From 01c3a799eaa0ce9e9a465c78da4b2897a49db934 Mon Sep 17 00:00:00 2001
From: Martin Zobel-Helas <zobel@debian.org>
Date: Wed, 1 Jul 2015 19:43:52 +0000
Subject: [PATCH] make oyens a keystone host

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
---
 modules/roles/manifests/keystone.pp | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/modules/roles/manifests/keystone.pp b/modules/roles/manifests/keystone.pp
index 78e06925..92642b34 100644
--- a/modules/roles/manifests/keystone.pp
+++ b/modules/roles/manifests/keystone.pp
@@ -1,4 +1,31 @@
 class roles::keystone {
+
+	$keystone_postgres_password = hkdf('/etc/puppet/secret', "openstack-keystone")
+
+	class { 'keystone':
+		verbose        => true,
+		debug          => true,
+		sql_connection => 'postgresql://keystone:$keystone_postgres_password@bmdb1.debian.org/keystone',
+		catalog_type   => 'sql',
+		admin_token    => 'admin_token',
+		enabled        => false,
+	}
+	class { 'keystone::roles::admin':
+		email    => 'test@puppetlabs.com',
+		password => 'ChangeMe',
+	}
+	class { 'keystone::endpoint':
+		public_url => "https://${::fqdn}:5000/",
+		admin_url  => "https://${::fqdn}:35357/",
+	}
+
+	keystone_config { 'ssl/enable': value => true }
+
+	include apache
+	class { 'keystone::wsgi::apache':
+		ssl => true
+	}
+
 	ssl::service { 'openstack.bm.debian.org':
 		notify => Service['apache2'],
 	}
-- 
2.39.2