diff options
Diffstat (limited to 'manifests/profile/base/keystone.pp')
-rw-r--r-- | manifests/profile/base/keystone.pp | 40 |
1 files changed, 6 insertions, 34 deletions
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index 9617c11..d8c8e24 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -18,22 +18,22 @@ # # === Parameters # -# [*manage_db_purge*] -# (Optional) Whether keystone token flushing should be enabled -# Defaults to hiera('keystone_enable_db_purge', true) -# # [*bootstrap_node*] # (Optional) The hostname of the node responsible for bootstrapping tasks # Defaults to hiera('bootstrap_nodeid') # +# [*manage_db_purge*] +# (Optional) Whether keystone token flushing should be enabled +# Defaults to hiera('keystone_enable_db_purge', true) +# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. # Defaults to hiera('step') - +# class tripleo::profile::base::keystone ( - $manage_db_purge = hiera('keystone_enable_db_purge', true), $bootstrap_node = hiera('bootstrap_nodeid', undef), + $manage_db_purge = hiera('keystone_enable_db_purge', true), $step = hiera('step'), ) { if $::hostname == downcase($bootstrap_node) { @@ -67,34 +67,6 @@ class tripleo::profile::base::keystone ( include ::keystone::endpoint } - #TODO: need a cleanup-keystone-tokens.sh solution here - file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]: - ensure => 'directory', - owner => 'keystone', - group => 'keystone', - require => Package['keystone'], - } - file { '/etc/keystone/ssl/certs/signing_cert.pem': - content => hiera('keystone_signing_certificate'), - owner => 'keystone', - group => 'keystone', - notify => Service[$::apache::params::service_name], - require => File['/etc/keystone/ssl/certs'], - } - file { '/etc/keystone/ssl/private/signing_key.pem': - content => hiera('keystone_signing_key'), - owner => 'keystone', - group => 'keystone', - notify => Service[$::apache::params::service_name], - require => File['/etc/keystone/ssl/private'], - } - file { '/etc/keystone/ssl/certs/ca.pem': - content => hiera('keystone_ca_certificate'), - owner => 'keystone', - group => 'keystone', - notify => Service[$::apache::params::service_name], - require => File['/etc/keystone/ssl/certs'], - } } if $step >= 5 and $manage_db_purge { |