1 files changed, 93 insertions, 0 deletions

diff --git a/keystone-moon/debian/keystone.config.in b/keystone-moon/debian/keystone.config.in
new file mode 100644
index 00000000..c0b79026
--- /dev/null
+++ b/keystone-moon/debian/keystone.config.in
@@ -0,0 +1,93 @@
+#!/bin/sh
+
+set -e
+
+. /usr/share/debconf/confmodule
+KEY_CONF=/etc/keystone/keystone.conf
+
+#PKGOS-INCLUDE#
+
+prompt_initial_keystone_admins () {
+	local have_pass
+	db_input medium keystone/admin-user || true
+	db_input medium keystone/admin-email || true
+	db_input high keystone/admin-password || true
+	db_input high keystone/admin-password-confirm || true
+	db_input medium keystone/admin-role-name || true
+	db_input medium keystone/admin-tenant-name || true
+	db_go
+
+	# Loop until passwords match
+	have_pass=false
+	while [ "$have_pass" != "true" ] ; do
+		db_get keystone/admin-password || true
+		p1=$RET
+		db_get keystone/admin-password-confirm || true
+		p2=$RET
+		if [ -n "$p1" ] && [ "$p1" = "$p2" ] ; then
+			have_pass=true
+			continue
+		fi
+
+		# If we didn't see the screen yet, it means that
+		# we are running in non-interactive mode, so we generate
+		# a password randomly.
+		db_fget keystone/admin-password seen || true
+		if [ "$RET" != "true" ] ; then
+			p=$(pkgos_gen_pass)
+			db_set keystone/admin-password $p
+			db_set keystone/admin-password-confirm $p
+			have_pass=true
+			continue
+		fi
+
+		db_reset keystone/admin-password
+		db_fset keystone/admin-password seen false
+		db_reset keystone/admin-password-confirm
+		db_fset keystone/admin-password-confirm seen false
+
+		db_input high keystone/passwords-do-not-match || true
+		db_input high keystone/admin-password || true
+		db_input high keystone/admin-password-confirm || true
+		db_go || true
+	done
+}
+
+keystone_create_endpoint_config () {
+	local DEFAULT_GW_IF
+	db_input high keystone/register-endpoint || true
+	db_go
+	db_get keystone/register-endpoint
+	if [ "${RET}" = "true" ] ; then
+		# Find the IP address of the interface used to connect to the default gateway
+		# then if it's a valid IP address, we set this as a default value for
+		# the keystone endpoint.
+		db_get keystone/endpoint-ip
+		IP=${RET}
+		if [ -z "${IP}" ] ; then
+			DEFROUTE_IF=`LC_ALL=C /sbin/route | grep default |awk -- '{ print $8 }' | cut -d" " -f1`
+			if [ -n "${DEFROUTE_IF}" ] ; then
+				DEFROUTE_IP=`LC_ALL=C ip addr show "${DEFROUTE_IF}" | grep inet | head -n 1 | awk '{print $2}' | cut -d/ -f1 | grep -E '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'`
+				if [ -n "${DEFROUTE_IP}" ] ; then
+					db_set keystone/endpoint-ip ${DEFROUTE_IP}
+				fi
+			fi
+		fi
+		db_input high keystone/endpoint-ip || true
+		db_input medium keystone/region-name || true
+		db_go
+	fi
+}
+
+pkgos_var_user_group keystone
+pkgos_dbc_read_conf -pkg keystone ${KEY_CONF} database connection keystone $@
+pkgos_read_config ${KEY_CONF} DEFAULT admin_token keystone/auth-token
+db_input high keystone/create-admin-tenant || true
+db_go || true
+db_get keystone/create-admin-tenant
+if [ "${RET}" = "true" ] ; then
+	prompt_initial_keystone_admins
+fi
+keystone_create_endpoint_config
+
+exit 0