From 52902434cdd2afea73eeb8101f1ca1953058432e Mon Sep 17 00:00:00 2001 From: Lars Kellogg-Stedman Date: Wed, 13 Jun 2018 12:35:20 -0400 Subject: [PATCH] add support for keystone federation This adds the Apache mod_auth_openidc and mod_auth_mellon packages to the Keystone container to support Keystone federation (as described in https://docs.openstack.org/keystone/9.3.0/configure_federation.html) Change-Id: Ia32176eb33737e6f7425bd5e63b4f95eb595cd5f --- docker/keystone/keystone-base/Dockerfile.j2 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docker/keystone/keystone-base/Dockerfile.j2 b/docker/keystone/keystone-base/Dockerfile.j2 index d22c01b76e..9d65a3cd7c 100644 --- a/docker/keystone/keystone-base/Dockerfile.j2 +++ b/docker/keystone/keystone-base/Dockerfile.j2 @@ -11,6 +11,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %} {% set keystone_base_packages = [ 'httpd', + 'mod_auth_mellon', + 'mod_auth_openidc', 'mod_ssl', 'mod_wsgi', 'openstack-keystone', @@ -29,6 +31,8 @@ RUN mkdir -p /var/www/cgi-bin/keystone \ {% set keystone_base_packages = [ 'apache2', 'keystone', + 'libapache2-mod-auth-mellon', + 'libapache2-mod-auth-openidc', 'libapache2-mod-wsgi', 'python-ldappool' ] %} @@ -45,6 +49,8 @@ RUN mkdir -p /var/www/cgi-bin/keystone \ {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %} {% set keystone_base_packages = [ 'httpd', + 'mod_auth_mellon', + 'mod_auth_openidc', 'mod_ssl', 'mod_wsgi', 'python-ldappool' @@ -56,6 +62,8 @@ RUN sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf \ {% elif base_distro in ['debian', 'ubuntu'] %} {% set keystone_base_packages = [ 'apache2', + 'libapache2-mod-auth-mellon', + 'libapache2-mod-auth-openidc', 'libapache2-mod-wsgi', 'python-ldappool' ] %}