Add support for the openSUSE Leap distributions

Add support for the openSUSE Leap distributions. Additionally,
for openSUSE, we need to load some extra apache2 modules which are
not there by default.

Change-Id: Iac555cefa0a7a6ecf344761d54644fd3fa2443f9
This commit is contained in:
Markos Chandras 2017-07-04 10:11:05 +01:00
parent f375cac1f5
commit 8c1ebb02a9
6 changed files with 118 additions and 11 deletions

View File

@ -26,6 +26,11 @@ galaxy_info:
- name: EL
versions:
- 7
- name: opensuse
versions:
- 42.1
- 42.2
- 42.3
categories:
- cloud
- python

View File

@ -33,20 +33,14 @@
group: "{{ keystone_apache_default_log_grp }}"
## NOTE(cloudnull):
## Module enable/disable process is only functional on Debian based systems.
## Module enable/disable process is only functional on Debian and SUSE based systems.
- name: Enable/disable apache2 modules
apache2_module:
name: "{{ item.name }}"
state: "{{ item.state }}"
with_items:
- name: "ssl"
state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}"
- name: "shib2"
state: "{{ ( keystone_sp != {} ) | ternary('present', 'absent') }}"
- name: "proxy_http"
state: "present"
with_items: "{{ keystone_apache_modules }}"
when:
- ansible_pkg_mgr == 'apt'
- ansible_pkg_mgr in ['apt', 'zypper']
notify:
- Restart web server

View File

@ -69,7 +69,7 @@
package:
name: "{{ keystone_package_list }}"
state: "{{ keystone_package_state }}"
update_cache: "{{ (ansible_pkg_mgr == 'apt') | ternary('yes', omit) }}"
update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}"
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
register: install_packages
until: install_packages | success

View File

@ -28,12 +28,19 @@
- name: Configure custom nginx log format
lineinfile:
insertbefore: access_log
# NOTE(hwoarang) Not every nginx.conf file is the same
# so it's best if we just append new stuff after known starting blocks.
insertafter: http {
dest: "/etc/nginx/nginx.conf"
line: "log_format custom '{{ keystone_nginx_access_log_format_combined }} {{ keystone_nginx_access_log_format_extras }}';"
notify:
- Restart web server
- name: Ensure configuration directory exists
file:
path: "/etc/nginx/{{ keystone_nginx_conf_path }}"
state: directory
# Configure app
- name: Configure virtual hosts
template:

93
vars/suse-42.yml Normal file
View File

@ -0,0 +1,93 @@
---
# Copyright 2016, Rackspace US, Inc.
# Copyright 2017, SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
keystone_distro_packages:
- ca-certificates
- cronie
- cyrus-sasl-devel
- git-core
- libffi-devel
- libxml2-devel
- libxslt-devel
- openldap2
- openldap2-devel
- openssl
- python-devel
- rsync
- which
keystone_apache_distro_packages:
- apache2
- apache2-utils
- apache2-mod_proxy_uwsgi
keystone_mod_wsgi_distro_packages:
- apache2-mod_wsgi
keystone_mod_proxy_uwsgi_distro_packages:
- apache2-mod_uwsgi
keystone_nginx_distro_packages:
- nginx
keystone_idp_distro_packages:
- xmlsec1
keystone_sp_distro_packages:
- shibboleth-sp
keystone_developer_mode_distro_packages:
- patterns-openSUSE-devel_basis
keystone_apache_default_sites:
- "/etc/apache2/conf.d/gitweb.conf"
keystone_apache_conf: "/etc/apache2/httpd.conf"
keystone_apache_default_log_folder: "/var/log/apache2"
keystone_apache_default_log_owner: "root"
keystone_apache_default_log_grp: "root"
keystone_apache_security_conf: "{{ keystone_apache_conf }}"
keystone_apache_configs:
- { src: "keystone-ports.conf.j2", dest: "/etc/apache2/conf.d/ports.conf" }
- { src: "keystone-httpd.conf.j2", dest: "/etc/apache2/conf.d/keystone-httpd.conf" }
- { src: "keystone-httpd-mpm.conf.j2", dest: "/etc/apache2/mod_{{ keystone_httpd_mpm_backend }}.conf" }
keystone_apache_modules:
- name: "authz_host"
state: "present"
- name: "access_compat"
state: "present"
- name: "version"
state: "present"
- name: "ssl"
state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}"
- name: "shib2"
state: "{{ ( keystone_sp != {} ) | ternary('present', 'absent') }}"
- name: "proxy"
state: "present"
- name: "proxy_http"
state: "present"
- name: "proxy_fcgi"
state: "present"
- name: "proxy_wstunnel"
state: "present"
- name: "proxy_uwsgi"
state: "present"
keystone_nginx_conf_path: 'conf.d'
keystone_system_service_name: apache2

View File

@ -70,6 +70,14 @@ keystone_apache_configs:
- { src: "keystone-httpd.conf.j2", dest: "/etc/apache2/sites-available/keystone-httpd.conf" }
- { src: "keystone-httpd-mpm.conf.j2", dest: "/etc/apache2/mods-available/mpm_{{ keystone_httpd_mpm_backend }}.conf" }
keystone_apache_modules:
- name: "ssl"
state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}"
- name: "shib2"
state: "{{ ( keystone_sp != {} ) | ternary('present', 'absent') }}"
- name: "proxy_http"
state: "present"
keystone_nginx_conf_path: "sites-available"
keystone_system_service_name: apache2