Add default_domain config option.

This commit adds the default-domain config option to limit
the login page to only the specifed domain. For use with a single
domain environment where users are only given a login.

When considering a single domain usecase for users (admin_domain for
administration, then example_domain for all other users), it would
be handy for users not to input their domain name, but only username
and password to login.

By setting two lines below, we can create a separate dashboard instance
for non-admin users only.

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT=False
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN=example_domain

However, the current local_settings.py template does not allow that.

This change adds the 'default-domain' configuration option which modifies
local_policy.py to set the two configuration flags outlined in the bug.
If the config option is not set the charm will behave as before, enabling
the user to specify the domain at login.

This does no validation to ensure the domain exists, so it is up to the user
to supply a valid domain name.

Closes-Bug: 1712999
Change-Id: I316372ae305a4ba10e4d8ba047f23a317836b960

templates/ocata/local_settings.py

@@ -193,8 +193,8 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}"
 {% if api_version == "3" -%}
 OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v3" % OPENSTACK_HOST
 OPENSTACK_API_VERSIONS = { "identity": 3, }
-OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
-OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ admin_domain_id }}"
+OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = "{{ multi_domain }}"
+OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ default_domain or admin_domain_id }}"
 {% else -%}
 OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v2.0" % OPENSTACK_HOST
 {% endif -%}