Give arrays another try

[dsa-puppet.git] / modules / roles / manifests / keystone.pp

diff --git a/modules/roles/manifests/keystone.pp b/modules/roles/manifests/keystone.pp
index 9f27fb4bf8bfe3582162886672b0061268e2100b..600fbcb98c9f145ba819f9f60e454af93f885929 100644 (file)
--- a/modules/roles/manifests/keystone.pp
+++ b/modules/roles/manifests/keystone.pp
@@ -1,16 +1,18 @@
 class roles::keystone {
 
+       Exec { logoutput => 'on_failure' }
+
        include roles::openstack::params
 
        $keystone_dbpass = $roles::openstack::params::keystone_dbpass
        $admin_token     = $roles::openstack::params::admin_token
        $admin_pass      = $roles::openstack::params::admin_pass
-       $rabbit_pass      = $roles::openstack::params::rabbit_pass
+       $rabbit_pass     = $roles::openstack::params::rabbit_pass
 
        class { '::keystone':
                verbose             => true,
                debug               => true,
-               sql_connection      => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org/keystone",
+               database_connection => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org:5435/keystone",
                catalog_type        => 'sql',
                admin_token         => $admin_token,
                enabled             => false,
@@ -19,21 +21,28 @@ class roles::keystone {
                rabbit_password     => $rabbit_pass,
                rabbit_userid       => 'openstack',
                rabbit_virtual_host => '/keystone',
-               memcache_servers    => ['localhost'],
-       }
-       class { 'keystone::roles::admin':
-               email    => 'test@puppetlabs.com',
-               password => $admin_pass,
+               memcache_servers    => ['localhost:11211'],
+               cache_backend       => 'keystone.cache.memcache_pool',
+               admin_endpoint      => 'https://openstack.bm.debian.org:35357/',
+               validate_cacert     => '/etc/ssl/ca-debian/spi-cacert-2008.pem',
+               validate_service    => true,
+               enable_ssl          => true,
+               validate_auth_url   => 'https://openstack.bm.debian.org:35357/',
+               signing_cert_subject => '/C=US/ST=Unset/L=Unset/O=Unset/CN=openstack.bm.debian.org',
        }
-       class { 'keystone::endpoint':
-               public_url => "https://${::fqdn}:5000/",
-               admin_url  => "https://${::fqdn}:35357/",
+       #class { '::keystone::roles::admin':
+       #       email    => 'test@puppetlabs.com',
+       #       password => $admin_pass,
+       #}
+       class { '::keystone::endpoint':
+               public_url => 'https://openstack.bm.debian.org:5000/',
+               admin_url  => 'https://openstack.bm.debian.org:35357/',
        }
 
-       include apache
-       class { 'keystone::wsgi::apache':
+       include ::apache
+       class { '::keystone::wsgi::apache':
                ssl      => true,
-               ssl_cert => '/etc/ssl/debian/certs/openstack.bm.debian.org.crt-chained',
+               ssl_cert => '/etc/ssl/certs/openstack.bm.debian.org-chained.pem',
                ssl_key  => '/etc/ssl/private/openstack.bm.debian.org.key',
 
        }