diff options
author | RHE <rebirthmonkey@gmail.com> | 2017-11-24 13:54:26 +0100 |
---|---|---|
committer | RHE <rebirthmonkey@gmail.com> | 2017-11-24 13:54:26 +0100 |
commit | 920a49cfa055733d575282973e23558c33087a4a (patch) | |
tree | d371dab34efa5028600dad2e7ca58063626e7ba4 /keystone-moon/debian/keystone.postinst.in | |
parent | ef3eefca70d8abb4a00dafb9419ad32738e934b2 (diff) |
remove keystone-moon
Change-Id: I80d7c9b669f19d5f6607e162de8e0e55c2f80fdd
Signed-off-by: RHE <rebirthmonkey@gmail.com>
Diffstat (limited to 'keystone-moon/debian/keystone.postinst.in')
-rw-r--r-- | keystone-moon/debian/keystone.postinst.in | 189 |
1 files changed, 0 insertions, 189 deletions
diff --git a/keystone-moon/debian/keystone.postinst.in b/keystone-moon/debian/keystone.postinst.in deleted file mode 100644 index 3fd24fe6..00000000 --- a/keystone-moon/debian/keystone.postinst.in +++ /dev/null @@ -1,189 +0,0 @@ -#!/bin/sh - -set -e - -#PKGOS-INCLUDE# - -KEY_CONF=/etc/keystone/keystone.conf - -keystone_get_debconf_admin_credentials () { - db_get keystone/admin-user - ADMIN_USER_NAME=${RET:-admin} - db_get keystone/admin-password - ADMIN_USER_PW=${RET:-$(gen_password)} - db_get keystone/admin-email - ADMIN_USER_EMAIL=${RET:-root@localhost} - db_get keystone/admin-tenant-name - ADMIN_TENANT_NAME=${RET:-admin} - db_get keystone/admin-role-name - ADMIN_ROLE_NAME=${RET:-admin} - - # We export the retrived credentials for later use - export OS_PROJECT_DOMAIN_ID=default - export OS_USER_DOMAIN_ID=default - export OS_USERNAME=admin - export OS_PASSWORD=${ADMIN_USER_PW} - export OS_TENANT_NAME=${ADMIN_TENANT_NAME} - export OS_PROJECT_NAME=${ADMIN_TENANT_NAME} - export OS_AUTH_URL=http://127.0.0.1:35357/v3/ - export OS_IDENTITY_API_VERSION=3 - export OS_AUTH_VERSION=3 - export OS_PROJECT_DOMAIN_ID=default - export OS_USER_DOMAIN_ID=default - export OS_NO_CACHE=1 -} - -keystone_bootstrap_admin () { - # This is the new way to bootstrap the admin user of Keystone - # and we shouldn't use the admin auth token anymore. - export OS_BOOTSTRAP_USERNAME=${ADMIN_USER_NAME} - export OS_BOOTSTRAP_PROJECT_NAME=${ADMIN_TENANT_NAME} - export OS_BOOTSTRAP_PASSWORD=${ADMIN_USER_PW} - keystone-manage bootstrap -} - -keystone_create_admin_tenant () { - echo -n "Fixing-up: admin-project-desc " - openstack project set --description "Default Debian admin project" $ADMIN_TENANT_NAME - echo -n "service-project " - openstack project create --or-show service --description "Default Debian service project" >/dev/null - echo -n "default-admin-email " - openstack user set --description "Default Debian admin user" --email ${ADMIN_USER_EMAIL} --enable $ADMIN_USER_NAME - echo "...done!" - - # Note: heat_stack_owner is needed for heat to work, and Member ResellerAdmin - # are needed for swift auto account creation. - echo -n "Adding roles: " - for i in admin KeystoneAdmin KeystoneServiceAdmin heat_stack_owner Member ResellerAdmin ; do - echo -n "${i} " - openstack role create --or-show ${i} >/dev/null - openstack role add --project $ADMIN_TENANT_NAME --user $ADMIN_USER_NAME ${i} >/dev/null - done - echo "...done!" -} - -keystone_create_endpoint_postinst () { - local PKG_NAME - PKG_NAME=${1} - - db_get keystone/endpoint-ip - # Make sure a valid IP has been entered in Debconf. - KEYSTONE_ENDPOINT_IP=`echo ${RET} | egrep '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'` - if [ -n ${KEYSTONE_ENDPOINT_IP} ] ; then - db_get keystone/region-name - REGION_NAME=${RET} - if [ -n "${REGION_NAME}" ] ; then - NUM_LINES=$(OS_TOKEN=`openstack token issue -c id -f value` openstack service list --format=csv --os-url http://localhost:5000/v3 | q -d , -H 'SELECT ID FROM - WHERE `Type`="identity"' | wc -l) - if [ "${NUM_LINES}" = "0" ] ; then - echo -n "Setting-up: create-keystone-service " - OS_TOKEN=`openstack token issue -c id -f value` openstack service create --name=keystone --description="Keystone Identity Service" identity --os-url http://localhost:5000/v3 >/dev/null - echo -n "create-public-endpoint " - OS_TOKEN=`openstack token issue -c id -f value` openstack endpoint create --region "${REGION_NAME}" \ - keystone public http://${KEYSTONE_ENDPOINT_IP}:5000/v2.0 --os-url http://localhost:5000/v3 >/dev/null - echo -n "create-internal-endpoint " - OS_TOKEN=`openstack token issue -c id -f value` openstack endpoint create --region "${REGION_NAME}" \ - keystone internal http://${KEYSTONE_ENDPOINT_IP}:5000/v2.0 --os-url http://localhost:5000/v3 >/dev/null - echo -n "create-admin-endpoint " - OS_TOKEN=`openstack token issue -c id -f value` openstack endpoint create --region "${REGION_NAME}" \ - keystone admin http://${KEYSTONE_ENDPOINT_IP}:35357/v2.0 --os-url http://localhost:5000/v3 >/dev/null - echo "...done!" - else - echo -n "Keystone service already registered..." - fi - fi - fi -} - -if [ "$1" = "configure" ] ; then - . /usr/share/debconf/confmodule - . /usr/share/dbconfig-common/dpkg/postinst - - # Create user and group keystone, plus /var/log and /var/lib owned by it - # We need a bash shell so that keystone-manage pkg_setup works, and the - # Wheezy package doesn't have it, failing upgrades - pkgos_var_user_group keystone /bin/sh - # Make sure we have a folder to create certs, that isn't world readable - mkdir -p /etc/keystone/ssl/certs - chown keystone:keystone /etc/keystone/ssl/certs - chmod 750 /etc/keystone/ssl/certs - chown keystone:keystone /etc/keystone/ssl - chmod 750 /etc/keystone/ssl - - # Create keystone.conf if it's not there - pkgos_write_new_conf keystone keystone.conf - # Set the auth_token directive in in keystone.conf - db_get keystone/auth-token - AUTH_TOKEN=${RET} - if [ -z "${AUTH_TOKEN}" ] ; then - AUTH_TOKEN=`pkgos_gen_pass` - fi - pkgos_inifile set ${KEY_CONF} DEFAULT admin_token ${AUTH_TOKEN} - OSTACKCLI_PARAMS="--os-url=http://127.0.0.1:35357/v3/ --os-domain-name default --os-identity-api-version=3" - - # Make sure /var/log/keystone/keystone.log is owned by keystone - # BEFORE any keystone-manage calls. - chown -R keystone:keystone /var/log/keystone - - # Upgrade or create the db if directed to do so - db_get keystone/configure_db - if [ "$RET" = "true" ] ; then - # Configure the SQL connection of keystone.conf according to dbconfig-common - pkgos_dbc_postinst ${KEY_CONF} database connection keystone $@ - echo "Running su keystone -s /bin/sh -c 'keystone-manage --noverbose db_sync'..." - if [ "${PKGOS_VERBOSE}" = "yes" ] ; then - su keystone -s /bin/sh -c "keystone-manage --verbose db_sync" - else - su keystone -s /bin/sh -c "keystone-manage --noverbose db_sync" - fi - fi - - # Generate the ssl keys for keystone. - # It seems that starting it each time this script is launch - # isn't a problem. - #su keystone -s /bin/sh -c "keystone-manage pki_setup" - - # Activate the keystone.service - deb-systemd-helper unmask keystone.service >/dev/null || true - if deb-systemd-helper --quiet was-enabled keystone.service ; then - deb-systemd-helper enable keystone.service >/dev/null || true - else - deb-systemd-helper update-state keystone.service >/dev/null || true - fi - - # Setup init script and start keystone - pkgos_init keystone - - # On first install, create basics configuration and add roles - if [ -z "$2" ] ; then - echo -n "Sleeping 5 seconds to make sure the keystone daemon is up and running: 5..." - sleep 1 - echo -n "4..." - sleep 1 - echo -n "3..." - sleep 1 - echo -n "2..." - sleep 1 - echo -n "1..." - sleep 1 - echo "0" - db_get keystone/create-admin-tenant - if [ "$RET" = "true" ] ; then - keystone_get_debconf_admin_credentials - echo "===> Bootstraping tenants with 'keystone-manage bootstrap':" - keystone_get_debconf_admin_credentials - keystone_bootstrap_admin - db_get keystone/register-endpoint - if [ "$RET" = "true" ] ; then - echo "===> Registering keystone endpoint" - keystone_create_endpoint_postinst - fi - echo "===> Editing bootstraped tenants and adding default roles" - keystone_create_admin_tenant - - echo "done!" - fi - fi - db_stop -fi - -exit 0 |