# # Cookbook:: openstack-dashboard # Attributes:: default # # Copyright:: 2012, AT&T, Inc. # Copyright:: 2013-2014, IBM, Corp. # Copyright:: 2016-2020, Oregon State University # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # Set to some text value if you want templated config files # to contain a custom banner at the top of the written file default['openstack']['dashboard']['custom_template_banner'] = ' # This file is automatically generated by Chef # Any changes will be overwritten ' # ****************** OpenStack Dashboard Endpoints ****************************** # The OpenStack Dashboard non-SSL endpoint default['openstack']['bind_service']['dashboard_http']['host'] = '0.0.0.0' default['openstack']['bind_service']['dashboard_http']['port'] = '80' # The OpenStack Dashboard SSL endpoint default['openstack']['bind_service']['dashboard_https']['host'] = '0.0.0.0' default['openstack']['bind_service']['dashboard_https']['port'] = '443' # ******************************************************************************** default['openstack']['dashboard']['debug'] = false # Don't cache html pages. # NOTE: This setting requires apache 2.4 or greater is used default['openstack']['dashboard']['cache_html'] = false # The Keystone role used by default for users logging into the dashboard default['openstack']['dashboard']['keystone_default_role'] = 'member' default['openstack']['dashboard']['server_hostname'] = nil default['openstack']['dashboard']['server_aliases'] = [] default['openstack']['dashboard']['server_admin'] = 'root@localhost' default['openstack']['dashboard']['use_ssl'] = true # When using a remote certificate and key, the names of the actual installed certificate # and key in the file system are determined by the following two attributes. # If you want the name of the installed files to match the name of the files from the URL, # they need to be manually set below, if not the conventional horizon.* names will be used. default['openstack']['dashboard']['ssl']['cert'] = 'horizon.pem' default['openstack']['dashboard']['ssl']['key'] = 'horizon.key' # Optional Chain cert default['openstack']['dashboard']['ssl']['chain'] = nil # Which versions of the SSL/TLS protocol will be accepted in new connections. default['openstack']['dashboard']['ssl']['protocol'] = 'All -SSLv2 -SSLv3' # Which ciphers to use with the SSL/TLS protocol. # Example: 'RSA:HIGH:MEDIUM:!LOW:!kEDH:!aNULL:!ADH:!eNULL:!EXP:!SSLv2:!SEED:!CAMELLIA:!PSK!RC4:!RC4-MD5:!RC4-SHA' default['openstack']['dashboard']['ssl']['ciphers'] = nil # Use the 'certs' databag for managing certs to disable it to use something # external default['openstack']['dashboard']['ssl']['use_data_bag'] = true # List of hosts/domains the dashboard can serve. This should be changed, a '*' # allows everything default['openstack']['dashboard']['allowed_hosts'] = ['*'] # Allow TRACE method # # Set to "extended" to also reflect the request body (only for testing and # diagnostic purposes). # # Set to one of: On | Off | extended default['openstack']['dashboard']['traceenable'] = 'Off' default['openstack']['dashboard']['secret_key_content'] = nil default['openstack']['dashboard']['ssl_no_verify'] = 'True' default['openstack']['dashboard']['ssl_cacert'] = nil default['openstack']['dashboard']['webroot'] = '/' # Dashboard specific database packages # Put common ones here and platform specific ones below. default['openstack']['dashboard']['db_python_packages'] = { mysql: [], sqlite: [], } case node['platform_family'] when 'rhel' default['openstack']['dashboard']['key_group'] = 'root' default['openstack']['dashboard']['horizon_user'] = 'apache' default['openstack']['dashboard']['horizon_group'] = 'apache' default['openstack']['dashboard']['secret_key_path'] = '/usr/share/openstack-dashboard/openstack_dashboard/local/.secret_key_store' default['openstack']['dashboard']['ssl']['cert_dir'] = '/etc/pki/tls/certs/' default['openstack']['dashboard']['ssl']['key_dir'] = '/etc/pki/tls/private/' default['openstack']['dashboard']['local_settings_path'] = '/etc/openstack-dashboard/local_settings' default['openstack']['dashboard']['django_path'] = '/usr/share/openstack-dashboard' default['openstack']['dashboard']['static_path'] = '/usr/share/openstack-dashboard/static' default['openstack']['dashboard']['policy_files_path'] = '/etc/openstack-dashboard' default['openstack']['dashboard']['login_url'] = "#{node['openstack']['dashboard']['webroot']}auth/login/" default['openstack']['dashboard']['logout_url'] = "#{node['openstack']['dashboard']['webroot']}auth/logout/" default['openstack']['dashboard']['login_redirect_url'] = node['openstack']['dashboard']['webroot'] default['openstack']['dashboard']['platform'] = { 'horizon_packages' => %w(openstack-dashboard mod_wsgi), 'memcache_python_packages' => %w(python-memcached), 'package_overrides' => '', } when 'debian' default['openstack']['dashboard']['key_group'] = 'ssl-cert' default['openstack']['dashboard']['horizon_user'] = 'horizon' default['openstack']['dashboard']['horizon_group'] = 'horizon' default['openstack']['dashboard']['secret_key_path'] = '/var/lib/openstack-dashboard/secret_key' default['openstack']['dashboard']['ssl']['cert_dir'] = '/etc/ssl/certs/' default['openstack']['dashboard']['ssl']['key_dir'] = '/etc/ssl/private/' default['openstack']['dashboard']['local_settings_path'] = '/etc/openstack-dashboard/local_settings.py' default['openstack']['dashboard']['django_path'] = '/usr/share/openstack-dashboard' default['openstack']['dashboard']['static_path'] = '/var/lib/openstack-dashboard/static' default['openstack']['dashboard']['policy_files_path'] = '/usr/share/openstack-dashboard/openstack_dashboard/conf' default['openstack']['dashboard']['login_url'] = nil default['openstack']['dashboard']['logout_url'] = nil default['openstack']['dashboard']['login_redirect_url'] = nil default['openstack']['dashboard']['platform'] = { 'memcache_python_packages' => %w(python3-memcache), 'package_overrides' => '', } default['openstack']['dashboard']['platform']['horizon_packages'] = %w( node-less libapache2-mod-wsgi-py3 python3-django-horizon openstack-dashboard ) else default['openstack']['dashboard']['key_group'] = 'root' end default['openstack']['dashboard']['dash_path'] = "#{node['openstack']['dashboard']['django_path']}/openstack_dashboard" default['openstack']['dashboard']['wsgi_path'] = node['openstack']['dashboard']['dash_path'] + '/wsgi.py' default['openstack']['dashboard']['wsgi_socket_prefix'] = nil default['openstack']['dashboard']['session_backend'] = 'memcached' default['openstack']['dashboard']['ssl_offload'] = true default['openstack']['dashboard']['plugins'] = nil default['openstack']['dashboard']['file_upload_temp_dir'] = nil # disable the v2 openrc download panel by default since v2 has been deprecated for a while # TODO: remove this option completely for Train default['openstack']['dashboard']['show_keystone_v2_rc'] = 'False' default['openstack']['dashboard']['error_log'] = 'openstack-dashboard-error.log' default['openstack']['dashboard']['access_log'] = 'openstack-dashboard-access.log' default['openstack']['dashboard']['help_url'] = 'https://docs.openstack.org' default['openstack']['dashboard']['csrf_cookie_secure'] = true default['openstack']['dashboard']['session_cookie_secure'] = true default['openstack']['dashboard']['keystone_multidomain_support'] = false default['openstack']['dashboard']['keystone_default_domain'] = 'default' default['openstack']['dashboard']['identity_api_version'] = 3 default['openstack']['dashboard']['volume_api_version'] = 2 default['openstack']['dashboard']['console_type'] = 'AUTO' default['openstack']['dashboard']['keystone_backend']['name'] = 'native' default['openstack']['dashboard']['keystone_backend']['can_edit_user'] = true default['openstack']['dashboard']['keystone_backend']['can_edit_group'] = true default['openstack']['dashboard']['keystone_backend']['can_edit_project'] = true default['openstack']['dashboard']['keystone_backend']['can_edit_domain'] = true default['openstack']['dashboard']['keystone_backend']['can_edit_role'] = true default['openstack']['dashboard']['log_level']['horizon'] = 'INFO' default['openstack']['dashboard']['log_level']['horizon_log'] = 'INFO' default['openstack']['dashboard']['log_level']['openstack_dashboard'] = 'INFO' default['openstack']['dashboard']['log_level']['novaclient'] = 'INFO' default['openstack']['dashboard']['log_level']['cinderclient'] = 'INFO' default['openstack']['dashboard']['log_level']['keystoneclient'] = 'INFO' default['openstack']['dashboard']['log_level']['glanceclient'] = 'INFO' default['openstack']['dashboard']['log_level']['neutronclient'] = 'INFO' default['openstack']['dashboard']['log_level']['heatclient'] = 'INFO' default['openstack']['dashboard']['log_level']['ceilometerclient'] = 'INFO' default['openstack']['dashboard']['log_level']['troveclient'] = 'INFO' default['openstack']['dashboard']['log_level']['swiftclient'] = 'INFO' default['openstack']['dashboard']['log_level']['openstack_auth'] = 'INFO' default['openstack']['dashboard']['log_level']['nose.plugins.manager'] = 'INFO' default['openstack']['dashboard']['log_level']['django'] = 'INFO' default['openstack']['dashboard']['heat_stack']['enable_user_pass'] = true default['openstack']['dashboard']['password_autocomplete'] = 'off' default['openstack']['dashboard']['simple_ip_management'] = false default['openstack']['dashboard']['neutron']['enable_quotas'] = true default['openstack']['dashboard']['neutron']['enable_lb'] = false default['openstack']['dashboard']['neutron']['enable_vpn'] = false # Allow for misc sections to be added to the local_settings template # For example: { # 'CUSTOM_CONFIG_A' => { # 'variable1': 'value1', # 'variable2': 'value2' # } # 'CUSTOM_CONFIG_B' => { # 'variable1': 'value1', # 'variable2': 'value2' # } # } # will generate: # CUSTOM_CONFIG_A = { # 'varable1': 'value1', # 'varable2': 'value2', # } # CUSTOM_CONFIG_A = { # 'varable1': 'value1', # 'varable2': 'value2', # } default['openstack']['dashboard']['misc_local_settings'] = nil