dsl_version: 0.1.0
service:
  name: cinder-api
  ports:
    - {{ cinder.api_port }}
  containers:
    - name: cinder-api
      image: cinder-api
      pre:
        - name: cinder-db-create
          dependencies:
            - database
          type: single
          command:
            mysql -u root -p{{ db.root_password }} -h {{ address("database") }} -e "create database {{ cinder.db.name }};
            create user '{{ cinder.db.username }}'@'%' identified by '{{ cinder.db.password }}'
            {% if db.tls.enabled %} require ssl {% endif %};
            grant all privileges on {{ cinder.db.name }}.* to '{{ cinder.db.username }}'@'%' identified by '{{ cinder.db.password }}'
            {% if db.tls.enabled %} require ssl {% endif %};"
        - name: cinder-db-sync
          files:
            - cinder-conf
          dependencies:
            - cinder-db-create
          type: single
          command: cinder-manage db sync
        - name: cinder-user-create
          dependencies:
            - keystone-create-domain
          type: single
          command: openstack user create --domain {{ service_account.domain }} --password {{ cinder.password }} {{ cinder.username }}
        - name: cinder-role-add
          dependencies:
            - cinder-user-create
            - keystone-create-project
          type: single
          command: openstack role add --project {{ service_account.project }} --user {{ cinder.username }} admin
        - name: cinder-service-create
          dependencies:
            - keystone
          type: single
          command: openstack service create --name cinder --description "OpenStack Cinder Service" volume
        - name: cinder-public-endpoint-create
          dependencies:
            - cinder-service-create
          type: single
          command: openstack endpoint create --region RegionOne volume public {{ address('cinder-api', cinder.api_port, external=True, with_scheme=True) }}/v1/$\(project_id\)s
        - name: cinder-internal-endpoint-create
          dependencies:
            - cinder-service-create
          type: single
          command: openstack endpoint create --region RegionOne volume internal {{ address('cinder-api', cinder.api_port, with_scheme=True) }}/v1/$\(project_id\)s
        - name: cinder-admin-endpoint-create
          dependencies:
            - cinder-service-create
          type: single
          command: openstack endpoint create --region RegionOne volume admin {{ address('cinder-api', cinder.api_port, with_scheme=True) }}/v1/$\(project_id\)s

        - name: cinder-service-create-v2
          dependencies:
            - keystone
          type: single
          command: openstack service create --name cinder --description "OpenStack Cinder Service V2" volumev2
        - name: cinder-public-endpoint-create-v2
          dependencies:
            - cinder-service-create-v2
          type: single
          command: openstack endpoint create --region RegionOne volumev2 public {{ address('cinder-api', cinder.api_port, external=True, with_scheme=True) }}/v2/$\(project_id\)s
        - name: cinder-internal-endpoint-create-v2
          dependencies:
            - cinder-service-create-v2
          type: single
          command: openstack endpoint create --region RegionOne volumev2 internal {{ address('cinder-api', cinder.api_port, with_scheme=True) }}/v2/$\(project_id\)s
        - name: cinder-admin-endpoint-create-v2
          dependencies:
            - cinder-service-create-v2
          type: single
          command: openstack endpoint create --region RegionOne volumev2 admin {{ address('cinder-api', cinder.api_port, with_scheme=True) }}/v2/$\(project_id\)s

        - name: cinder-service-create-v3
          dependencies:
            - keystone
          type: single
          command: openstack service create --name cinder --description "OpenStack Cinder Service V3" volumev3
        - name: cinder-public-endpoint-create-v3
          dependencies:
            - cinder-service-create-v3
          type: single
          command: openstack endpoint create --region RegionOne volumev3 public {{ address('cinder-api', cinder.api_port, external=True, with_scheme=True) }}/v3/$\(project_id\)s
        - name: cinder-internal-endpoint-create-v3
          dependencies:
            - cinder-service-create-v3
          type: single
          command: openstack endpoint create --region RegionOne volumev3 internal {{ address('cinder-api', cinder.api_port, with_scheme=True) }}/v3/$\(project_id\)s
        - name: cinder-admin-endpoint-create-v3
          dependencies:
            - cinder-service-create-v3
          type: single
          command: openstack endpoint create --region RegionOne volumev3 admin {{ address('cinder-api', cinder.api_port, with_scheme=True) }}/v3/$\(project_id\)s

      daemon:
        command: cinder-api --config-file /etc/cinder/cinder.conf
        files:
          # {% if cinder.tls.enabled %}
          - ca_cert
          # {% endif %}
          - cinder-conf
        dependencies:
          - memcached
          - rpc
          - notifications
    # {% if cinder.tls.enabled %}
    - name: nginx-cinder-api
      image: nginx
      daemon:
        files:
          - upstreams
          - servers
          - server-cert
          - server-key
        command: nginx
    # {% endif %}

files:
  cinder-conf:
    path: /etc/cinder/cinder.conf
    content: cinder.conf.j2
  # {% if cinder.tls.enabled %}
  servers:
    path: /etc/nginx/conf.d/servers.conf
    content: nginx-api.conf.j2
    perm: "0400"
  ca_cert:
    path: /opt/ccp/etc/tls/ca.pem
    content: ca-cert.pem.j2
  upstreams:
    path: /etc/nginx/conf.d/upstreams.conf
    content: upstreams.conf.j2
    perm: "0400"
  server-cert:
    path: /opt/ccp/etc/tls/server-cert.pem
    content: server-cert.pem.j2
    perm: "0400"
  server-key:
    path: /opt/ccp/etc/tls/server-key.pem
    content: server-key.pem.j2
    perm: "0400"
  # {% endif %}