File: keystone.pp

package info (click to toggle)
puppet-module-swift 25.0.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,400 kB
  • sloc: ruby: 9,593; python: 38; sh: 10; makefile: 10
file content (58 lines) | stat: -rw-r--r-- 2,056 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
 
#
# This class can be set to manage keystone middleware for swift proxy
#
# == Parameters
#
#  [*operator_roles*]
#    (Optional) a list of keystone roles a user must have to gain access to Swift.
#    Defaults to ['admin', 'SwiftOperator']
#    Must be an array of strings
#    Swift operator roles must be defined in swift::keystone::auth because
#    keystone API access is usually not available on Swift proxy nodes.
#
#  [*reseller_prefix*]
#    (Optional) The prefix used for reseller URL.
#    Defaults to 'AUTH_'
#
#  [*reseller_admin_role*]
#    The reseller admin role has the ability to create and delete accounts.
#    This role defines who has the ability to manage other swift accounts.
#    (Optional)
#    Defaults to Undef.
#
#  [*project_reader_roles*]
#    Project reader roles are similar to account owners, but are not
#    allowed to write any data.
#    (Optional)
#    Default to $facts['os_service_default']
#
#  [*system_reader_roles*]
#    System reader roles are similar to reseller_admin_roles, but are not
#    allowed to write any data.
#    (Optional)
#    Default to $facts['os_service_default']
#
# == Authors
#
#  Dan Bode dan@puppetlabs.com
#  Francois Charlier fcharlier@ploup.net
#
class swift::proxy::keystone(
  $operator_roles       = ['admin', 'SwiftOperator'],
  $reseller_prefix      = 'AUTH_',
  $reseller_admin_role  = undef,
  $project_reader_roles = $facts['os_service_default'],
  $system_reader_roles  = $facts['os_service_default'],
) {

  include swift::deps

  swift_proxy_config {
    'filter:keystone/use':                  value => 'egg:swift#keystoneauth';
    'filter:keystone/operator_roles':       value => join(any2array($operator_roles), ', ');
    'filter:keystone/reseller_prefix':      value => $reseller_prefix;
    'filter:keystone/reseller_admin_role':  value => $reseller_admin_role;
    'filter:keystone/project_reader_roles': value => join(any2array($project_reader_roles), ', ');
    'filter:keystone/system_reader_roles':  value => join(any2array($system_reader_roles), ', ');
  }
}