Blame - tests/pillar/single.sls - salt-formulas/keystone

blob: 697e40e67effaf2b1b108edcfdae30f1ccee7145 [file] [log] [blame]

Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	1	keystone:
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	2	# Server state
Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	3	server:
				4	enabled: true
				5	version: liberty
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	6	service_name: apache2
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	7	service_token: RANDOMSTRINGTOKEN
Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	8	service_tenant: service
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	9	admin_project:
				10	name: projectname
				11	domain: project
Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	12	admin_tenant: admin
				13	admin_name: admin
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	14	admin_password: passw0rd
Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	15	admin_email: root@localhost
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	16	enable_proxy_headers_parsing: True
				17	cors:
				18	allowed_origin: 'https://horizon.example.com'
				19	allow_credentials: True
				20	expose_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token'
				21	allow_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name'
				22	max_age: 3600
				23	allow_methods: 'GET,PUT,POST,DELETE,PATCH'
				24	auth_methods:
				25	- password
				26	- token
				27	federation:
				28	oidc:
				29	remote_id_attribute: HTTP_OIDC_ISS
				30	remote_id_attribute_value: remote_id_attribute_value
				31	oidc_claim_prefix: oidc_claim_prefix
				32	oidc_client_id: oidc_client_id
				33	oidc_client_secret: oidc_client_secret
				34	oidc_crypto_passphrase: oidc_crypto_passphrase
				35	oidc_redirect_uri: oidc_redirect_uri
				36	oidc_provider_metadata_url: oidc_provider_metadata_url
				37	oidc_response_type: oidc_response_type
				38	oidc_scope: oidc_scope
				39	oidc_ssl_validate_server: oidc_ssl_validate_server
				40	oidc_oauth_ssl_validate_server: oidc_oauth_ssl_validate_server
				41	oidc_oauth_introspection_endpoint: oidc_oauth_introspection_endpoint
				42	oidc_oauth_introspection_token_param_name: oidc_oauth_introspection_token_param_name
				43	oidc_oauth_remote_user_claim: oidc_oauth_remote_user_claim
				44	oidc_oauth_verify_jwks_uri: oidc_oauth_verify_jwks_uri
				45	odic_token_iat_slack: odic_token_iat_slack
				46	oidc_provider_issuer: oidc_provider_issuer
				47	oidc_provider_authorization_endpoint: oidc_provider_authorization_endpoint
				48	oidc_provider_token_endpoint: oidc_provider_token_endpoint
				49	oidc_provider_token_endpoint_auth: oidc_provider_token_endpoint_auth
				50	oidc_provider_user_info_endpoint: oidc_provider_user_info_endpoint
				51	oidc_provider_jwks_uri: oidc_provider_jwks_uri
				52	protocol: oidc
				53	saml2:
				54	remote_id_attribute: HTTP_OIDC_ISS
				55	protocol: saml2
Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	56	bind:
				57	address: 0.0.0.0
				58	private_address: 127.0.0.1
				59	private_port: 35357
				60	public_address: 127.0.0.1
				61	public_port: 5000
				62	region: RegionOne
				63	database:
				64	engine: mysql
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	65	host: 127.0.0.1
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	66	name: keystone
				67	password: passw0rd
				68	user: keystone
Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	69	tokens:
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	70	engine: fernet
Jakub Pavlik	874d9d3	2016-01-25 22:19:15 +0100	[diff] [blame]	71	expiration: 86400
				72	location: /etc/keystone/fernet-keys/
Oleksandr Bryndzii	49a5083	2019-02-26 15:38:54 +0200	[diff] [blame]	73	allow_expired_window: 86400
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	74	notification: true
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	75	notification_format: cadf
Oleksandr Shyshko	004f17b	2019-02-21 12:51:25 +0000	[diff] [blame]	76	security_compliance:
				77	disable_user_account_days_inactive: 90
Oleksandr Shyshko	3d95b71	2019-04-19 11:50:49 +0300	[diff] [blame^]	78	lockout_failure_attempts: 60
Oleksandr Shyshko	004f17b	2019-02-21 12:51:25 +0000	[diff] [blame]	79	lockout_duration: 600
Oleksandr Shyshko	3d95b71	2019-04-19 11:50:49 +0300	[diff] [blame^]	80	password_expires_days: 730
				81	unique_last_password_count: 5
Oleksandr Shyshko	004f17b	2019-02-21 12:51:25 +0000	[diff] [blame]	82	minimum_password_age: 0
Oleksandr Shyshko	3d95b71	2019-04-19 11:50:49 +0300	[diff] [blame^]	83	password_regex: '^[a-zA-Z0-9]{32,}$$'
				84	password_regex_description: \|
				85	Your password could contains capital letters, lowercase letters, digits and have a minimum length of 32 characters
				86	change_password_upon_first_use: False
vgusev	779727c	2018-02-16 18:10:54 +0400	[diff] [blame]	87	logging:
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	88	debug: true
				89	log_file: 'logfile.log'
				90	log_dir: logdir
				91	use_syslog: true
				92	syslog_log_facility: LOG_USER
				93	log_appender: true
vgusev	779727c	2018-02-16 18:10:54 +0400	[diff] [blame]	94	log_handlers:
				95	watchedfile:
				96	enabled: true
				97	fluentd:
				98	enabled: false
				99	ossyslog:
				100	enabled: false
Dmitry Ukov	7025622	2017-11-20 19:26:38 +0400	[diff] [blame]	101	extra_config:
				102	federation:
				103	cache_group_membership_in_db: true
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	104	message_queue:
				105	engine: rabbitmq
				106	host: 127.0.0.1
				107	port: 5672
				108	user: openstack
				109	password: password
				110	virtual_host: '/openstack'
				111	ha_queues: true
				112	rabbit_ha_queues: true
				113	rpc_conn_pool_size: 30
				114	conn_pool_min_size: 2
				115	conn_pool_ttl: 1200
				116	rpc_poll_timeout: 1
				117	rpc_thread_pool_size: 100
				118	rpc_message_ttl: 300
				119	rpc_use_acks: false
				120	rpc_ack_timeout_base: 15
				121	rpc_ack_timeout_multiplier: 2
				122	rpc_retry_attempts: 3
				123	executor_thread_pool_size: 64
				124	rpc_response_timeout: 60
				125	control_exchange: openstack
				126	ssl:
				127	version: TLSv1_2
				128	cacert_file: ssl_ca_certs
				129	x509:
				130	key_file: kombu_ssl_keyfile
				131	cert_file: kombu_ssl_certfile
				132	rabbit_retry_interval: 1
				133	rabbit_retry_backoff: 2
				134	rabbit_interval_max: 30
				135	rabbit_transient_queues_ttl: 1800
				136	heartbeat_timeout_threshold: 60
				137	heartbeat_rate: 2
				138	channel_max: 2
				139	frame_max: 2
				140	heartbeat_interval: 3
				141	socket_timeout: 10
				142	tcp_user_timeout: 10
				143	host_connection_reconnect_delay: 10
				144	connection_factory: single
				145	pool_max_size: 30
				146	pool_max_overflow: 0
				147	pool_timeout: 30
				148	pool_recycle: 600
				149	pool_stale: 60
				150	default_serializer_type: json
				151	notification_persistence: false
				152	default_notification_exchange: exchange
				153	notification_listener_prefetch_count: 100
				154	default_notification_retry_attempts: 1
				155	notification_retry_delay: 10
				156	rpc_queue_expiration: 60
				157	default_rpc_exchange: rpc_exchange
				158	rpc_reply_exchange: rpc_reply_exchange
				159	rpc_listener_prefetch_count: 100
				160	rpc_reply_listener_prefetch_count: 100
				161	rpc_reply_retry_attempts: 10
				162	rpc_reply_retry_delay: 10
				163	default_rpc_retry_attempts: 10
				164	rpc_retry_delay: 10
				165	rabbit_qos_prefetch_count: 64
				166	healthcheck:
				167	path: '/healthcheck'
				168	max_request_body_size: 114688
				169	profiler:
				170	enabled: True
				171	cache:
				172	enabled: True
				173	host: 127.0.0.1
				174	port: 11211
				175	policy:
				176	policy_file: 'policy.json'
				177	domain:
				178	testing:
				179	description: "Test domain"
				180	backend: ldap
				181	identity:
				182	backend: ldap
				183	driver: ldap
				184	assignment:
				185	backend: sql
				186	driver: keystone.assignment.backends.sql.Assignment
				187	ldap:
				188	url: "ldaps://idm.domain.com"
				189	suffix: "dc=cloud,dc=domain,dc=com"
				190	uid: keystone
				191	password: password
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	192	# Client state
				193	client:
				194	enabled: false
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	195	os_client_config:
				196	enabled: true
				197	cfgs:
				198	root:
				199	content:
				200	clouds:
				201	admin_identity:
				202	region_name: RegionOne
				203	identity_api_version: '3'
				204	interface: 'internal'
				205	auth:
				206	username: 'admin'
				207	password: passw0rd
				208	user_domain_name: 'Default'
				209	project_name: 'admin'
				210	project_domain_name: 'Default'
				211	auth_url: 'http://127.0.0.1:5000'
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	212	server:
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	213	admin_identity:
				214	admin:
				215	user: admin
				216	password: passw0rd
				217	project: admin
				218	host: localhost
				219	port: 5000
				220	region_name: RegionOne
				221	use_keystoneauth: true
				222	protocol: http
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	223	identity:
				224	admin:
				225	host: localhost
				226	port: 35357
				227	token: RANDOMSTRINGTOKEN
				228	roles:
				229	- admin
				230	- Member
				231	project:
				232	service:
				233	description: "OpenStack Service tenant"
				234	admin:
				235	description: "OpenStack Admin tenant"
				236	user:
				237	admin:
				238	is_admin: true
				239	password: passw0rd
				240	email: admin@localhost
				241	service:
				242	keystone3:
				243	type: identity
				244	description: OpenStack Identity Service v3
				245	endpoints:
				246	- region: RegionOne
				247	public_address: keystone
				248	public_protocol: http
				249	public_port: 5000
				250	public_path: '/v3'
				251	internal_address: keystone
				252	internal_port: 5000
				253	internal_path: '/v3'
				254	admin_address: keystone
				255	admin_port: 35357
				256	admin_path: '/v3'
				257	keystone:
				258	type: identity
				259	description: OpenStack Identity Service
				260	endpoints:
				261	- region: RegionOne
				262	public_address: keystone
				263	public_protocol: http
				264	public_port: 5000
				265	public_path: '/v2.0'
				266	internal_address: keystone
				267	internal_port: 5000
				268	internal_path: '/v2.0'
				269	admin_address: keystone
				270	admin_port: 35357
				271	admin_path: '/v2.0'
sgarbuz	c4b6ed9	2019-01-15 11:53:08 +0200	[diff] [blame]	272	apache:
				273	server:
				274	enabled: true
				275	default_mpm: event
				276	mpm:
				277	prefork:
				278	enabled: true
				279	servers:
				280	start: 5
				281	spare:
				282	min: 2
				283	max: 10
				284	max_requests: 0
				285	max_clients: 20
				286	limit: 20
				287	site:
				288	keystone:
				289	enabled: true
				290	type: keystone
				291	name: wsgi
				292	host:
				293	name: localhost
				294	pkgs:
				295	- apache2
				296	modules:
				297	- wsgi
Petr Michalec	e9a6c2a	2017-03-05 20:14:34 +0100	[diff] [blame]	298	# CI related dependencies
				299	mysql:
				300	client:
				301	enabled: true
				302	version: '5.7'
				303	admin:
				304	host: localhost
				305	port: 3306
				306	user: admin
				307	password: password
				308	encoding: utf8
				309	server:
				310	enabled: true
				311	version: "5.7"
				312	force_encoding: utf8
				313	bind:
				314	address: 0.0.0.0
				315	port: 3306
				316	protocol: tcp
				317	database:
				318	keystone:
				319	encoding: utf8
				320	users:
				321	- host: '%'
				322	name: keystone
				323	password: passw0rd
				324	rights: all
				325	- host: 127.0.0.1
				326	name: keystone
				327	password: passw0rd
				328	rights: all