[DEFAULT]
verbose = True
debug = False
use_syslog = False

log_file = /var/log/heat/heat.log

stack_domain_admin_password = {{ stack_domain_admin_password }}
stack_domain_admin = {{ stack_domain_admin }}
stack_user_domain = {{ stack_user_domain }}
deferred_auth_method = {{ deferred_auth_method }}

auth_encryption_key = {{ auth_encryption_key }}

heat_watch_server_url = {{ heat_watch_server_url }}
heat_waitcondition_server_url = {{ heat_waitcondition_server_url }}
heat_metadata_server_url = {{ heat_metadata_server_url }}


## RPC Backend
rpc_backend = {{ rpc_backend }}
rpc_thread_pool_size = {{ rpc_thread_pool_size }}
rpc_conn_pool_size = {{ rpc_conn_pool_size }}
rpc_response_timeout = {{ rpc_response_timeout }}
rpc_cast_timeout = {{ rpc_cast_timeout }}


## RabbitMQ

rabbit_hosts = {{ rabbit_hosts }}

rabbit_port = {{ rabbit_port }}
rabbit_use_ssl = {{ rabbit_use_ssl }}
rabbit_userid = {{ rabbit_userid }}
rabbit_password = {{ rabbit_password }}
rabbit_virtual_host = {{ rabbit_virtual_host }}

[clients]
endpoint_type = internalURL

[clients_ceilometer]
endpoint_type = internalURL

[clients_cinder]
endpoint_type = internalURL

[clients_heat]
endpoint_type = internalURL

[clients_keystone]
endpoint_type = internalURL

[clients_neutron]
endpoint_type = internalURL

[clients_nova]
endpoint_type = internalURL

[clients_swift]
endpoint_type = internalURL

[clients_trove]
endpoint_type = internalURL

[database]
connection = mysql://{{ container_mysql_user }}:{{ container_mysql_password }}@{{ mysql_address }}/{{ container_database }}?charset=utf8

[ec2authtoken]
auth_uri = {{ auth_identity_uri }}

[heat_api]
bind_port = 8004

[heat_api_cfn]
bind_port = 8000

[heat_api_cloudwatch]
bind_port = 8003

[keystone_authtoken]
signing_dir = /var/cache/heat
identity_uri = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}
auth_uri = {{ auth_identity_uri }}
admin_tenant_name = {{ service_admin_tenant_name }}
admin_user = {{ service_admin_username }}
admin_password = {{ service_admin_password }}

memcached_servers = {{ internal_vip_address }}:{{ memcached_port }}
token_cache_time = 300
revocation_cache_time = 60

# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_secret_key }}

# if your keystone deployment uses PKI, and you value security over performance:
check_revocations_for_cached = {{ hostvars[groups['keystone_all'][0]]['keystone_use_pki'] }}