Browse code
Merge "Configure tempauth along keystoneauth."
Jenkins authored on 2013/07/18 23:04:21Showing 1 changed files
| ... | ... |
@@ -133,19 +133,6 @@ function configure_swift() {
|
| 133 | 133 |
sudo sed -i '/disable *= *yes/ { s/yes/no/ }' /etc/xinetd.d/rsync
|
| 134 | 134 |
fi |
| 135 | 135 |
|
| 136 |
- if is_service_enabled swift3;then |
|
| 137 |
- swift_auth_server="s3token " |
|
| 138 |
- fi |
|
| 139 |
- |
|
| 140 |
- # By default Swift will be installed with the tempauth middleware |
|
| 141 |
- # which has some default username and password if you have |
|
| 142 |
- # configured keystone it will checkout the directory. |
|
| 143 |
- if is_service_enabled key; then |
|
| 144 |
- swift_auth_server+="authtoken keystoneauth" |
|
| 145 |
- else |
|
| 146 |
- swift_auth_server=tempauth |
|
| 147 |
- fi |
|
| 148 |
- |
|
| 149 | 136 |
SWIFT_CONFIG_PROXY_SERVER=${SWIFT_CONF_DIR}/proxy-server.conf
|
| 150 | 137 |
cp ${SWIFT_DIR}/etc/proxy-server.conf-sample ${SWIFT_CONFIG_PROXY_SERVER}
|
| 151 | 138 |
|
| ... | ... |
@@ -164,24 +151,22 @@ function configure_swift() {
|
| 164 | 164 |
iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port
|
| 165 | 165 |
iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT:-8080}
|
| 166 | 166 |
|
| 167 |
- # By default Swift will be installed with the tempauth middleware |
|
| 168 |
- # which has some default username and password if you have |
|
| 169 |
- # configured keystone it will configure swift with it. |
|
| 170 |
- if is_service_enabled key;then |
|
| 171 |
- if is_service_enabled swift3;then |
|
| 172 |
- swift_pipeline=" swift3 s3token " |
|
| 173 |
- fi |
|
| 174 |
- swift_pipeline+=" authtoken keystoneauth " |
|
| 175 |
- else |
|
| 176 |
- if is_service_enabled swift3;then |
|
| 177 |
- swift_pipeline=" swift3 " |
|
| 178 |
- fi |
|
| 179 |
- swift_pipeline+=" tempauth " |
|
| 167 |
+ # By default Swift will be installed with keystone and tempauth middleware |
|
| 168 |
+ # and add the swift3 middleware if its configured for it. The token for |
|
| 169 |
+ # tempauth would be prefixed with the reseller_prefix setting TEMPAUTH_ the |
|
| 170 |
+ # token for keystoneauth would have the standard reseller_prefix AUTH_ |
|
| 171 |
+ if is_service_enabled swift3;then |
|
| 172 |
+ swift_pipeline=" swift3 s3token " |
|
| 180 | 173 |
fi |
| 174 |
+ swift_pipeline+=" authtoken keystoneauth tempauth " |
|
| 181 | 175 |
sed -i "/^pipeline/ { s/tempauth/${swift_pipeline} ${SWIFT_EXTRAS_MIDDLEWARE}/ ;}" ${SWIFT_CONFIG_PROXY_SERVER}
|
| 182 | 176 |
|
| 177 |
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:tempauth account_autocreate
|
|
| 183 | 178 |
iniset ${SWIFT_CONFIG_PROXY_SERVER} app:proxy-server account_autocreate true
|
| 184 | 179 |
|
| 180 |
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:tempauth reseller_prefix
|
|
| 181 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:tempauth reseller_prefix "TEMPAUTH"
|
|
| 182 |
+ |
|
| 185 | 183 |
# Configure Keystone |
| 186 | 184 |
sed -i '/^# \[filter:authtoken\]/,/^# \[filter:keystoneauth\]$/ s/^#[ \t]*//' ${SWIFT_CONFIG_PROXY_SERVER}
|
| 187 | 185 |
iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_host $KEYSTONE_AUTH_HOST
|