Update local_settings.py to latest version

* Use local_settings.py.sample from Grizzly * Make sure latest template includes Puppet settings * Use @ notation for ERB template variables Fix Puppet 3.2 deprecation warnings (see Puppet #19058) * Add ability to disable memcached by setting the 'cache_server_ip' parameter to False. It will fallback to using local-memory caching. * Deprecate swift and quantum parameters. They have no effect. * Fix deprecated settings: * CACHE_BACKEND (replaced by CACHES in Grizzly) * Remove unused settings: * PROD (removed in Folsom) * USE_SSL (removed in Folsom) * SWIFT_ENABLED (removed in Essex) * QUANTUM_ENABLED (removed in Essex) Change-Id: I825a2fa73c941c4e244bc03f7d0477fff5816ea0
2013-06-29 20:00:57 -04:00 · 2013-06-29 20:00:57 -04:00 · c4ad058125
commit c4ad058125
parent 9c7add430a
3 changed files with 176 additions and 89 deletions
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -88,6 +88,14 @@ class horizon(
  include apache::mod::wsgi
  include apache

+  if $swift {
+    warning('swift parameter is deprecated and has no effect.')
+  }
+
+  if $quantum {
+    warning('quantum parameter is deprecated and has no effect.')
+  }
+
  # I am totally confused by this, I do not think it should be installed...
  if ($::osfamily == 'Debian') {
    package { 'node-less': }
@ -121,7 +129,7 @@ class horizon(

  file_line { 'horizon_redirect_rule':
    path    => $::horizon::params::httpd_config_file,
-    line    => "RedirectMatch permanent ^/$ $::horizon::params::root_url/",
+    line    => "RedirectMatch permanent ^/$ ${::horizon::params::root_url}/",
    require => Package['horizon'],
    notify  => Service[$::horizon::params::http_service]
  }
--- a/spec/classes/horizon_init_spec.rb
+++ b/spec/classes/horizon_init_spec.rb
@ -49,7 +49,7 @@ describe 'horizon' do
          'OPENSTACK_HOST = "127.0.0.1"',
          'OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST',
          'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"',
-          "    'can_set_mount_point': True",
+          "    'can_set_mount_point': True,",
          'API_RESULT_LIMIT = 1000'
        ])
      end
@ -76,7 +76,7 @@ describe 'horizon' do
          'OPENSTACK_HOST = "keystone.example.com"',
          'OPENSTACK_KEYSTONE_URL = "https://%s:4682/v2.0" % OPENSTACK_HOST',
          'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "SwiftOperator"',
-          "    'can_set_mount_point': False",
+          "    'can_set_mount_point': False,",
          'API_RESULT_LIMIT = 4682'
        ])
      end
--- a/templates/local_settings.py.erb
+++ b/templates/local_settings.py.erb
@ -2,28 +2,88 @@ import os

 from django.utils.translation import ugettext_lazy as _

-DEBUG = <%= django_debug %>
-TEMPLATE_DEBUG = DEBUG
-PROD = False
-USE_SSL = False
+from openstack_dashboard import exceptions

-# Note: You should change this value
-SECRET_KEY = '<%= secret_key %>'
+DEBUG = <%= @django_debug %>
+TEMPLATE_DEBUG = DEBUG
+
+# Set SSL proxy settings:
+# For Django 1.4+ pass this header from the proxy after terminating the SSL,
+# and don't forget to strip it from the client's request.
+# For more information see:
+# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header
+# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
+
+# If Horizon is being served through SSL, then uncomment the following two
+# settings to better secure the cookies from security exploits
+#CSRF_COOKIE_SECURE = True
+#SESSION_COOKIE_SECURE = True
+
+# Default OpenStack Dashboard configuration.
+HORIZON_CONFIG = {
+    'dashboards': ('project', 'admin', 'settings',),
+    'default_dashboard': 'project',
+    'user_home': 'openstack_dashboard.views.get_user_home',
+    'ajax_queue_limit': 10,
+    'auto_fade_alerts': {
+        'delay': 3000,
+        'fade_duration': 1500,
+        'types': ['alert-success', 'alert-info']
+    },
+    'help_url': "http://docs.openstack.org",
+    'exceptions': {'recoverable': exceptions.RECOVERABLE,
+                   'not_found': exceptions.NOT_FOUND,
+                   'unauthorized': exceptions.UNAUTHORIZED},
+}

 # Specify a regular expression to validate user passwords.
-# HORIZON_CONFIG = {
-#     "password_validator": {
-#         "regex": '.*',
-#         "help_text": _("Your password does not meet the requirements.")
-#     }
+# HORIZON_CONFIG["password_validator"] = {
+#     "regex": '.*',
+#     "help_text": _("Your password does not meet the requirements.")
 # }

+# Disable simplified floating IP address management for deployments with
+# multiple floating IP pools or complex network requirements.
+# HORIZON_CONFIG["simple_ip_management"] = False
+
+# Turn off browser autocompletion for the login form if so desired.
+# HORIZON_CONFIG["password_autocomplete"] = "off"
+
 LOCAL_PATH = os.path.dirname(os.path.abspath(__file__))

+# Set custom secret key:
+# You can either set it to a specific value or you can let horizion generate a
+# default secret key that is unique on this machine, e.i. regardless of the
+# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However, there
+# may be situations where you would want to set this explicitly, e.g. when
+# multiple dashboard instances are distributed on different machines (usually
+# behind a load-balancer). Either you have to make sure that a session gets all
+# requests routed to the same dashboard instance or you set the same SECRET_KEY
+# for all of them.
+# from horizon.utils import secret_key
+# SECRET_KEY = secret_key.generate_or_read_from_file(os.path.join(LOCAL_PATH, '.secret_key_store'))
+SECRET_KEY = '<%= @secret_key %>'
+
 # We recommend you use memcached for development; otherwise after every reload
 # of the django development server, you will have to login again. To use
-# memcached set CACHE_BACKED to something like 'memcached://127.0.0.1:11211/'
-CACHE_BACKEND = 'memcached://<%= cache_server_ip %>:<%= cache_server_port %>/'
+# memcached set CACHES to something like
+# CACHES = {
+#    'default': {
+#        'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache',
+#        'LOCATION' : '127.0.0.1:11211',
+#    }
+#}
+
+CACHES = {
+    'default': {
+        <% if @cache_server_ip %>
+        'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
+        'LOCATION': '<%= @cache_server_ip %>:<%= @cache_server_port %>',
+        <% else %>
+        'BACKEND': 'django.core.cache.backends.locmem.LocMemCache'
+        <% end %>
+    }
+}

 # Send email to the console by default
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
@ -42,9 +102,12 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
 #     ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
 # ]

-OPENSTACK_HOST = "<%= keystone_host %>"
-OPENSTACK_KEYSTONE_URL = "<%= keystone_scheme %>://%s:<%= keystone_port %>/v2.0" % OPENSTACK_HOST
-OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= keystone_default_role %>"
+OPENSTACK_HOST = "<%= @keystone_host %>"
+OPENSTACK_KEYSTONE_URL = "<%= @keystone_scheme %>://%s:<%= @keystone_port %>/v2.0" % OPENSTACK_HOST
+OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= @keystone_default_role %>"
+
+# Disable SSL certificate checks (useful for self-signed certificates):
+# OPENSTACK_SSL_NO_VERIFY = True

 # The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the
 # capabilities of the auth backend for Keystone.
@ -54,11 +117,23 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= keystone_default_role %>"
 # TODO(tres): Remove these once Keystone has an API to identify auth backend.
 OPENSTACK_KEYSTONE_BACKEND = {
    'name': 'native',
-    'can_edit_user': True
+    'can_edit_user': True,
+    'can_edit_project': True
 }

 OPENSTACK_HYPERVISOR_FEATURES = {
-    'can_set_mount_point': <%= can_set_mount_point %>
+    'can_set_mount_point': <%= @can_set_mount_point %>,
+
+    # NOTE: as of Grizzly this is not yet supported in Nova so enabling this
+    # setting will not do anything useful
+    'can_encrypt_volumes': False
+}
+
+# The OPENSTACK_QUANTUM_NETWORK settings can be used to enable optional
+# services provided by quantum.  Currently only the load balancer service
+# is available.
+OPENSTACK_QUANTUM_NETWORK = {
+    'enable_lb': False
 }

 # OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints
@ -66,80 +141,84 @@ OPENSTACK_HYPERVISOR_FEATURES = {
 # external to the OpenStack environment. The default is 'internalURL'.
 #OPENSTACK_ENDPOINT_TYPE = "publicURL"

-<% if swift -%>
-# Include the SWIFT interface extension in Horizon
-SWIFT_ENABLED = True
-<% end -%>
+# The number of objects (Swift containers/objects or images) to display
+# on a single page before providing a paging element (a "more" link)
+# to paginate results.
+API_RESULT_LIMIT = <%= @api_result_limit %>
+API_RESULT_PAGE_SIZE = 20

-# The number of Swift containers and objects to display on a single page before
-# providing a paging element (a "more" link) to paginate results.
-API_RESULT_LIMIT = <%= api_result_limit %>
-
-<% if quantum -%>
-#  Include the Quantum interface extensions in Horizon
-QUANTUM_ENABLED = True
-<% end -%>
+# The timezone of the server. This should correspond with the timezone
+# of your entire OpenStack installation, and hopefully be in UTC.
+TIME_ZONE = "UTC"

 # If you have external monitoring links, eg:
-EXTERNAL_MONITORING = <% if horizon_app_links %><%= horizon_app_links %><% else %>[ ]<% end %>
+<% if @horizon_app_links %>
+EXTERNAL_MONITORING = <%= @horizon_app_links %>
+<% end %>
+
 LOGGING = {
-        'version': 1,
-        # When set to True this will disable all logging except
-        # for loggers specified in this configuration dictionary. Note that
-        # if nothing is specified here and disable_existing_loggers is True,
-        # django.db.backends will still log unless it is disabled explicitly.
-        'disable_existing_loggers': False,
-        'handlers': {
-            'null': {
-                'level': 'DEBUG',
-                'class': 'django.utils.log.NullHandler',
-                },
-            'console': {
-                # Set the level to "DEBUG" for verbose output logging.
-                'level': 'INFO',
-                'class': 'logging.StreamHandler',
-                },
-            'file': {
-                'level': '<%= log_level %>',
-                'class': 'logging.FileHandler',
-                'filename': '<%= scope.lookupvar("horizon::params::logdir") %>/horizon.log'
-                },
-            },
-        'loggers': {
-            # Logging from django.db.backends is VERY verbose, send to null
-            # by default.
-            'django.db.backends': {
-                'handlers': ['null'],
-                'propagate': False,
-                },
-            'horizon': {
-                'handlers': ['file'],
-                'propagate': False,
-            },
-            'openstack_dashboard': {
-                'handlers': ['file'],
-                'propagate': False,
-            },
-            'novaclient': {
-                'handlers': ['file'],
-                'propagate': False,
-            },
-           'glanceclient': {
-                'handlers': ['file'],
-                'propagate': False,
-            },
-            'keystoneclient': {
-                'handlers': ['file'],
-                'propagate': False,
-            },
-            'nose.plugins.manager': {
-                'handlers': ['file'],
-                'propagate': False,
-            }
+    'version': 1,
+    # When set to True this will disable all logging except
+    # for loggers specified in this configuration dictionary. Note that
+    # if nothing is specified here and disable_existing_loggers is True,
+    # django.db.backends will still log unless it is disabled explicitly.
+    'disable_existing_loggers': False,
+    'handlers': {
+        'null': {
+            'level': 'DEBUG',
+            'class': 'django.utils.log.NullHandler',
+        },
+        'console': {
+            # Set the level to "DEBUG" for verbose output logging.
+            'level': 'INFO',
+            'class': 'logging.StreamHandler',
+        },
+        'file': {
+            'level': '<%= @log_level %>',
+            'class': 'logging.FileHandler',
+            'filename': '<%= scope.lookupvar("horizon::params::logdir") %>/horizon.log',
+        },
+    },
+    'loggers': {
+        # Logging from django.db.backends is VERY verbose, send to null
+        # by default.
+        'django.db.backends': {
+            'handlers': ['null'],
+            'propagate': False,
+        },
+        'requests': {
+            'handlers': ['null'],
+            'propagate': False,
+        },
+        'horizon': {
+            'handlers': ['file'],
+            'propagate': False,
+        },
+        'openstack_dashboard': {
+            'handlers': ['file'],
+            'propagate': False,
+        },
+        'novaclient': {
+            'handlers': ['file'],
+            'propagate': False,
+        },
+        'keystoneclient': {
+            'handlers': ['file'],
+            'propagate': False,
+        },
+        'glanceclient': {
+            'handlers': ['file'],
+            'propagate': False,
+        },
+        'nose.plugins.manager': {
+            'handlers': ['file'],
+            'propagate': False,
        }
+    }
 }
-LOGIN_URL='<%=  scope.lookupvar("horizon::params::root_url") %>/auth/login/'
-LOGIN_REDIRECT_URL='<%=  scope.lookupvar("horizon::params::root_url") %>'
+
+LOGIN_URL = '<%= scope.lookupvar("horizon::params::root_url") %>/auth/login/'
+LOGIN_REDIRECT_URL = '<%= scope.lookupvar("horizon::params::root_url") %>'

 # The Ubuntu package includes pre-compressed JS and compiled CSS to allow
 # offline compression by default.  To enable online compression, install