From 439afaa6cd291f40fcdd7632ac611e28493e8793 Mon Sep 17 00:00:00 2001
From: Martin Zobel-Helas <zobel@handel.debian.org>
Date: Wed, 19 Aug 2015 15:53:03 +0000
Subject: [PATCH] try fixing config for openstack

Signed-off-by: Martin Zobel-Helas <zobel@handel.debian.org>
---
 modules/roles/manifests/keystone.pp | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/modules/roles/manifests/keystone.pp b/modules/roles/manifests/keystone.pp
index e265e541..600fbcb9 100644
--- a/modules/roles/manifests/keystone.pp
+++ b/modules/roles/manifests/keystone.pp
@@ -12,7 +12,7 @@ class roles::keystone {
 	class { '::keystone':
 		verbose             => true,
 		debug               => true,
-		sql_connection      => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org:5435/keystone",
+		database_connection => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org:5435/keystone",
 		catalog_type        => 'sql',
 		admin_token         => $admin_token,
 		enabled             => false,
@@ -24,22 +24,25 @@ class roles::keystone {
 		memcache_servers    => ['localhost:11211'],
 		cache_backend       => 'keystone.cache.memcache_pool',
 		admin_endpoint      => 'https://openstack.bm.debian.org:35357/',
-		validate_cacert     => '/etc/ssl/debian/certs/ca.crt',
+		validate_cacert     => '/etc/ssl/ca-debian/spi-cacert-2008.pem',
 		validate_service    => true,
+		enable_ssl          => true,
+		validate_auth_url   => 'https://openstack.bm.debian.org:35357/',
+		signing_cert_subject => '/C=US/ST=Unset/L=Unset/O=Unset/CN=openstack.bm.debian.org',
 	}
-	class { '::keystone::roles::admin':
-		email    => 'test@puppetlabs.com',
-		password => $admin_pass,
-	}
+	#class { '::keystone::roles::admin':
+	#	email    => 'test@puppetlabs.com',
+	#	password => $admin_pass,
+	#}
 	class { '::keystone::endpoint':
 		public_url => 'https://openstack.bm.debian.org:5000/',
 		admin_url  => 'https://openstack.bm.debian.org:35357/',
 	}
 
-	include apache
+	include ::apache
 	class { '::keystone::wsgi::apache':
 		ssl      => true,
-		ssl_cert => '/etc/ssl/debian/certs/openstack.bm.debian.org.crt-chained',
+		ssl_cert => '/etc/ssl/certs/openstack.bm.debian.org-chained.pem',
 		ssl_key  => '/etc/ssl/private/openstack.bm.debian.org.key',
 
 	}
-- 
2.39.5