Add support for ldap-config-flags
This commit is contained in:
parent
0aa41deb58
commit
541049a35f
|
@ -21,7 +21,7 @@ LDAP configuration is provided to this charm via configuration options:
|
|||
ldap-password="password" \
|
||||
ldap-suffix="dc=test,dc=com"
|
||||
|
||||
by default, the name of the application ('keystone-ldap') is the name of
|
||||
By default, the name of the application ('keystone-ldap') is the name of
|
||||
the domain for which a domain specific configuration will be configured;
|
||||
you can change this using the domain-name option:
|
||||
|
||||
|
@ -30,6 +30,15 @@ you can change this using the domain-name option:
|
|||
The keystone charm will automatically create a domain to support the backend
|
||||
once deployed.
|
||||
|
||||
Additional LDAP configuration options can be passed as a comma delimited
|
||||
string using the ldap-config-flags configuration option:
|
||||
|
||||
juju config keystone-ldap \
|
||||
ldap-config-flags="user_id_attribute=cn,user_name_attribute=cn"
|
||||
|
||||
This allows the LDAP configuration of the backend to be tailored to an
|
||||
individual LDAP configuration.
|
||||
|
||||
# Bugs
|
||||
|
||||
Please report bugs on [Launchpad](https://bugs.launchpad.net/charm-keystone-ldap/+filebug).
|
||||
|
|
|
@ -18,14 +18,24 @@ import charmhelpers.core.host as ch_host
|
|||
import charmhelpers.core.hookenv as hookenv
|
||||
|
||||
import charmhelpers.contrib.openstack.templating as os_templating
|
||||
import charmhelpers.contrib.openstack.utils as os_utils
|
||||
|
||||
import charms_openstack.charm
|
||||
import charms_openstack.adapters
|
||||
|
||||
|
||||
DOMAIN_CONF = "/etc/keystone/domains/keystone.{}.conf"
|
||||
KEYSTONE_CONF_TEMPLATE = "keystone.conf"
|
||||
|
||||
|
||||
class KeystoneLDAPConfigurationAdapter(charms_openstack.adapters.ConfigurationAdapter):
|
||||
'''Charm specific configuration adapter to deal with ldap config flag parsing'''
|
||||
|
||||
@property
|
||||
def ldap_options(self):
|
||||
return os_utils.config_flags_parser(hookenv.config('ldap-config-flags'))
|
||||
|
||||
|
||||
class KeystoneLDAPCharm(charms_openstack.charm.OpenStackCharm):
|
||||
|
||||
# Internal name of charm
|
||||
|
@ -40,6 +50,8 @@ class KeystoneLDAPCharm(charms_openstack.charm.OpenStackCharm):
|
|||
# List of packages to install for this charm
|
||||
packages = ['python-ldap', 'python-ldappool']
|
||||
|
||||
configuration_class = KeystoneLDAPConfigurationAdapter
|
||||
|
||||
@property
|
||||
def domain_name(self):
|
||||
"""Domain name for the running application
|
||||
|
|
|
@ -4,16 +4,6 @@ user = {{ options.ldap_user }}
|
|||
password = {{ options.ldap_password }}
|
||||
suffix = {{ options.ldap_suffix }}
|
||||
|
||||
user_id_attribute = cn
|
||||
user_name_attribute = sn
|
||||
|
||||
user_filter =
|
||||
group_filter =
|
||||
|
||||
debug_level = 4095
|
||||
|
||||
# TODO insert generat options via config
|
||||
|
||||
user_allow_create = {{ not options.ldap_readonly }}
|
||||
user_allow_update = {{ not options.ldap_readonly }}
|
||||
user_allow_delete = {{ not options.ldap_readonly }}
|
||||
|
@ -22,6 +12,13 @@ group_allow_create = {{ not options.ldap_readonly }}
|
|||
group_allow_update = {{ not options.ldap_readonly }}
|
||||
group_allow_delete = {{ not options.ldap_readonly }}
|
||||
|
||||
# User supplied configuration flags
|
||||
{% if options.ldap_options -%}
|
||||
{% for key, value in options.ldap_options.items() -%}
|
||||
{{ key }} = {{ value }}
|
||||
{% endfor -%}
|
||||
{% endif -%}
|
||||
|
||||
[identity]
|
||||
driver = ldap
|
||||
|
||||
|
|
Loading…
Reference in New Issue