X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=3rdparty%2Fmodules%2Fkeystone%2Fmanifests%2Froles%2Fadmin.pp;fp=3rdparty%2Fmodules%2Fkeystone%2Fmanifests%2Froles%2Fadmin.pp;h=4fd5e097040b9b89fdc1d457c4c023897f0c69c7;hb=4631045ebb77ee8622f6fa09277a50c372bcc02e;hp=0000000000000000000000000000000000000000;hpb=3d4dc4fd9e59bd0e07646c99f6b356c7d9d859aa;p=dsa-puppet.git

diff --git a/3rdparty/modules/keystone/manifests/roles/admin.pp b/3rdparty/modules/keystone/manifests/roles/admin.pp
new file mode 100644
index 00000000..4fd5e097
--- /dev/null
+++ b/3rdparty/modules/keystone/manifests/roles/admin.pp
@@ -0,0 +1,80 @@
+#
+# This class implements some reasonable admin defaults for keystone.
+#
+# It creates the following keystone objects:
+#   * service tenant (tenant used by all service users)
+#   * "admin" tenant (defaults to "openstack")
+#   * admin user (that defaults to the "admin" tenant)
+#   * admin role
+#   * adds admin role to admin user on the "admin" tenant
+#
+# [*Parameters*]
+#
+# [email] The email address for the admin. Required.
+# [password] The admin password. Required.
+# [admin_roles] The list of the roles with admin privileges. Optional. Defaults to ['admin'].
+# [admin_tenant] The name of the tenant to be used for admin privileges. Optional. Defaults to openstack.
+# [admin] Admin user. Optional. Defaults to admin.
+# [ignore_default_tenant] Ignore setting the default tenant value when the user is created. Optional. Defaults to false.
+# [admin_tenant_desc] Optional. Description for admin tenant, defaults to 'admin tenant'
+# [service_tenant_desc] Optional. Description for admin tenant, defaults to 'Tenant for the openstack services'
+# [configure_user] Optional. Should the admin user be created? Defaults to 'true'.
+# [configure_user_role] Optional. Should the admin role be configured for the admin user? Defaulst to 'true'.
+#
+# == Dependencies
+# == Examples
+# == Authors
+#
+#   Dan Bode dan@puppetlabs.com
+#
+# == Copyright
+#
+# Copyright 2012 Puppetlabs Inc, unless otherwise noted.
+#
+class keystone::roles::admin(
+  $email,
+  $password,
+  $admin                  = 'admin',
+  $admin_tenant           = 'openstack',
+  $admin_roles            = ['admin'],
+  $service_tenant         = 'services',
+  $ignore_default_tenant  = false,
+  $admin_tenant_desc      = 'admin tenant',
+  $service_tenant_desc    = 'Tenant for the openstack services',
+  $configure_user         = true,
+  $configure_user_role    = true,
+) {
+
+  keystone_tenant { $service_tenant:
+    ensure      => present,
+    enabled     => true,
+    description => $service_tenant_desc,
+  }
+  keystone_tenant { $admin_tenant:
+    ensure      => present,
+    enabled     => true,
+    description => $admin_tenant_desc,
+  }
+  keystone_role { 'admin':
+    ensure => present,
+  }
+
+  if $configure_user {
+    keystone_user { $admin:
+      ensure                => present,
+      enabled               => true,
+      tenant                => $admin_tenant,
+      email                 => $email,
+      password              => $password,
+      ignore_default_tenant => $ignore_default_tenant,
+    }
+  }
+
+  if $configure_user_role {
+    keystone_user_role { "${admin}@${admin_tenant}":
+      ensure => present,
+      roles  => $admin_roles,
+    }
+  }
+
+}