-
Notifications
You must be signed in to change notification settings - Fork 113
/
auth.pp
90 lines (82 loc) · 2.3 KB
/
auth.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# == Class: ceph::rgw::keystone::auth
#
# Configures RGW user, service and endpoint in Keystone V3.
#
# === Parameters
#
# [*password*]
# Password for the RGW user.
# Defaults to ceph::profile::params::rgw_keystone_admin_password
#
# [*user*]
# Username for the RGW user. Optional.
# Defaults to ceph::profile::params::rgw_keystone_admin_use
#
# [*email*]
# Email for the RGW user. Optional.
# Defaults to 'rgwuser@localhost'
#
# [*roles*]
# Accepted RGW roles. Optional.
# Defaults to ['admin', 'Member']
#
# [*public_url*]
# The public URL. Optional.
# Defaults to 'http://127.0.0.1:8080/swift/v1
#
# [*admin_url*]
# The admin URL. Optional.
# Defaults to 'http://127.0.0.1:8080/swift/v1
#
# [*internal_url*]
# The internal URL. Optional.
# Defaults to 'http://127.0.0.1:8080/swift/v1
#
# [*region*]
# Region for endpoint. Optional.
# Defaults to 'RegionOne'
#
# [*tenant*]
# Tenant for user. Optional.
# Defaults to ceph::profile::params::rgw_keystone_admin_project
#
# [*rgw_service*]
# Name of the keystone service used by RGW
# Defaults to 'swift::object-store'
#
class ceph::rgw::keystone::auth (
$password = $::ceph::profile::params::rgw_keystone_admin_password,
$user = $::ceph::profile::params::rgw_keystone_admin_user,
$email = 'rgwuser@localhost',
$roles = ['admin', 'Member'],
$public_url = 'http://127.0.0.1:8080/swift/v1',
$admin_url = 'http://127.0.0.1:8080/swift/v1',
$internal_url = 'http://127.0.0.1:8080/swift/v1',
$region = 'RegionOne',
$tenant = $::ceph::profile::params::rgw_keystone_admin_project,
$rgw_service = 'swift::object-store',
) {
include ::openstacklib::openstackclient
ensure_resource('keystone_service', 'swift::object-store', {
'ensure' => 'present',
'description' => 'Ceph RGW Service',
} )
ensure_resource('keystone_endpoint', "${region}/swift::object-store", {
'ensure' => 'present',
'public_url' => $public_url,
'admin_url' => $admin_url,
'internal_url' => $internal_url,
} )
keystone_user { $user:
ensure => present,
password => $password,
email => $email,
}
ensure_resource('keystone_role', $roles, {
'ensure' => 'present'
} )
keystone_user_role { "${user}@${tenant}":
ensure => present,
roles => $roles,
}
}