summaryrefslogtreecommitdiffstats
path: root/keystone-moon/debian/keystone.config.in
blob: c0b790263938ecc1b5b5fc8fdb978ee1d069e80e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
#!/bin/sh

set -e

. /usr/share/debconf/confmodule
KEY_CONF=/etc/keystone/keystone.conf

#PKGOS-INCLUDE#

prompt_initial_keystone_admins () {
	local have_pass
	db_input medium keystone/admin-user || true
	db_input medium keystone/admin-email || true
	db_input high keystone/admin-password || true
	db_input high keystone/admin-password-confirm || true
	db_input medium keystone/admin-role-name || true
	db_input medium keystone/admin-tenant-name || true
	db_go

	# Loop until passwords match
	have_pass=false
	while [ "$have_pass" != "true" ] ; do
		db_get keystone/admin-password || true
		p1=$RET
		db_get keystone/admin-password-confirm || true
		p2=$RET
		if [ -n "$p1" ] && [ "$p1" = "$p2" ] ; then
			have_pass=true
			continue
		fi

		# If we didn't see the screen yet, it means that
		# we are running in non-interactive mode, so we generate
		# a password randomly.
		db_fget keystone/admin-password seen || true
		if [ "$RET" != "true" ] ; then
			p=$(pkgos_gen_pass)
			db_set keystone/admin-password $p
			db_set keystone/admin-password-confirm $p
			have_pass=true
			continue
		fi

		db_reset keystone/admin-password
		db_fset keystone/admin-password seen false
		db_reset keystone/admin-password-confirm
		db_fset keystone/admin-password-confirm seen false

		db_input high keystone/passwords-do-not-match || true
		db_input high keystone/admin-password || true
		db_input high keystone/admin-password-confirm || true
		db_go || true
	done
}

keystone_create_endpoint_config () {
	local DEFAULT_GW_IF
	db_input high keystone/register-endpoint || true
	db_go
	db_get keystone/register-endpoint
	if [ "${RET}" = "true" ] ; then
		# Find the IP address of the interface used to connect to the default gateway
		# then if it's a valid IP address, we set this as a default value for
		# the keystone endpoint.
		db_get keystone/endpoint-ip
		IP=${RET}
		if [ -z "${IP}" ] ; then
			DEFROUTE_IF=`LC_ALL=C /sbin/route | grep default |awk -- '{ print $8 }' | cut -d" " -f1`
			if [ -n "${DEFROUTE_IF}" ] ; then
				DEFROUTE_IP=`LC_ALL=C ip addr show "${DEFROUTE_IF}" | grep inet | head -n 1 | awk '{print $2}' | cut -d/ -f1 | grep -E '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'`
				if [ -n "${DEFROUTE_IP}" ] ; then
					db_set keystone/endpoint-ip ${DEFROUTE_IP}
				fi
			fi
		fi
		db_input high keystone/endpoint-ip || true
		db_input medium keystone/region-name || true
		db_go
	fi
}

pkgos_var_user_group keystone
pkgos_dbc_read_conf -pkg keystone ${KEY_CONF} database connection keystone $@
pkgos_read_config ${KEY_CONF} DEFAULT admin_token keystone/auth-token
db_input high keystone/create-admin-tenant || true
db_go || true
db_get keystone/create-admin-tenant
if [ "${RET}" = "true" ] ; then
	prompt_initial_keystone_admins
fi
keystone_create_endpoint_config

exit 0