$D" ]; then | ||
| 193 | # This is to make sure postgres is configured and running | ||
| 194 | if ! pidof postmaster > /dev/null; then | ||
| 195 | /etc/init.d/postgresql-init | ||
| 196 | /etc/init.d/postgresql start | ||
| 197 | sleep 2 | ||
| 198 | fi | ||
| 199 | |||
| 200 | # This is to make sure keystone is configured and running | ||
| 201 | PIDFILE="/var/run/keystone-all.pid" | ||
| 202 | if [ -z `cat $PIDFILE 2>/dev/null` ]; then | ||
| 203 | sudo -u postgres createdb keystone | ||
| 204 | keystone-manage db_sync | ||
| 205 | keystone-manage pki_setup --keystone-user=root --keystone-group=daemon | ||
| 206 | |||
| 207 | if ${@bb.utils.contains('DISTRO_FEATURES', 'OpenLDAP', 'true', 'false', d)}; then | ||
| 208 | /etc/init.d/openldap start | ||
| 209 | fi | ||
| 210 | /etc/init.d/keystone start | ||
| 211 | fi | ||
| 212 | fi | ||
| 213 | } | ||
| 214 | |||
| 215 | # By default tokens are expired after 1 day so by default we can set | 182 | # By default tokens are expired after 1 day so by default we can set |
| 216 | # this token flush cronjob to run every 2 days | 183 | # this token flush cronjob to run every 2 days |
| 217 | KEYSTONE_TOKEN_FLUSH_TIME ??= "0 0 */2 * *" | 184 | KEYSTONE_TOKEN_FLUSH_TIME ??= "0 0 */2 * *" |
| @@ -226,7 +193,12 @@ pkg_postinst_${SRCNAME}-cronjobs () { | |||
| 226 | 193 | ||
| 227 | PACKAGES += " ${SRCNAME}-tests ${SRCNAME} ${SRCNAME}-setup ${SRCNAME}-cronjobs" | 194 | PACKAGES += " ${SRCNAME}-tests ${SRCNAME} ${SRCNAME}-setup ${SRCNAME}-cronjobs" |
| 228 | 195 | ||
| 229 | ALLOW_EMPTY_${SRCNAME}-setup = "1" | 196 | SYSTEMD_PACKAGES += "${SRCNAME}-setup" |
| 197 | SYSTEMD_SERVICE_${SRCNAME}-setup = "keystone-init.service" | ||
| 198 | |||
| 199 | FILES_${SRCNAME}-setup = " \ | ||
| 200 | ${systemd_unitdir}/system \ | ||
| 201 | " | ||
| 230 | 202 | ||
| 231 | ALLOW_EMPTY_${SRCNAME}-cronjobs = "1" | 203 | ALLOW_EMPTY_${SRCNAME}-cronjobs = "1" |
| 232 | 204 | ||
| @@ -237,10 +209,9 @@ FILES_${SRCNAME}-tests = "${sysconfdir}/${SRCNAME}/run_tests.sh" | |||
| 237 | 209 | ||
| 238 | FILES_${SRCNAME} = "${bindir}/* \ | 210 | FILES_${SRCNAME} = "${bindir}/* \ |
| 239 | ${sysconfdir}/${SRCNAME}/* \ | 211 | ${sysconfdir}/${SRCNAME}/* \ |
| 240 | ${sysconfdir}/init.d/* \ | ||
| 241 | ${localstatedir}/* \ | 212 | ${localstatedir}/* \ |
| 242 | ${datadir}/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py \ | 213 | ${datadir}/openstack-dashboard/openstack_dashboard/api/keystone-httpd.py \ |
| 243 | ${sysconfdir}/apache2/conf.d/wsgi-keystone.conf \ | 214 | ${sysconfdir}/apache2/conf.d/keystone.conf \ |
| 244 | " | 215 | " |
| 245 | 216 | ||
| 246 | DEPENDS += " \ | 217 | DEPENDS += " \ |
| @@ -306,9 +277,5 @@ RDEPENDS_${SRCNAME} = " \ | |||
| 306 | RDEPENDS_${SRCNAME}-setup = "postgresql sudo ${SRCNAME}" | 277 | RDEPENDS_${SRCNAME}-setup = "postgresql sudo ${SRCNAME}" |
| 307 | RDEPENDS_${SRCNAME}-cronjobs = "cronie ${SRCNAME}" | 278 | RDEPENDS_${SRCNAME}-cronjobs = "cronie ${SRCNAME}" |
| 308 | 279 | ||
| 309 | INITSCRIPT_PACKAGES = "${SRCNAME}" | ||
| 310 | INITSCRIPT_NAME_${SRCNAME} = "keystone" | ||
| 311 | INITSCRIPT_PARAMS_${SRCNAME} = "${OS_DEFAULT_INITSCRIPT_PARAMS}" | ||
| 312 | |||
| 313 | MONITOR_SERVICE_PACKAGES = "${SRCNAME}" | 280 | MONITOR_SERVICE_PACKAGES = "${SRCNAME}" |
| 314 | MONITOR_SERVICE_${SRCNAME} = "keystone" | 281 | MONITOR_SERVICE_${SRCNAME} = "keystone" |