summaryrefslogtreecommitdiffstats
path: root/manifests/profile/base/keystone.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/profile/base/keystone.pp')
-rw-r--r--manifests/profile/base/keystone.pp40
1 files changed, 6 insertions, 34 deletions
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp
index 9617c11..d8c8e24 100644
--- a/manifests/profile/base/keystone.pp
+++ b/manifests/profile/base/keystone.pp
@@ -18,22 +18,22 @@
#
# === Parameters
#
-# [*manage_db_purge*]
-# (Optional) Whether keystone token flushing should be enabled
-# Defaults to hiera('keystone_enable_db_purge', true)
-#
# [*bootstrap_node*]
# (Optional) The hostname of the node responsible for bootstrapping tasks
# Defaults to hiera('bootstrap_nodeid')
#
+# [*manage_db_purge*]
+# (Optional) Whether keystone token flushing should be enabled
+# Defaults to hiera('keystone_enable_db_purge', true)
+#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
# Defaults to hiera('step')
-
+#
class tripleo::profile::base::keystone (
- $manage_db_purge = hiera('keystone_enable_db_purge', true),
$bootstrap_node = hiera('bootstrap_nodeid', undef),
+ $manage_db_purge = hiera('keystone_enable_db_purge', true),
$step = hiera('step'),
) {
if $::hostname == downcase($bootstrap_node) {
@@ -67,34 +67,6 @@ class tripleo::profile::base::keystone (
include ::keystone::endpoint
}
- #TODO: need a cleanup-keystone-tokens.sh solution here
- file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]:
- ensure => 'directory',
- owner => 'keystone',
- group => 'keystone',
- require => Package['keystone'],
- }
- file { '/etc/keystone/ssl/certs/signing_cert.pem':
- content => hiera('keystone_signing_certificate'),
- owner => 'keystone',
- group => 'keystone',
- notify => Service[$::apache::params::service_name],
- require => File['/etc/keystone/ssl/certs'],
- }
- file { '/etc/keystone/ssl/private/signing_key.pem':
- content => hiera('keystone_signing_key'),
- owner => 'keystone',
- group => 'keystone',
- notify => Service[$::apache::params::service_name],
- require => File['/etc/keystone/ssl/private'],
- }
- file { '/etc/keystone/ssl/certs/ca.pem':
- content => hiera('keystone_ca_certificate'),
- owner => 'keystone',
- group => 'keystone',
- notify => Service[$::apache::params::service_name],
- require => File['/etc/keystone/ssl/certs'],
- }
}
if $step >= 5 and $manage_db_purge {