diff --git a/attributes/default.rb b/attributes/default.rb
index 74e52b9..4fd450c 100644
--- a/attributes/default.rb
+++ b/attributes/default.rb
@@ -159,7 +159,7 @@ default['openstack']['dashboard']['wsgi_path'] = node['openstack']['dashboard'][
 default['openstack']['dashboard']['wsgi_socket_prefix'] = nil
 default['openstack']['dashboard']['session_backend'] = 'memcached'
 
-default['openstack']['dashboard']['ssl_offload'] = false
+default['openstack']['dashboard']['ssl_offload'] = true
 default['openstack']['dashboard']['plugins'] = nil
 
 default['openstack']['dashboard']['file_upload_temp_dir'] = nil
@@ -194,6 +194,7 @@ default['openstack']['dashboard']['keystone_backend']['can_edit_domain'] = true
 default['openstack']['dashboard']['keystone_backend']['can_edit_role'] = true
 
 default['openstack']['dashboard']['log_level']['horizon'] = 'INFO'
+default['openstack']['dashboard']['log_level']['horizon_log'] = 'INFO'
 default['openstack']['dashboard']['log_level']['openstack_dashboard'] = 'INFO'
 default['openstack']['dashboard']['log_level']['novaclient'] = 'INFO'
 default['openstack']['dashboard']['log_level']['cinderclient'] = 'INFO'
@@ -208,6 +209,8 @@ default['openstack']['dashboard']['log_level']['openstack_auth'] = 'INFO'
 default['openstack']['dashboard']['log_level']['nose.plugins.manager'] = 'INFO'
 default['openstack']['dashboard']['log_level']['django'] = 'INFO'
 
+default['openstack']['dashboard']['heat_stack']['eanable_user_pass'] = true
+
 default['openstack']['dashboard']['password_autocomplete'] = 'off'
 default['openstack']['dashboard']['simple_ip_management'] = false
 default['openstack']['dashboard']['neutron']['enable_quotas'] = true
diff --git a/recipes/horizon.rb b/recipes/horizon.rb
index 8c4c0a9..8846eb6 100644
--- a/recipes/horizon.rb
+++ b/recipes/horizon.rb
@@ -35,6 +35,17 @@ auth_admin_uri = auth_uri_transform identity_admin_endpoint.to_s, node['openstac
 identity_endpoint = public_endpoint 'identity'
 auth_uri = auth_uri_transform identity_endpoint.to_s, node['openstack']['dashboard']['api']['auth']['version']
 
+http_bind = node['openstack']['bind_service']['dashboard_http']
+http_bind_address = bind_address http_bind
+https_bind = node['openstack']['bind_service']['dashboard_https']
+https_bind_address = bind_address https_bind
+
+horizon_host = if node['openstack']['dashboard']['use_ssl']
+                 http_bind_address
+               else
+                 https_bind_address
+               end
+
 db_pass = get_password 'db', 'horizon'
 db_info = db 'dashboard'
 
@@ -68,7 +79,8 @@ template node['openstack']['dashboard']['local_settings_path'] do
     db_info: db_info,
     auth_uri: auth_uri,
     auth_admin_uri: auth_admin_uri,
-    memcached_servers: memcached
+    memcached_servers: memcached,
+    host: horizon_host
   )
 
   notifies :restart, "service[#{node['openstack']['dashboard']['server_type']}]", :delayed
diff --git a/templates/default/local_settings.py.erb b/templates/default/local_settings.py.erb
index 520a353..43838b8 100644
--- a/templates/default/local_settings.py.erb
+++ b/templates/default/local_settings.py.erb
@@ -4,7 +4,10 @@ import os
 
 from django.utils.translation import ugettext_lazy as _
 
+from horizon.utils import secret_key
+
 from openstack_dashboard import exceptions
+from openstack_dashboard.settings import HORIZON_CONFIG
 
 DEBUG = <%= node["openstack"]["dashboard"]["debug"] ? "True" : "False" %>
 TEMPLATE_DEBUG = DEBUG
@@ -156,9 +159,13 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
 #     ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
 # ]
 
+OPENSTACK_HOST = "<%= @host %>"
 OPENSTACK_KEYSTONE_URL = "<%= @auth_uri %>"
 OPENSTACK_KEYSTONE_ADMIN_URL = "<%= @auth_admin_uri %>"
+OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
 OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= node["openstack"]["dashboard"]["keystone_default_role"] %>"
+OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
+OPENSTACK_KEYSTONE_ADMIN_ROLES = ["admin"]
 
 <% if node["openstack"]["dashboard"]["use_ssl"] %>
 # Disable SSL certificate checks (useful for self-signed certificates):
@@ -223,6 +230,12 @@ OPENSTACK_NEUTRON_NETWORK = {
     'supported_provider_types': ['*'],
 }
 
+# The OPENSTACK_HEAT_STACK settings can be used to disable password
+# field required while launching the stack.
+OPENSTACK_HEAT_STACK = {
+    'enable_user_pass': <%= node['openstack']['dashboard']['heat_stack']['eanable_user_pass'] ? 'True' : 'False' %>,
+}
+
 # The OPENSTACK_IMAGE_BACKEND settings can be used to customize features
 # in the OpenStack Dashboard related to the Image service, such as the list
 # of supported image formats.
@@ -323,6 +336,13 @@ LOGGING = {
     # if nothing is specified here and disable_existing_loggers is True,
     # django.db.backends will still log unless it is disabled explicitly.
     'disable_existing_loggers': False,
+    'formatters': {
+        'operation': {
+            # The format of "%(message)s" is defined by
+            # OPERATION_LOG_OPTIONS['format']
+            'format': '%(asctime)s %(message)s'
+        },
+    },
     'handlers': {
         'null': {
             'level': 'DEBUG',
@@ -333,6 +353,11 @@ LOGGING = {
             'level': '<%= node["openstack"]["dashboard"]["debug"] ? "DEBUG" : "INFO" %>',
             'class': 'logging.StreamHandler',
         },
+        'operation': {
+        'level': '<%= node["openstack"]["dashboard"]["debug"] ? "DEBUG" : "INFO" %>',
+        'class': 'logging.StreamHandler',
+        'formatter': 'operation',
+        },
     },
     'loggers': {
         # Logging from django.db.backends is VERY verbose, send to null
@@ -350,6 +375,11 @@ LOGGING = {
             'level': '<%= node["openstack"]["dashboard"]["log_level"]["horizon"] %>',
             'propagate': False,
         },
+        'horizon.operation_log': {
+        'handlers': ['operation'],
+        'level': '<%= node["openstack"]["dashboard"]["log_level"]["horizon_log"] %>',
+        'propagate': False,
+        },
         'openstack_dashboard': {
             'handlers': ['console'],
             'level': '<%= node["openstack"]["dashboard"]["log_level"]["openstack_dashboard"] %>',
@@ -550,6 +580,17 @@ FLAVOR_EXTRA_KEYS = {
     ]
 }
 
+# You may remove settings from this list for security purposes, but do so at
+# the risk of breaking a built-in horizon feature. These settings are required
+# for horizon to function properly. Only remove them if you know what you
+# are doing. These settings may in the future be moved to be defined within
+# the enabled panel configuration.
+# You should not add settings to this list for out of tree extensions.
+# See: https://wiki.openstack.org/wiki/Horizon/RESTAPI
+REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
+'LAUNCH_INSTANCE_DEFAULTS',
+'OPENSTACK_IMAGE_FORMATS']
+
 # Indicate to the Sahara data processing service whether or not
 # automatic floating IP allocation is in effect.  If it is not
 # in effect, the user will be prompted to choose a floating IP
@@ -584,7 +625,7 @@ DATABASES = {
 # request/response loop - independent from user requests. This allows to
 # pre-compress CSS and JavaScript files and works just like the automatic
 # compression with the {% compress %} tag.
-COMPRESS_OFFLINE = True
+COMPRESS_OFFLINE = False
 
 # The hash algorithm to use for authentication tokens. This must
 # match the hash algorithm that the identity server and the