107 lines
2.6 KiB
Plaintext
107 lines
2.6 KiB
Plaintext
# icehouse
|
|
###############################################################################
|
|
# [ WARNING ]
|
|
# Configuration file maintained by Juju. Local changes may be overwritten.
|
|
###############################################################################
|
|
[DEFAULT]
|
|
admin_token = {{ token }}
|
|
admin_port = {{ admin_port }}
|
|
public_port = {{ public_port }}
|
|
use_syslog = {{ use_syslog }}
|
|
log_config = /etc/keystone/logging.conf
|
|
debug = {{ debug }}
|
|
verbose = {{ verbose }}
|
|
public_endpoint = {{ public_endpoint }}
|
|
admin_endpoint = {{ admin_endpoint }}
|
|
bind_host = {{ bind_host }}
|
|
public_workers = {{ workers }}
|
|
admin_workers = {{ workers }}
|
|
|
|
[database]
|
|
{% if database_host -%}
|
|
connection = {{ database_type }}://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
|
|
{% else -%}
|
|
connection = sqlite:////var/lib/keystone/keystone.db
|
|
{% endif -%}
|
|
connection_recycle_time = 200
|
|
|
|
[identity]
|
|
driver = keystone.identity.backends.{{ identity_backend }}.Identity
|
|
|
|
[credential]
|
|
driver = keystone.credential.backends.sql.Credential
|
|
|
|
[trust]
|
|
driver = keystone.trust.backends.sql.Trust
|
|
|
|
[os_inherit]
|
|
|
|
[catalog]
|
|
driver = keystone.catalog.backends.sql.Catalog
|
|
|
|
[endpoint_filter]
|
|
|
|
[token]
|
|
driver = keystone.token.backends.sql.Token
|
|
provider = keystone.token.providers.uuid.Provider
|
|
expiration = {{ token_expiration }}
|
|
|
|
{% include "parts/section-signing" %}
|
|
|
|
[cache]
|
|
|
|
[policy]
|
|
driver = keystone.policy.backends.sql.Policy
|
|
|
|
[ec2]
|
|
driver = keystone.contrib.ec2.backends.sql.Ec2
|
|
|
|
[assignment]
|
|
driver = keystone.assignment.backends.{{ assignment_backend }}.Assignment
|
|
|
|
[oauth1]
|
|
|
|
[auth]
|
|
methods = external,password,token,oauth1
|
|
password = keystone.auth.plugins.password.Password
|
|
token = keystone.auth.plugins.token.Token
|
|
oauth1 = keystone.auth.plugins.oauth1.OAuth
|
|
|
|
[paste_deploy]
|
|
config_file = keystone-paste.ini
|
|
|
|
[extra_headers]
|
|
Distribution = Ubuntu
|
|
|
|
[ldap]
|
|
{% if identity_backend == 'ldap' -%}
|
|
url = {{ ldap_server }}
|
|
user = {{ ldap_user }}
|
|
password = {{ ldap_password }}
|
|
suffix = {{ ldap_suffix }}
|
|
|
|
{% if ldap_config_flags -%}
|
|
{% for key, value in ldap_config_flags.items() -%}
|
|
{{ key }} = {{ value }}
|
|
{% endfor -%}
|
|
{% endif -%}
|
|
|
|
{% if ldap_readonly -%}
|
|
user_allow_create = False
|
|
user_allow_update = False
|
|
user_allow_delete = False
|
|
|
|
tenant_allow_create = False
|
|
tenant_allow_update = False
|
|
tenant_allow_delete = False
|
|
|
|
role_allow_create = False
|
|
role_allow_update = False
|
|
role_allow_delete = False
|
|
|
|
group_allow_create = False
|
|
group_allow_update = False
|
|
group_allow_delete = False
|
|
{% endif -%}
|
|
{% endif -%}
|