cookbook-openstack-identity/templates/default/wsgi-keystone.conf.erb

<%= node['openstack']['identity']['custom_template_banner'] %>

<VirtualHost <%= @server_host %>:<%= @server_port %>>
    WSGIDaemonProcess identity processes=5 threads=1 user=<%= @user %> group=<%= @group %> display-name=%{GROUP}
    WSGIProcessGroup identity
    WSGIScriptAlias / <%= @server_entry %>
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On

    ErrorLogFormat "%{cu}t %M"
    ErrorLog <%= @log_dir %>/identity.log
    CustomLog <%= @log_dir %>/identity_access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
    <% if node['openstack']['identity']['ssl']['enabled'] -%>

    SSLEngine On
    SSLCertificateFile <%= node['openstack']['identity']['ssl']['certfile'] %>
    SSLCertificateKeyFile <%= node['openstack']['identity']['ssl']['keyfile'] %>
    SSLCACertificatePath <%= node['openstack']['identity']['ssl']['ca_certs_path'] %>
      <% if node['openstack']['identity']['ssl']['chainfile'] %>
    SSLCertificateChainFile <%= node['openstack']['identity']['ssl']['chainfile'] %>
      <% end -%>
    SSLProtocol <%= node['openstack']['identity']['ssl']['protocol'] %>
      <% if node['openstack']['identity']['ssl']['ciphers'] -%>
    SSLCipherSuite <%= node['openstack']['identity']['ssl']['ciphers'] %>
      <% end -%>
      <% if node['openstack']['identity']['ssl']['cert_required'] -%>
    SSLVerifyClient require
      <% end -%>
    <% end -%>
</VirtualHost>

WSGISocketPrefix <%= @run_dir %>