diff --git a/snap-overlay/snap-openstack.yaml b/snap-overlay/snap-openstack.yaml index a901837..1615eeb 100644 --- a/snap-overlay/snap-openstack.yaml +++ b/snap-overlay/snap-openstack.yaml @@ -68,6 +68,7 @@ setup: extgateway: 'config.network.ext-gateway' extcidr: 'config.network.ext-cidr' dns: 'config.network.dns' + dashboard_allowed_hosts: 'config.network.dashboard-allowed-hosts' entry_points: keystone-manage: binary: "{snap}/bin/keystone-manage" diff --git a/snap-overlay/templates/05_snap_tweaks.j2 b/snap-overlay/templates/05_snap_tweaks.j2 index cbedb5d..6a2149b 100644 --- a/snap-overlay/templates/05_snap_tweaks.j2 +++ b/snap-overlay/templates/05_snap_tweaks.j2 @@ -28,7 +28,7 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" # Turn off external access for now. (This should be turned on once we # have hooks for setting a non default password.) -ALLOWED_HOSTS = ['10.20.20.1', 'localhost', '127.0.0.1'] +ALLOWED_HOSTS = "{{ dashboard_allowed_hosts }}".split(",") # Use memcached as our caching backend. CACHES = { diff --git a/tools/init/init/questions/__init__.py b/tools/init/init/questions/__init__.py index a69b35f..5f15771 100644 --- a/tools/init/init/questions/__init__.py +++ b/tools/init/init/questions/__init__.py @@ -249,31 +249,16 @@ class FileHandleLimits(Question): pass -class DashboardAccess(Question): +class DashboardAccess(ConfigQuestion): _type = 'string' + _question = 'Dashboard allowed hosts.' config_key = 'config.network.dashboard-allowed-hosts' def yes(self, answer): log.info("Opening horizon dashboard up to {hosts}".format( hosts=answer)) - path_ = ('{SNAP_COMMON}/etc/horizon/local_settings.d' - '/_10_hosts.py'.format(**_env)) - - allowed_hosts = answer.split(',') - - # TODO: move to template. - # TODO: sanitize (since we're writing to executable Python!) - with open(path_, 'w') as hosts: - hosts.write("""\ -ALLOWED_HOSTS = {hosts} -""".format(hosts=allowed_hosts)) - - # Restart if needed. - if check_output('snapctl', 'get', 'initialized'): - check('snapctl', 'restart', 'microstack.horizon-uwsgi') - class RabbitMq(Question): """Wait for Rabbit to start, then setup permissions."""