f765f60e86
Incase we do *not* use keystone as an authentication mechanism, let the built-in authentication work with this charm. Without this change, the Swift authentication itself will work, but the X-Storage-URL header will point to the port the storage daemon listens on - which is not open in the firewall (70). This change instead forces the URL to be "the unit's public IP" with the default port (80), on which haproxy is listening, and will do the right thing. Change-Id: Ia2b12153eca3074392aad6dea6ee995990f15633 Signed-off-by: Christopher Glass <chris.glass@canonical.com>
60 lines
1.9 KiB
Plaintext
60 lines
1.9 KiB
Plaintext
[global]
|
|
{% if old_auth %}
|
|
auth supported = {{ auth_supported }}
|
|
{% else %}
|
|
auth cluster required = {{ auth_supported }}
|
|
auth service required = {{ auth_supported }}
|
|
auth client required = {{ auth_supported }}
|
|
{% endif %}
|
|
mon host = {{ mon_hosts }}
|
|
log to syslog = {{ use_syslog }}
|
|
err to syslog = {{ use_syslog }}
|
|
clog to syslog = {{ use_syslog }}
|
|
debug rgw = {{ loglevel }}/5
|
|
{% if ipv6 -%}
|
|
ms bind ipv6 = true
|
|
{% endif %}
|
|
{% if global -%}
|
|
# The following are user-provided options provided via the config-flags charm option.
|
|
# User-provided [global] section config
|
|
{% for key in global -%}
|
|
{{ key }} = {{ global[key] }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
|
|
[client.radosgw.gateway]
|
|
host = {{ hostname }}
|
|
rgw init timeout = 1200
|
|
keyring = /etc/ceph/keyring.rados.gateway
|
|
rgw socket path = /tmp/radosgw.sock
|
|
log file = /var/log/ceph/radosgw.log
|
|
rgw frontends = civetweb port={{ port }}
|
|
{% if auth_type == 'keystone' %}
|
|
rgw keystone url = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}/
|
|
{% if auth_keystone_v3_supported and api_version == '3' -%}
|
|
rgw keystone api version = 3
|
|
rgw keystone admin user = {{ admin_user }}
|
|
rgw keystone admin password = {{ admin_password }}
|
|
rgw keystone admin domain = {{ admin_domain_name }}
|
|
rgw keystone admin project = {{ admin_tenant_name }}
|
|
{% else -%}
|
|
rgw keystone admin token = {{ admin_token }}
|
|
{% endif -%}
|
|
rgw keystone accepted roles = {{ user_roles }}
|
|
rgw keystone token cache size = {{ cache_size }}
|
|
rgw keystone revocation interval = {{ revocation_check_interval }}
|
|
rgw s3 auth use keystone = true
|
|
{% if cms -%}
|
|
nss db path = /var/lib/ceph/nss
|
|
{% endif %}
|
|
{% else -%}
|
|
rgw swift url = http://{{ unit_public_ip }}
|
|
{% endif -%}
|
|
{% if client_radosgw_gateway -%}
|
|
# The following are user-provided options provided via the config-flags charm option.
|
|
# User-provided [client.radosgw.gateway] section config
|
|
{% for key in client_radosgw_gateway -%}
|
|
{{ key }} = {{ client_radosgw_gateway[key] }}
|
|
{% endfor %}
|
|
{% endif %}
|