diff --git a/meta/main.yml b/meta/main.yml index 08f5c4cc..056248eb 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -26,6 +26,11 @@ galaxy_info: - name: EL versions: - 7 + - name: opensuse + versions: + - 42.1 + - 42.2 + - 42.3 categories: - cloud - python diff --git a/tasks/keystone_apache.yml b/tasks/keystone_apache.yml index 4fce7956..915ee378 100644 --- a/tasks/keystone_apache.yml +++ b/tasks/keystone_apache.yml @@ -33,20 +33,14 @@ group: "{{ keystone_apache_default_log_grp }}" ## NOTE(cloudnull): -## Module enable/disable process is only functional on Debian based systems. +## Module enable/disable process is only functional on Debian and SUSE based systems. - name: Enable/disable apache2 modules apache2_module: name: "{{ item.name }}" state: "{{ item.state }}" - with_items: - - name: "ssl" - state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}" - - name: "shib2" - state: "{{ ( keystone_sp != {} ) | ternary('present', 'absent') }}" - - name: "proxy_http" - state: "present" + with_items: "{{ keystone_apache_modules }}" when: - - ansible_pkg_mgr == 'apt' + - ansible_pkg_mgr in ['apt', 'zypper'] notify: - Restart web server diff --git a/tasks/keystone_install.yml b/tasks/keystone_install.yml index 1bf1e080..037dd4b4 100644 --- a/tasks/keystone_install.yml +++ b/tasks/keystone_install.yml @@ -69,7 +69,7 @@ package: name: "{{ keystone_package_list }}" state: "{{ keystone_package_state }}" - update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}" + update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}" cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}" register: install_packages until: install_packages | success diff --git a/tasks/keystone_nginx.yml b/tasks/keystone_nginx.yml index 119bfa78..d06d1778 100644 --- a/tasks/keystone_nginx.yml +++ b/tasks/keystone_nginx.yml @@ -28,12 +28,19 @@ - name: Configure custom nginx log format lineinfile: - insertbefore: access_log + # NOTE(hwoarang) Not every nginx.conf file is the same + # so it's best if we just append new stuff after known starting blocks. + insertafter: http { dest: "/etc/nginx/nginx.conf" line: "log_format custom '{{ keystone_nginx_access_log_format_combined }} {{ keystone_nginx_access_log_format_extras }}';" notify: - Restart web server +- name: Ensure configuration directory exists + file: + path: "/etc/nginx/{{ keystone_nginx_conf_path }}" + state: directory + # Configure app - name: Configure virtual hosts template: diff --git a/vars/suse-42.yml b/vars/suse-42.yml new file mode 100644 index 00000000..4abc8de6 --- /dev/null +++ b/vars/suse-42.yml @@ -0,0 +1,93 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# Copyright 2017, SUSE LINUX GmbH. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +keystone_distro_packages: + - ca-certificates + - cronie + - cyrus-sasl-devel + - git-core + - libffi-devel + - libxml2-devel + - libxslt-devel + - openldap2 + - openldap2-devel + - openssl + - python-devel + - rsync + - which + +keystone_apache_distro_packages: + - apache2 + - apache2-utils + - apache2-mod_proxy_uwsgi + +keystone_mod_wsgi_distro_packages: + - apache2-mod_wsgi + +keystone_mod_proxy_uwsgi_distro_packages: + - apache2-mod_uwsgi + +keystone_nginx_distro_packages: + - nginx + +keystone_idp_distro_packages: + - xmlsec1 + +keystone_sp_distro_packages: + - shibboleth-sp + +keystone_developer_mode_distro_packages: + - patterns-openSUSE-devel_basis + +keystone_apache_default_sites: + - "/etc/apache2/conf.d/gitweb.conf" + +keystone_apache_conf: "/etc/apache2/httpd.conf" +keystone_apache_default_log_folder: "/var/log/apache2" +keystone_apache_default_log_owner: "root" +keystone_apache_default_log_grp: "root" +keystone_apache_security_conf: "{{ keystone_apache_conf }}" + +keystone_apache_configs: + - { src: "keystone-ports.conf.j2", dest: "/etc/apache2/conf.d/ports.conf" } + - { src: "keystone-httpd.conf.j2", dest: "/etc/apache2/conf.d/keystone-httpd.conf" } + - { src: "keystone-httpd-mpm.conf.j2", dest: "/etc/apache2/mod_{{ keystone_httpd_mpm_backend }}.conf" } + +keystone_apache_modules: + - name: "authz_host" + state: "present" + - name: "access_compat" + state: "present" + - name: "version" + state: "present" + - name: "ssl" + state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}" + - name: "shib2" + state: "{{ ( keystone_sp != {} ) | ternary('present', 'absent') }}" + - name: "proxy" + state: "present" + - name: "proxy_http" + state: "present" + - name: "proxy_fcgi" + state: "present" + - name: "proxy_wstunnel" + state: "present" + - name: "proxy_uwsgi" + state: "present" + +keystone_nginx_conf_path: 'conf.d' + +keystone_system_service_name: apache2 diff --git a/vars/ubuntu-16.04.yml b/vars/ubuntu-16.04.yml index 73edc33d..17de72b9 100644 --- a/vars/ubuntu-16.04.yml +++ b/vars/ubuntu-16.04.yml @@ -70,6 +70,14 @@ keystone_apache_configs: - { src: "keystone-httpd.conf.j2", dest: "/etc/apache2/sites-available/keystone-httpd.conf" } - { src: "keystone-httpd-mpm.conf.j2", dest: "/etc/apache2/mods-available/mpm_{{ keystone_httpd_mpm_backend }}.conf" } +keystone_apache_modules: + - name: "ssl" + state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}" + - name: "shib2" + state: "{{ ( keystone_sp != {} ) | ternary('present', 'absent') }}" + - name: "proxy_http" + state: "present" + keystone_nginx_conf_path: "sites-available" keystone_system_service_name: apache2