diff --git a/manifests/init.pp b/manifests/init.pp index f705b9c9..42db8c2a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -88,6 +88,14 @@ class horizon( include apache::mod::wsgi include apache + if $swift { + warning('swift parameter is deprecated and has no effect.') + } + + if $quantum { + warning('quantum parameter is deprecated and has no effect.') + } + # I am totally confused by this, I do not think it should be installed... if ($::osfamily == 'Debian') { package { 'node-less': } @@ -121,7 +129,7 @@ class horizon( file_line { 'horizon_redirect_rule': path => $::horizon::params::httpd_config_file, - line => "RedirectMatch permanent ^/$ $::horizon::params::root_url/", + line => "RedirectMatch permanent ^/$ ${::horizon::params::root_url}/", require => Package['horizon'], notify => Service[$::horizon::params::http_service] } diff --git a/spec/classes/horizon_init_spec.rb b/spec/classes/horizon_init_spec.rb index a747b0e4..5ba00ba0 100644 --- a/spec/classes/horizon_init_spec.rb +++ b/spec/classes/horizon_init_spec.rb @@ -49,7 +49,7 @@ describe 'horizon' do 'OPENSTACK_HOST = "127.0.0.1"', 'OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST', 'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"', - " 'can_set_mount_point': True", + " 'can_set_mount_point': True,", 'API_RESULT_LIMIT = 1000' ]) end @@ -76,7 +76,7 @@ describe 'horizon' do 'OPENSTACK_HOST = "keystone.example.com"', 'OPENSTACK_KEYSTONE_URL = "https://%s:4682/v2.0" % OPENSTACK_HOST', 'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "SwiftOperator"', - " 'can_set_mount_point': False", + " 'can_set_mount_point': False,", 'API_RESULT_LIMIT = 4682' ]) end diff --git a/templates/local_settings.py.erb b/templates/local_settings.py.erb index 574c52bf..2088b8d5 100644 --- a/templates/local_settings.py.erb +++ b/templates/local_settings.py.erb @@ -2,28 +2,88 @@ import os from django.utils.translation import ugettext_lazy as _ -DEBUG = <%= django_debug %> -TEMPLATE_DEBUG = DEBUG -PROD = False -USE_SSL = False +from openstack_dashboard import exceptions -# Note: You should change this value -SECRET_KEY = '<%= secret_key %>' +DEBUG = <%= @django_debug %> +TEMPLATE_DEBUG = DEBUG + +# Set SSL proxy settings: +# For Django 1.4+ pass this header from the proxy after terminating the SSL, +# and don't forget to strip it from the client's request. +# For more information see: +# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header +# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https') + +# If Horizon is being served through SSL, then uncomment the following two +# settings to better secure the cookies from security exploits +#CSRF_COOKIE_SECURE = True +#SESSION_COOKIE_SECURE = True + +# Default OpenStack Dashboard configuration. +HORIZON_CONFIG = { + 'dashboards': ('project', 'admin', 'settings',), + 'default_dashboard': 'project', + 'user_home': 'openstack_dashboard.views.get_user_home', + 'ajax_queue_limit': 10, + 'auto_fade_alerts': { + 'delay': 3000, + 'fade_duration': 1500, + 'types': ['alert-success', 'alert-info'] + }, + 'help_url': "http://docs.openstack.org", + 'exceptions': {'recoverable': exceptions.RECOVERABLE, + 'not_found': exceptions.NOT_FOUND, + 'unauthorized': exceptions.UNAUTHORIZED}, +} # Specify a regular expression to validate user passwords. -# HORIZON_CONFIG = { -# "password_validator": { -# "regex": '.*', -# "help_text": _("Your password does not meet the requirements.") -# } +# HORIZON_CONFIG["password_validator"] = { +# "regex": '.*', +# "help_text": _("Your password does not meet the requirements.") # } +# Disable simplified floating IP address management for deployments with +# multiple floating IP pools or complex network requirements. +# HORIZON_CONFIG["simple_ip_management"] = False + +# Turn off browser autocompletion for the login form if so desired. +# HORIZON_CONFIG["password_autocomplete"] = "off" + LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) +# Set custom secret key: +# You can either set it to a specific value or you can let horizion generate a +# default secret key that is unique on this machine, e.i. regardless of the +# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However, there +# may be situations where you would want to set this explicitly, e.g. when +# multiple dashboard instances are distributed on different machines (usually +# behind a load-balancer). Either you have to make sure that a session gets all +# requests routed to the same dashboard instance or you set the same SECRET_KEY +# for all of them. +# from horizon.utils import secret_key +# SECRET_KEY = secret_key.generate_or_read_from_file(os.path.join(LOCAL_PATH, '.secret_key_store')) +SECRET_KEY = '<%= @secret_key %>' + # We recommend you use memcached for development; otherwise after every reload # of the django development server, you will have to login again. To use -# memcached set CACHE_BACKED to something like 'memcached://127.0.0.1:11211/' -CACHE_BACKEND = 'memcached://<%= cache_server_ip %>:<%= cache_server_port %>/' +# memcached set CACHES to something like +# CACHES = { +# 'default': { +# 'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache', +# 'LOCATION' : '127.0.0.1:11211', +# } +#} + +CACHES = { + 'default': { + <% if @cache_server_ip %> + 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', + 'LOCATION': '<%= @cache_server_ip %>:<%= @cache_server_port %>', + <% else %> + 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache' + <% end %> + } +} # Send email to the console by default EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' @@ -42,9 +102,12 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # ('http://cluster2.example.com:5000/v2.0', 'cluster2'), # ] -OPENSTACK_HOST = "<%= keystone_host %>" -OPENSTACK_KEYSTONE_URL = "<%= keystone_scheme %>://%s:<%= keystone_port %>/v2.0" % OPENSTACK_HOST -OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= keystone_default_role %>" +OPENSTACK_HOST = "<%= @keystone_host %>" +OPENSTACK_KEYSTONE_URL = "<%= @keystone_scheme %>://%s:<%= @keystone_port %>/v2.0" % OPENSTACK_HOST +OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= @keystone_default_role %>" + +# Disable SSL certificate checks (useful for self-signed certificates): +# OPENSTACK_SSL_NO_VERIFY = True # The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the # capabilities of the auth backend for Keystone. @@ -54,11 +117,23 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "<%= keystone_default_role %>" # TODO(tres): Remove these once Keystone has an API to identify auth backend. OPENSTACK_KEYSTONE_BACKEND = { 'name': 'native', - 'can_edit_user': True + 'can_edit_user': True, + 'can_edit_project': True } OPENSTACK_HYPERVISOR_FEATURES = { - 'can_set_mount_point': <%= can_set_mount_point %> + 'can_set_mount_point': <%= @can_set_mount_point %>, + + # NOTE: as of Grizzly this is not yet supported in Nova so enabling this + # setting will not do anything useful + 'can_encrypt_volumes': False +} + +# The OPENSTACK_QUANTUM_NETWORK settings can be used to enable optional +# services provided by quantum. Currently only the load balancer service +# is available. +OPENSTACK_QUANTUM_NETWORK = { + 'enable_lb': False } # OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints @@ -66,80 +141,84 @@ OPENSTACK_HYPERVISOR_FEATURES = { # external to the OpenStack environment. The default is 'internalURL'. #OPENSTACK_ENDPOINT_TYPE = "publicURL" -<% if swift -%> -# Include the SWIFT interface extension in Horizon -SWIFT_ENABLED = True -<% end -%> +# The number of objects (Swift containers/objects or images) to display +# on a single page before providing a paging element (a "more" link) +# to paginate results. +API_RESULT_LIMIT = <%= @api_result_limit %> +API_RESULT_PAGE_SIZE = 20 -# The number of Swift containers and objects to display on a single page before -# providing a paging element (a "more" link) to paginate results. -API_RESULT_LIMIT = <%= api_result_limit %> - -<% if quantum -%> -# Include the Quantum interface extensions in Horizon -QUANTUM_ENABLED = True -<% end -%> +# The timezone of the server. This should correspond with the timezone +# of your entire OpenStack installation, and hopefully be in UTC. +TIME_ZONE = "UTC" # If you have external monitoring links, eg: -EXTERNAL_MONITORING = <% if horizon_app_links %><%= horizon_app_links %><% else %>[ ]<% end %> +<% if @horizon_app_links %> +EXTERNAL_MONITORING = <%= @horizon_app_links %> +<% end %> + LOGGING = { - 'version': 1, - # When set to True this will disable all logging except - # for loggers specified in this configuration dictionary. Note that - # if nothing is specified here and disable_existing_loggers is True, - # django.db.backends will still log unless it is disabled explicitly. - 'disable_existing_loggers': False, - 'handlers': { - 'null': { - 'level': 'DEBUG', - 'class': 'django.utils.log.NullHandler', - }, - 'console': { - # Set the level to "DEBUG" for verbose output logging. - 'level': 'INFO', - 'class': 'logging.StreamHandler', - }, - 'file': { - 'level': '<%= log_level %>', - 'class': 'logging.FileHandler', - 'filename': '<%= scope.lookupvar("horizon::params::logdir") %>/horizon.log' - }, - }, - 'loggers': { - # Logging from django.db.backends is VERY verbose, send to null - # by default. - 'django.db.backends': { - 'handlers': ['null'], - 'propagate': False, - }, - 'horizon': { - 'handlers': ['file'], - 'propagate': False, - }, - 'openstack_dashboard': { - 'handlers': ['file'], - 'propagate': False, - }, - 'novaclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'glanceclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'keystoneclient': { - 'handlers': ['file'], - 'propagate': False, - }, - 'nose.plugins.manager': { - 'handlers': ['file'], - 'propagate': False, - } + 'version': 1, + # When set to True this will disable all logging except + # for loggers specified in this configuration dictionary. Note that + # if nothing is specified here and disable_existing_loggers is True, + # django.db.backends will still log unless it is disabled explicitly. + 'disable_existing_loggers': False, + 'handlers': { + 'null': { + 'level': 'DEBUG', + 'class': 'django.utils.log.NullHandler', + }, + 'console': { + # Set the level to "DEBUG" for verbose output logging. + 'level': 'INFO', + 'class': 'logging.StreamHandler', + }, + 'file': { + 'level': '<%= @log_level %>', + 'class': 'logging.FileHandler', + 'filename': '<%= scope.lookupvar("horizon::params::logdir") %>/horizon.log', + }, + }, + 'loggers': { + # Logging from django.db.backends is VERY verbose, send to null + # by default. + 'django.db.backends': { + 'handlers': ['null'], + 'propagate': False, + }, + 'requests': { + 'handlers': ['null'], + 'propagate': False, + }, + 'horizon': { + 'handlers': ['file'], + 'propagate': False, + }, + 'openstack_dashboard': { + 'handlers': ['file'], + 'propagate': False, + }, + 'novaclient': { + 'handlers': ['file'], + 'propagate': False, + }, + 'keystoneclient': { + 'handlers': ['file'], + 'propagate': False, + }, + 'glanceclient': { + 'handlers': ['file'], + 'propagate': False, + }, + 'nose.plugins.manager': { + 'handlers': ['file'], + 'propagate': False, } + } } -LOGIN_URL='<%= scope.lookupvar("horizon::params::root_url") %>/auth/login/' -LOGIN_REDIRECT_URL='<%= scope.lookupvar("horizon::params::root_url") %>' + +LOGIN_URL = '<%= scope.lookupvar("horizon::params::root_url") %>/auth/login/' +LOGIN_REDIRECT_URL = '<%= scope.lookupvar("horizon::params::root_url") %>' # The Ubuntu package includes pre-compressed JS and compiled CSS to allow # offline compression by default. To enable online compression, install