Browse Source

Set auth_uri in keystone_authtoken config section

The auth_uri option will be sent to the user when an unauthenticated
request is made. It should contain the unversioned public identity
endpoint [1].

[1] https://adam.younglogic.com/2016/06/auth_uri-vs-auth_url/
Jens Harbott 1 year ago
parent
commit
ff4dc4f05b
1 changed files with 4 additions and 2 deletions
  1. 4
    2
      recipes/common.rb

+ 4
- 2
recipes/common.rb View File

@@ -68,18 +68,20 @@ end
68 68
 db_user = node['openstack']['db']['dns']['username']
69 69
 db_pass = get_password 'db', 'designate'
70 70
 
71
+public_identity_endpoint = public_endpoint 'identity'
71 72
 identity_endpoint = internal_endpoint 'identity'
72 73
 
73 74
 bind_services = node['openstack']['bind_service']['all']
74 75
 api_bind = bind_services['dns-api']
75 76
 
76
-auth_uri = auth_uri_transform identity_endpoint.to_s, node['openstack']['dns']['api']['auth']['version']
77
+auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['dns']['api']['auth']['version']
77 78
 
78 79
 # define attributes that are needed in designate.conf
79 80
 node.default['openstack']['dns']['conf'].tap do |conf|
80 81
   conf['service:api']['api_host'] = bind_address api_bind
81 82
   conf['service:api']['api_port'] = api_bind.port
82
-  conf['keystone_authtoken']['auth_url'] = auth_uri
83
+  conf['keystone_authtoken']['auth_uri'] = public_identity_endpoint
84
+  conf['keystone_authtoken']['auth_url'] = auth_url
83 85
 end
84 86
 
85 87
 # define secrets that are needed in designate.conf

Loading…
Cancel
Save