├── ansible_hosts ├── group_vars └── all.yml ├── roles ├── apache2 │ ├── handlers │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── memcached │ └── tasks │ │ └── main.yml └── horizon │ ├── tasks │ └── main.yml │ └── templates │ └── local_settings.py.j2 └── horizon.yml /ansible_hosts: -------------------------------------------------------------------------------- 1 | [horizon] 2 | 1.2.3.4 3 | -------------------------------------------------------------------------------- /group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | horizon_keystone_url: "https://identity.stack.cloudvps.com/v2.0" 3 | -------------------------------------------------------------------------------- /roles/apache2/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart apache 3 | service: name=apache2 state=restarted 4 | -------------------------------------------------------------------------------- /roles/memcached/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - apt: name={{ item }} state=latest update_cache=yes 3 | with_items: 4 | - memcached 5 | 6 | -------------------------------------------------------------------------------- /horizon.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: horizon 3 | user: root 4 | 5 | roles: 6 | - { role: memcached, sudo: yes } 7 | - { role: apache2, sudo: yes } 8 | - { role: horizon, sudo: yes } 9 | -------------------------------------------------------------------------------- /roles/horizon/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - apt: name={{ item }} state=latest update_cache=yes 3 | with_items: 4 | - python-software-properties 5 | - python-apt 6 | - ubuntu-cloud-keyring 7 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise' 8 | 9 | - apt_repository: repo='deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/icehouse main' 10 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise' 11 | 12 | - apt: name={{ item }} state=latest update_cache=yes 13 | with_items: 14 | - openstack-dashboard 15 | 16 | - apt: name=openstack-dashboard-ubuntu-theme state=absent purge=yes 17 | 18 | - template: src=local_settings.py.j2 dest=/etc/openstack-dashboard/local_settings.py 19 | 20 | -------------------------------------------------------------------------------- /roles/apache2/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - apt: name={{ item }} state=latest update_cache=yes 3 | with_items: 4 | - apache2 5 | - libapache2-mod-wsgi 6 | 7 | - file: src=/etc/apache2/sites-available/default-ssl dest=/etc/apache2/sites-enabled/default-ssl state=link 8 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise' 9 | notify: restart apache 10 | 11 | - file: src=/etc/apache2/sites-available/default-ssl.conf dest=/etc/apache2/sites-enabled/default-ssl.conf state=link 12 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'trusty' 13 | notify: restart apache 14 | 15 | - file: src=/etc/apache2/mods-available/socache_shmcb.load dest=/etc/apache2/mods-enabled/socache_shmcb.load state=link 16 | when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'trusty' 17 | notify: restart apache 18 | 19 | - file: src=/etc/apache2/mods-available/rewrite.load dest=/etc/apache2/mods-enabled/rewrite.load state=link 20 | notify: restart apache 21 | 22 | - file: src=/etc/apache2/mods-available/ssl.load dest=/etc/apache2/mods-enabled/ssl.load state=link 23 | notify: restart apache 24 | 25 | - file: src=/etc/apache2/mods-available/wsgi.load dest=/etc/apache2/mods-enabled/wsgi.load state=link 26 | notify: restart apache 27 | 28 | - file: src=/etc/apache2/mods-available/ssl.conf dest=/etc/apache2/mods-enabled/ssl.conf state=link 29 | notify: restart apache 30 | 31 | - file: src=/etc/apache2/mods-available/wsgi.conf dest=/etc/apache2/mods-enabled/wsgi.conf state=link 32 | notify: restart apache 33 | 34 | 35 | -------------------------------------------------------------------------------- /roles/horizon/templates/local_settings.py.j2: -------------------------------------------------------------------------------- 1 | import os 2 | from django.utils.translation import ugettext_lazy as _ 3 | from openstack_dashboard import exceptions 4 | DEBUG = False 5 | TEMPLATE_DEBUG = DEBUG 6 | 7 | USE_SSL = True 8 | CSRF_COOKIE_SECURE = True 9 | SESSION_COOKIE_SECURE = True 10 | 11 | HORIZON_CONFIG = { 12 | 'dashboards': ('project', 'admin', 'settings',), 13 | 'default_dashboard': 'project', 14 | 'user_home': 'openstack_dashboard.views.get_user_home', 15 | 'ajax_queue_limit': 10, 16 | 'auto_fade_alerts': { 17 | 'delay': 3000, 18 | 'fade_duration': 1500, 19 | 'types': ['alert-success', 'alert-info'] 20 | }, 21 | 'help_url': "http://docs.openstack.org", 22 | 'exceptions': {'recoverable': exceptions.RECOVERABLE, 23 | 'not_found': exceptions.NOT_FOUND, 24 | 'unauthorized': exceptions.UNAUTHORIZED}, 25 | } 26 | LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) 27 | from horizon.utils import secret_key 28 | SECRET_KEY = secret_key.generate_or_read_from_file('/var/lib/openstack-dashboard/secret_key') 29 | CACHES = { 30 | 'default': { 31 | 'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache', 32 | 'LOCATION' : '127.0.0.1:11211', 33 | } 34 | } 35 | try: 36 | from ubuntu_theme import * 37 | except ImportError: 38 | pass 39 | LOGIN_URL='/horizon/auth/login/' 40 | LOGOUT_URL='/horizon/auth/logout/' 41 | LOGIN_REDIRECT_URL='/horizon' 42 | COMPRESS_OFFLINE = True 43 | ALLOWED_HOSTS = '*' 44 | EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' 45 | OPENSTACK_HOST = "127.0.0.1" 46 | OPENSTACK_KEYSTONE_URL = "{{ horizon_keystone_url }}" 47 | OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" 48 | OPENSTACK_KEYSTONE_BACKEND = { 49 | 'name': 'native', 50 | 'can_edit_user': True, 51 | 'can_edit_group': True, 52 | 'can_edit_project': True, 53 | 'can_edit_domain': True, 54 | 'can_edit_role': True 55 | } 56 | OPENSTACK_HYPERVISOR_FEATURES = { 57 | 'can_set_mount_point': False, 58 | 'can_set_password': False, 59 | } 60 | OPENSTACK_NEUTRON_NETWORK = { 61 | 'enable_lb': False, 62 | 'enable_firewall': False, 63 | 'enable_quotas': True, 64 | 'enable_vpn': False, 65 | 'profile_support': None, 66 | } 67 | IMAGE_CUSTOM_PROPERTY_TITLES = { 68 | "architecture": _("Architecture"), 69 | "kernel_id": _("Kernel ID"), 70 | "ramdisk_id": _("Ramdisk ID"), 71 | "image_state": _("Euca2ools state"), 72 | "project_id": _("Project ID"), 73 | "image_type": _("Image Type") 74 | } 75 | API_RESULT_LIMIT = 1000 76 | API_RESULT_PAGE_SIZE = 20 77 | TIME_ZONE = "UTC" 78 | LOGGING = { 79 | 'version': 1, 80 | 'disable_existing_loggers': False, 81 | 'handlers': { 82 | 'null': { 83 | 'level': 'DEBUG', 84 | 'class': 'django.utils.log.NullHandler', 85 | }, 86 | 'console': { 87 | 'level': 'INFO', 88 | 'class': 'logging.StreamHandler', 89 | }, 90 | }, 91 | 'loggers': { 92 | 'django.db.backends': { 93 | 'handlers': ['null'], 94 | 'propagate': False, 95 | }, 96 | 'requests': { 97 | 'handlers': ['null'], 98 | 'propagate': False, 99 | }, 100 | 'horizon': { 101 | 'handlers': ['console'], 102 | 'level': 'DEBUG', 103 | 'propagate': False, 104 | }, 105 | 'openstack_dashboard': { 106 | 'handlers': ['console'], 107 | 'level': 'DEBUG', 108 | 'propagate': False, 109 | }, 110 | 'novaclient': { 111 | 'handlers': ['console'], 112 | 'level': 'DEBUG', 113 | 'propagate': False, 114 | }, 115 | 'cinderclient': { 116 | 'handlers': ['console'], 117 | 'level': 'DEBUG', 118 | 'propagate': False, 119 | }, 120 | 'keystoneclient': { 121 | 'handlers': ['console'], 122 | 'level': 'DEBUG', 123 | 'propagate': False, 124 | }, 125 | 'glanceclient': { 126 | 'handlers': ['console'], 127 | 'level': 'DEBUG', 128 | 'propagate': False, 129 | }, 130 | 'neutronclient': { 131 | 'handlers': ['console'], 132 | 'level': 'DEBUG', 133 | 'propagate': False, 134 | }, 135 | 'heatclient': { 136 | 'handlers': ['console'], 137 | 'level': 'DEBUG', 138 | 'propagate': False, 139 | }, 140 | 'ceilometerclient': { 141 | 'handlers': ['console'], 142 | 'level': 'DEBUG', 143 | 'propagate': False, 144 | }, 145 | 'troveclient': { 146 | 'handlers': ['console'], 147 | 'level': 'DEBUG', 148 | 'propagate': False, 149 | }, 150 | 'swiftclient': { 151 | 'handlers': ['console'], 152 | 'level': 'DEBUG', 153 | 'propagate': False, 154 | }, 155 | 'openstack_auth': { 156 | 'handlers': ['console'], 157 | 'level': 'DEBUG', 158 | 'propagate': False, 159 | }, 160 | 'nose.plugins.manager': { 161 | 'handlers': ['console'], 162 | 'level': 'DEBUG', 163 | 'propagate': False, 164 | }, 165 | 'django': { 166 | 'handlers': ['console'], 167 | 'level': 'DEBUG', 168 | 'propagate': False, 169 | }, 170 | 'iso8601': { 171 | 'handlers': ['null'], 172 | 'propagate': False, 173 | }, 174 | } 175 | } 176 | SECURITY_GROUP_RULES = { 177 | 'all_tcp': { 178 | 'name': 'ALL TCP', 179 | 'ip_protocol': 'tcp', 180 | 'from_port': '1', 181 | 'to_port': '65535', 182 | }, 183 | 'all_udp': { 184 | 'name': 'ALL UDP', 185 | 'ip_protocol': 'udp', 186 | 'from_port': '1', 187 | 'to_port': '65535', 188 | }, 189 | 'all_icmp': { 190 | 'name': 'ALL ICMP', 191 | 'ip_protocol': 'icmp', 192 | 'from_port': '-1', 193 | 'to_port': '-1', 194 | }, 195 | 'ssh': { 196 | 'name': 'SSH', 197 | 'ip_protocol': 'tcp', 198 | 'from_port': '22', 199 | 'to_port': '22', 200 | }, 201 | 'smtp': { 202 | 'name': 'SMTP', 203 | 'ip_protocol': 'tcp', 204 | 'from_port': '25', 205 | 'to_port': '25', 206 | }, 207 | 'dns': { 208 | 'name': 'DNS', 209 | 'ip_protocol': 'tcp', 210 | 'from_port': '53', 211 | 'to_port': '53', 212 | }, 213 | 'http': { 214 | 'name': 'HTTP', 215 | 'ip_protocol': 'tcp', 216 | 'from_port': '80', 217 | 'to_port': '80', 218 | }, 219 | 'pop3': { 220 | 'name': 'POP3', 221 | 'ip_protocol': 'tcp', 222 | 'from_port': '110', 223 | 'to_port': '110', 224 | }, 225 | 'imap': { 226 | 'name': 'IMAP', 227 | 'ip_protocol': 'tcp', 228 | 'from_port': '143', 229 | 'to_port': '143', 230 | }, 231 | 'ldap': { 232 | 'name': 'LDAP', 233 | 'ip_protocol': 'tcp', 234 | 'from_port': '389', 235 | 'to_port': '389', 236 | }, 237 | 'https': { 238 | 'name': 'HTTPS', 239 | 'ip_protocol': 'tcp', 240 | 'from_port': '443', 241 | 'to_port': '443', 242 | }, 243 | 'smtps': { 244 | 'name': 'SMTPS', 245 | 'ip_protocol': 'tcp', 246 | 'from_port': '465', 247 | 'to_port': '465', 248 | }, 249 | 'imaps': { 250 | 'name': 'IMAPS', 251 | 'ip_protocol': 'tcp', 252 | 'from_port': '993', 253 | 'to_port': '993', 254 | }, 255 | 'pop3s': { 256 | 'name': 'POP3S', 257 | 'ip_protocol': 'tcp', 258 | 'from_port': '995', 259 | 'to_port': '995', 260 | }, 261 | 'ms_sql': { 262 | 'name': 'MS SQL', 263 | 'ip_protocol': 'tcp', 264 | 'from_port': '1433', 265 | 'to_port': '1433', 266 | }, 267 | 'mysql': { 268 | 'name': 'MYSQL', 269 | 'ip_protocol': 'tcp', 270 | 'from_port': '3306', 271 | 'to_port': '3306', 272 | }, 273 | 'rdp': { 274 | 'name': 'RDP', 275 | 'ip_protocol': 'tcp', 276 | 'from_port': '3389', 277 | 'to_port': '3389', 278 | }, 279 | } 280 | FLAVOR_EXTRA_KEYS = { 281 | 'flavor_keys': [ 282 | ('quota:read_bytes_sec', _('Quota: Read bytes')), 283 | ('quota:write_bytes_sec', _('Quota: Write bytes')), 284 | ('quota:cpu_quota', _('Quota: CPU')), 285 | ('quota:cpu_period', _('Quota: CPU period')), 286 | ('quota:inbound_average', _('Quota: Inbound average')), 287 | ('quota:outbound_average', _('Quota: Outbound average')), 288 | ] 289 | } 290 | --------------------------------------------------------------------------------