openstack
/
cookbook-openstack-dashboard
Code Issues Proposed changes
RETIRED, Chef Cookbook - OpenStack Dashboard
361 Commits 6 Branches 14 Tags 2.8 MiB
Go to file
Mark Vanderwiel 0fe72f1fcf OSSN-0039 Prevent POODLE attacks 
Allow SSL protocol attribute, default to only TLS.
Backport of Original Change-Id: I58758e99ea1256aeefff27d441b0a527169829b5
to stable/havana

Change-Id: I8feeae6fd19a8b0d9206178baccb75f84a89d419
Closes-Bug: #1384438
 		2014-11-19 15:16:35 -06:00
attributes OSSN-0039 Prevent POODLE attacks 2014-11-19 15:16:35 -06:00
files/default changing css 2012-11-08 17:25:54 -06:00
recipes Use the library method auth_uri_transform. 2014-03-14 23:12:28 +08:00
spec OSSN-0039 Prevent POODLE attacks 2014-11-19 15:16:35 -06:00
templates/default OSSN-0039 Prevent POODLE attacks 2014-11-19 15:16:35 -06:00
.gitignore Adding Berksfile.lock for stable branch 2014-03-27 12:52:32 -05:00
.gitreview Adding Berksfile.lock for stable branch 2014-03-27 12:52:32 -05:00
.rubocop.yml Disable the NumericLiterals cop for rubocop 2014-02-25 17:50:40 +00:00
Berksfile Adding Berksfile.lock for stable branch 2014-03-27 12:52:32 -05:00
Berksfile.lock Adding Berksfile.lock for stable branch 2014-03-27 12:52:32 -05:00
CHANGELOG.md OSSN-0039 Prevent POODLE attacks 2014-11-19 15:16:35 -06:00
Gemfile Updating Berks to 2.0.18 2014-07-09 12:58:10 -05:00
Gemfile.lock Updating Berks to 2.0.18 2014-07-09 12:58:10 -05:00
README.md Updating Berks to 2.0.18 2014-07-09 12:58:10 -05:00
Strainerfile Updating Berks to 2.0.18 2014-07-09 12:58:10 -05:00
TESTING.md Filling out initial rubocop support. 2014-01-08 17:06:06 -06:00
metadata.rb OSSN-0039 Prevent POODLE attacks 2014-11-19 15:16:35 -06:00

README.md

Description

Installs the OpenStack Dashboard service Horizon as part of the OpenStack reference deployment Chef for OpenStack. The http://github.com/mattray/chef-openstack-repo contains documentation for using this cookbook in the context of a full OpenStack deployment. Horizon is currently installed from packages. This version is for deploying the 'Havana' release, the 'master' branch is currently working on the 'Icehouse' release.

http://horizon.openstack.org

Requirements

  • Chef 11 or higher is required.

Cookbooks

The following cookbooks are dependencies:

  • apache2
  • openstack-common

Usage

server

Sets up the Horizon dashboard within an Apache mod_wsgi container.

"run_list": [
    "recipe[openstack-dashboard::server]"
]

Attributes

  • openstack["dashboard"]["db"]["username"] - username for horizon database access
  • openstack["dashboard"]["server_hostname"] - sets the ServerName in the Apache config.
  • openstack["dashboard"]["use_ssl"] - toggle for using ssl with dashboard (default true)
  • openstack["dashboard"]["ssl"]["dir"] - directory where ssl certs are stored on this system
  • openstack["dashboard"]["ssl"]["cert"] - name to use when creating the ssl certificate
  • openstack["dashboard"]["ssl"]["key"] - name to use when creating the ssl key
  • openstack["dashboard"]["dash_path"] - base path for dashboard files (document root)
  • openstack["dashboard"]["wsgi_path"] - path for wsgi dir
  • openstack["dashboard"]["wsgi_socket_prefix"] - Location that will override the standard Apache runtime directory
  • openstack["dashboard"]["ssl_offload"] - Set SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') flag for offloading SSL
  • openstack["dashboard"]["plugins"] - Array of plugins to include via INSTALED_APPS
  • openstack["dashboard"]["simple_ip_management"] - Boolean to enable or disable simplified floating IP address management TODO: Add DB2 support on other platforms
  • openstack["dashboard"]["platform"]["db2_python_packages"] - Array of DB2 python packages, only available on redhat platform
  • openstack['openstack']['dashboard']['http_port'] - Port that httpd should listen on. Default is 80.
  • openstack['openstack']['dashboard']['https_port'] - Port that httpd should listen on for using ssl. Default is 443.

Testing

Please refer to the TESTING.md for instructions for testing the cookbook.

Berkshelf

Berks will resolve version requirements and dependencies on first run and store these in Berksfile.lock. If new cookbooks become available you can run berks update to update the references in Berksfile.lock. Berksfile.lock will be included in stable branches to provide a known good set of dependencies. Berksfile.lock will not be included in development branches to encourage development against the latest cookbooks.

License and Author
Author Justin Shepherd (justin.shepherd@rackspace.com)
Author Jason Cannavale (jason.cannavale@rackspace.com)
Author Ron Pedde (ron.pedde@rackspace.com)
Author Joseph Breu (joseph.breu@rackspace.com)
Author William Kelly (william.kelly@rackspace.com)
Author Darren Birkett (darren.birkett@rackspace.co.uk)
Author Evan Callicoat (evan.callicoat@rackspace.com)
Author Jay Pipes (jaypipes@att.com)
Author John Dewey (jdewey@att.com)
Author Matt Ray (matt@getchef.com)
Author Sean Gallagher (sean.gallagher@att.com)
Author Chen Zhiwei (zhiwchen@cn.ibm.com)
Author Jian Hua Geng (gengjh@cn.ibm.com)
Author Ionut Artarisi (iartarisi@suse.cz)
Author Eric Zhou (iartarisi@suse.cz)
Copyright Copyright (c) 2012, Rackspace US, Inc.
Copyright Copyright (c) 2012-2013, AT&T Services, Inc.
Copyright Copyright (c) 2013-2014, Chef Software, Inc.
Copyright Copyright (c) 2013-2014, IBM, Corp.
Copyright Copyright (c) 2013-2014, SUSE Linux GmbH.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.