Set auth_uri in keystone_authtoken config section

The auth_uri option will be sent to the user when an unauthenticated
request is made. It should contain the unversioned public identity
endpoint [1].

[1] https://adam.younglogic.com/2016/06/auth_uri-vs-auth_url/
This commit is contained in:
Jens Harbott 2017-09-05 12:47:30 +00:00
parent b5828b9644
commit ff4dc4f05b
1 changed files with 4 additions and 2 deletions

View File

@ -68,18 +68,20 @@ end
db_user = node['openstack']['db']['dns']['username']
db_pass = get_password 'db', 'designate'
public_identity_endpoint = public_endpoint 'identity'
identity_endpoint = internal_endpoint 'identity'
bind_services = node['openstack']['bind_service']['all']
api_bind = bind_services['dns-api']
auth_uri = auth_uri_transform identity_endpoint.to_s, node['openstack']['dns']['api']['auth']['version']
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['dns']['api']['auth']['version']
# define attributes that are needed in designate.conf
node.default['openstack']['dns']['conf'].tap do |conf|
conf['service:api']['api_host'] = bind_address api_bind
conf['service:api']['api_port'] = api_bind.port
conf['keystone_authtoken']['auth_url'] = auth_uri
conf['keystone_authtoken']['auth_uri'] = public_identity_endpoint
conf['keystone_authtoken']['auth_url'] = auth_url
end
# define secrets that are needed in designate.conf