├── .gitignore ├── .gitreview ├── .pdkignore ├── .sync.yml ├── .zuul.yaml ├── CHANGELOG.md ├── CONTRIBUTING.rst ├── Gemfile ├── LICENSE ├── README.md ├── Rakefile ├── bindep.txt ├── doc └── requirements.txt ├── lib └── puppet │ └── functions │ └── validate_available_themes.rb ├── manifests ├── dashboard.pp ├── dashboards │ ├── designate.pp │ ├── heat.pp │ ├── ironic.pp │ ├── manila.pp │ └── octavia.pp ├── deps.pp ├── init.pp ├── params.pp ├── policy.pp ├── policy │ └── base.pp └── wsgi │ └── apache.pp ├── metadata.json ├── releasenotes ├── notes │ ├── add-access-log-format-fdbdd77c94ff1abd.yaml │ ├── add-b3d6015cc987a835.yaml │ ├── add-customization-module-config-option-798d0bb4e00737c3.yaml │ ├── add-dropdown_max_items-38ea8e64152d76e5.yaml │ ├── add-http-https-port-to-init-e4924a20fb8cdc40.yaml │ ├── add-images-panel-parameter-cb010871c8e1d0d1.yaml │ ├── add-keystone_domain_choices-parameter-17bdbef68e57299c.yaml │ ├── add-option-WEBSSO-hide-keystone-10149289b2ad8c9c.yaml │ ├── add-secure-proxy-addr-header-07c36d89f8bf2ad2.yaml │ ├── add-simple-ip-mgmt-e8a1227a1a811a2d.yaml │ ├── add-site-branding-be1c2b6e1e70c782.yaml │ ├── add-ssl_verify_client-3e2bc9a7f1d4291a.yaml │ ├── add-support-for-SECURE_PROXY_SSL_HEADER-fbd83ad4f85bd52b.yaml │ ├── add-support-for-WEBSSO-options-a2d7e7f757b747d1.yaml │ ├── added_instance_default_config_options-123cc41099d5e098.yaml │ ├── added_new_theme_params_deprecated_custome_theme_path-e872713d93c45044.yaml │ ├── any2array-64602422742c9abe.yaml │ ├── apache-log-files-8474bbad1411ba51.yaml │ ├── apache-vhost-wsgi_daemon_process-37b8be9a679e31d0.yaml │ ├── apache-wsgi-custom-init-d1064242a6c0f8e8.yaml │ ├── apache-wsgi-processes-threads-66255fc01d1d48ed.yaml │ ├── apache_ports-5d0eb0ca775ad7d1.yaml │ ├── api_result_page_size-9efaaf9a23cd0454.yaml │ ├── bug-1942722-3cc45ac696688336.yaml │ ├── bug-1956904-f4393eade5197c47.yaml │ ├── bug-1988205-9689371154ba1d70.yaml │ ├── bug-url-5a1ae52b4b34dbc7.yaml │ ├── ca-optional-7443c07bcef671ce.yaml │ ├── cache_timeout-40252b507b11e4e5.yaml │ ├── centos-9-support-fe1fa3c9387e4d50.yaml │ ├── change-keystone-default-role-fe630805edb631f4.yaml │ ├── compress_enabled-9597ee6f04403fa3.yaml │ ├── compress_root-0a77ff2912d85a57.yaml │ ├── dashboard-remove-2b250155570ab317.yaml │ ├── default_boot_source-8c7b960d1213fdcf.yaml │ ├── deprecate-images-panel-6c22100afadedbd4.yaml │ ├── deprecate-memcache-backend-ce0b3304e4842cae.yaml │ ├── designate-dashboard-db1a2ec4621c61e3.yaml │ ├── disable-password-reveal-3ce6cbddf0bdb67e.yaml │ ├── disallow_iframe_embed-f0ffa1cabeca5b1e.yaml │ ├── django_log_level-d4c7c89e8935c67a.yaml │ ├── django_template_log_level-187b891542873d91.yaml │ ├── drop-fedora-ec61b145255a8c37.yaml │ ├── empty-root-url-495e1f1f47372f47.yaml │ ├── enable-password-retrieve-b0bfa91053b24186.yaml │ ├── enable_user_pass-c30e80d0705b0954.yaml │ ├── enforce_password_check-7e29e1e968874e04.yaml │ ├── fix-external-monitoring-fe259c7bec13c1a8.yaml │ ├── fix_missing_quotes_for_images_upload-bcd649d0311afe32.yaml │ ├── fix_ssl_handshake_errors-aece1e80e78820a2.yaml │ ├── heat-dashboard-c34cea1d256164cd.yaml │ ├── heat_template_generator-bc485a59c5e63b62.yaml │ ├── horizon-add-dashboard-support-0d14ebc190c01070.yaml │ ├── horizon-custom_wsgi_process_options-e11e7d92a9d631b1.yaml │ ├── horizon-django-wsgi-entry-09354eb4692d3836.yaml │ ├── horizon-fix-invalid-root-url-0c8e54a5c6de2f5e.yaml │ ├── horizon_django_cache_compress_ubuntu-e1807c69e52048fd.yaml │ ├── ironic-dashboard-0dc5814a56121d5b.yaml │ ├── keystone-endpoint-type-e4c520d5728acad5.yaml │ ├── keystone_v3-d381e37592d3b29b.yaml │ ├── local-settings-permissions-666e7cd5d55cf813.yaml │ ├── manage-memcache-param-4fbc465b88b062db.yaml │ ├── manila-dashboard-aaf28389e0bcfa9b.yaml │ ├── memoized_max_size_default-0d8e33d09875f380.yaml │ ├── multiple-log_handlers-5b7157cb351f0bec.yaml │ ├── octavia-dashboard-0eb5300606586e80.yaml │ ├── password_validator-fdb08ff1d27aa652.yaml │ ├── policy-05bec63b1ab26902.yaml │ ├── puppet-8-2654c8e29011ca99.yaml │ ├── purge-conf_d_dir-daeefef45e54dcf7.yaml │ ├── quote-horizon_upload_mode-fa7b34f53f32351d.yaml │ ├── rectify-static-alias-prefix-7c182dd08a98a8ea.yaml │ ├── release-note-ubuntu-py3-bbbb3edb079f4094.yaml │ ├── remove-centos-8-e19473b41af483fb.yaml │ ├── remove-enable_user_pass-from-base-e6e72e9dd5d6b85d.yaml │ ├── remove-hardcoded-hypervisor-options-8ed400c16d54fe97.yaml │ ├── remove-images_panel-e200ecb20dec7057.yaml │ ├── remove-log_handlers-62c1f89f2b7851ef.yaml │ ├── remove-memcached-backend-e429c4f280d4b02b.yaml │ ├── remove-old-ssl-params-0a94b4e8f88106ed.yaml │ ├── remove-puppet-6-9c9d36db80bdb726.yaml │ ├── remove-sim-50f5d779a67d489d.yaml │ ├── remove_lesscpy-b4b677de57351078.yaml │ ├── rename-ssl-params-5c58357688b4850f.yaml │ ├── require-boolean-for-use_simple_tenant_usage-206a3e399976fd9d.yaml │ ├── rocky-remove-deprecated-params-c788c10d6468657c.yaml │ ├── root_path-4dbbddfa82bc6b56.yaml │ ├── root_url-cede3a4a7ecafdf9.yaml │ ├── rspec-puppet-facts-7ec9c688aba3e69e.yaml │ ├── simultaneous_sessions-c503feb527139590.yaml │ ├── ssl-redirect-bug-38095eeba290933a.yaml │ ├── sso-redirect-opts-8e190e4c0f6338df.yaml │ ├── syslog_facility-0fee14adc9a7de4f.yaml │ ├── system_scope_services-5e19b53fc2b8b48c.yaml │ ├── token_timeout_margin-33c86659acbcad13.yaml │ ├── totp-support-c31e3b9213c8d68d.yaml │ ├── trigger_collectstatic-fb465ebec48b3bc7.yaml │ ├── tuskar-9fa7bbe0df150fd1.yaml │ ├── ubuntu-jammy-699e196cd813179d.yaml │ ├── ubuntu-noble-7072fa6f20dc8b5e.yaml │ ├── update-apache-constraints-a51e2ff894772b0a.yaml │ ├── update-default-session_timeout-fb7b20f13967160f.yaml │ ├── update_local_settings_mitaka-f182327ce660fda0.yaml │ ├── use-reno-1caaec4ba5aa4285.yaml │ ├── use_simple_tenant_usage-f53e475bf7a5252f.yaml │ ├── wsgi-ssl_extra_params-f775a56966c5d475.yaml │ └── wsgi_process_options-7d03be050e15b0ab.yaml └── source │ ├── 2023.1.rst │ ├── 2023.2.rst │ ├── 2024.1.rst │ ├── 2024.2.rst │ ├── 2025.1.rst │ ├── _static │ └── .placeholder │ ├── conf.py │ ├── index.rst │ ├── mitaka.rst │ ├── newton.rst │ ├── ocata.rst │ ├── pike.rst │ ├── queens.rst │ ├── rocky.rst │ ├── stein.rst │ ├── train.rst │ ├── unreleased.rst │ ├── ussuri.rst │ ├── victoria.rst │ ├── wallaby.rst │ ├── xena.rst │ ├── yoga.rst │ └── zed.rst ├── setup.cfg ├── setup.py ├── spec ├── acceptance │ └── horizon_with_apache_spec.rb ├── classes │ ├── horizon_dashboards_designate_spec.rb │ ├── horizon_dashboards_heat_spec.rb │ ├── horizon_dashboards_ironic_spec.rb │ ├── horizon_dashboards_manila_spec.rb │ ├── horizon_dashboards_octavia_spec.rb │ ├── horizon_init_spec.rb │ ├── horizon_policy_spec.rb │ ├── horizon_wsgi_apache_spec.rb │ └── releasenotes │ │ └── notes │ │ └── add_show_diff_parameter-d056b46bceea2f09.yaml ├── defines │ ├── horizon_dashboard_spec.rb │ └── horizon_policy_base_spec.rb ├── fixtures │ └── override_local_settings.py.erb ├── shared_examples.rb ├── spec_helper.rb ├── spec_helper_acceptance.rb └── type_aliases │ └── availablethemes_spec.rb ├── templates ├── _1499_load_balancer_settings.py.erb ├── _1699_orchestration_settings.py.erb ├── _1799_dns_settings.py.erb ├── _2299_baremetal_settings.py.erb ├── _90_manila_shares.py.erb └── local_settings.py.erb ├── tox.ini └── types └── availablethemes.pp /.gitignore: -------------------------------------------------------------------------------- 1 | # Add patterns in here to exclude files created by tools integrated with this 2 | # repository, such as test frameworks from the project's recommended workflow, 3 | # rendered documentation and package builds. 4 | # 5 | # Don't add patterns to exclude files created by preferred personal tools 6 | # (editors, IDEs, your operating system itself even). These should instead be 7 | # maintained outside the repository, for example in a ~/.gitignore file added 8 | # with: 9 | # 10 | # git config --global core.excludesfile '~/.gitignore' 11 | 12 | pkg/ 13 | Gemfile.lock 14 | vendor/ 15 | spec/fixtures/ 16 | .vagrant/ 17 | .bundle/ 18 | coverage/ 19 | .idea/ 20 | *.iml 21 | /openstack 22 | /log 23 | 24 | # Files created by releasenotes build 25 | releasenotes/build 26 | .tox 27 | -------------------------------------------------------------------------------- /.gitreview: -------------------------------------------------------------------------------- 1 | [gerrit] 2 | host=review.opendev.org 3 | port=29418 4 | project=openstack/puppet-horizon.git 5 | -------------------------------------------------------------------------------- /.pdkignore: -------------------------------------------------------------------------------- 1 | # common list used in puppetlabs repos 2 | .git/ 3 | .*.sw[op] 4 | .metadata 5 | .yardoc 6 | .yardwarns 7 | *.iml 8 | /.bundle/ 9 | /.idea/ 10 | /.vagrant/ 11 | /coverage/ 12 | /bin/ 13 | /doc/ 14 | /Gemfile.local 15 | /Gemfile.lock 16 | /junit/ 17 | /log/ 18 | /pkg/ 19 | /spec/fixtures/manifests/ 20 | /spec/fixtures/modules/* 21 | /tmp/ 22 | /vendor/ 23 | /convert_report.txt 24 | /update_report.txt 25 | .DS_Store 26 | .project 27 | .envrc 28 | /inventory.yaml 29 | /spec/fixtures/litmus_inventory.yaml 30 | /.fixtures.yml 31 | /Gemfile 32 | /.gitattributes 33 | /.gitignore 34 | /.pdkignore 35 | /.puppet-lint.rc 36 | /Rakefile 37 | /rakelib/ 38 | /.rspec 39 | /..yml 40 | /.yardopts 41 | /spec/ 42 | /.vscode/ 43 | /.sync.yml 44 | /.devcontainer/ 45 | # OpenStack-specific files 46 | /bindep.txt 47 | /.gitreview 48 | /releasenotes/ 49 | /setup.cfg 50 | /setup.py 51 | /tox.ini 52 | /.zuul.yaml 53 | -------------------------------------------------------------------------------- /.sync.yml: -------------------------------------------------------------------------------- 1 | --- 2 | spec/spec_helper.rb: 3 | unmanaged: true 4 | -------------------------------------------------------------------------------- /.zuul.yaml: -------------------------------------------------------------------------------- 1 | - project: 2 | templates: 3 | - puppet-openstack-check-jobs 4 | - puppet-openstack-module-unit-jobs 5 | - puppet-openstack-integration-jobs-scenario002 6 | - puppet-openstack-integration-jobs-scenario003 7 | - puppet-openstack-integration-jobs-scenario004 8 | - puppet-openstack-integration-jobs-scenario005 9 | - puppet-openstack-litmus-jobs 10 | - release-notes-jobs-python3 11 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | ## 8.0.0 and beyond 2 | 3 | From 8.0.0 release and beyond, release notes are published on 4 | [docs.openstack.org](http://docs.openstack.org/releasenotes/puppet-horizon/). 5 | 6 | ##2015-11-25 - 7.0.0 7 | ###Summary 8 | 9 | This is a backwards-incompatible major release for OpenStack Liberty. 10 | 11 | ####Backwards-incompatible changes 12 | 13 | ####Features 14 | - allow Orchestration of Image Backend 15 | - add new parameters for multidomain support 16 | - add api_versions parameter 17 | - remove hardcoded 'neutron_options' list 18 | - remove hardcoded 'cinder_options' list 19 | - remove hardcoded 'hypervisor_options' list 20 | - add ssl_no_verify parameter 21 | - make redirect type configurable 22 | - add CUSTOM_THEME_PATH variable 23 | - add tag to package resource 24 | - add cache_backend and cache_options params 25 | 26 | ####Bugfixes 27 | - do not run collectstatic or compress in Debian 28 | - remove duplicate key for ':servername' 29 | 30 | ####Maintenance 31 | - acceptance: enable debug & verbosity for OpenStack logs 32 | - initial msync run for all Puppet OpenStack modules 33 | - try to use zuul-cloner to prepare fixtures 34 | - remove class_parameter_defaults puppet-lint check 35 | - fix rspec 3.x syntax 36 | 37 | ##2015-10-15 - 6.1.0 38 | ###Summary 39 | 40 | This is a maintenance release in the Kilo series 41 | 42 | ####Maintenance 43 | - acceptance: checkout stable/kilo puppet modules 44 | 45 | ##2015-07-08 - 6.0.0 46 | ###Summary 47 | 48 | This is a backwards-incompatible major release for OpenStack Kilo. 49 | 50 | ####Backwards-incompatible changes 51 | - Remove some old deprecated parameters 52 | 53 | ####Features 54 | - Puppet 4.x support 55 | - Sort policy files in local_settings.py 56 | - Add support for Neutron DVR and L3 HA options 57 | - Collect static files before compressing them 58 | - Add support to add Tuskar-ui config to local_settings 59 | - Add support for WEBROOT in local_settings 60 | - Add 'log_handler' parameter 61 | 62 | ####Maintenance 63 | - Acceptance tests with Beaker 64 | - Fix spec tests for RSpec 3.x and Puppet 4.x 65 | 66 | ##2015-06-17 - 5.1.0 67 | ###Summary 68 | 69 | This is a feature and bugfix release in the Juno series. 70 | 71 | ####Features 72 | - Add support for the configuration of OPENSTACK_CINDER_FEATURES 73 | 74 | ####Bugfixes 75 | - Sort policy files in local_settings.py 76 | 77 | ####Maintenance 78 | - spec: pin rspec-puppet to 1.0.1 79 | - Pin puppetlabs-concat to 1.2.1 in fixtures 80 | - Update .gitreview file for project rename 81 | 82 | ##2014-11-25 - 5.0.0 83 | ###Summary 84 | 85 | This is a backwards-incompatible major release for OpenStack Juno. 86 | 87 | ####Backwards-incompatible changes 88 | - Switch the default log level to INFO from DEBUG 89 | 90 | ####Features 91 | - Use concat to manage local_settings.py 92 | - Add parameters to configure policy files in horizon class 93 | - Add parameter django_session_engine to horizon class 94 | - Change cache_server_ip in horizon class to accept arrays 95 | 96 | ####Bugfixes 97 | - Fix the default value of compress_offline parameter 98 | - Fix Apache config file default 99 | - Stop setting wsgi_socket_prefix since the apache module takes care of it 100 | - Add workaround for puppet's handling of undef for setting the vhost bind 101 | address 102 | - Fix the default MSSQL port in security group rules 103 | 104 | ##2014-10-16 - 4.2.0 105 | ###Summary 106 | 107 | This is a feature and bugfix release in the Icehouse series. 108 | 109 | ####Features 110 | - Add parameters to configure ALLOWED_HOSTS in settings_local.y and 111 | ServerAlias in apache, no longer requiring these values to be the fqdn 112 | - Add support for secure cookies 113 | 114 | ####Bugfixes 115 | - Fix removal of vhost conf file 116 | 117 | ##2014-06-19 - 4.1.0 118 | ###Summary 119 | 120 | ####Features 121 | - Add option to set temporary upload directory for images 122 | 123 | ####Bugfixes 124 | - Ensure ssl wsgi_process_group is the same as wsgi_daemon_process 125 | 126 | ####Maintenance 127 | - Pin major gems 128 | 129 | ##2014-05-01 - 4.0.0 130 | ###Summary 131 | 132 | This is a major release for OpenStack Icehouse but contains no API-breaking 133 | changes. 134 | 135 | ####Features 136 | - Add support to pass extra parameters to vhost 137 | - Add support to ensure online cache is present and can be refreshed 138 | - Add support to configure OPENSTACK_HYPERVISOR_FEATURES settings, 139 | AVAILABLE_REGIONS, OPENSTACK_NEUTRON_NETWORK 140 | - Add support to disable configuration of Apache 141 | 142 | ####Bugfixes 143 | - Fix log ownership and WSGIProcess* settings for Red Hat releases 144 | - Fix overriding of policy files in local settings 145 | - Fix SSL bugs 146 | - Improve WSGI configuration 147 | 148 | ####Maintenance 149 | 150 | ##2014-03-26 - 3.1.0 151 | ###Summary 152 | 153 | This is a feature release in the Havana series. 154 | 155 | ####Features 156 | - Add option parameterize OPENSTACK_NEUTRON_NETWORK settings 157 | 158 | ##2014-02-14 - 3.0.1 159 | ###Summary 160 | 161 | This is a bugfix release in the Havana series. 162 | 163 | ####Bugfixes 164 | - Add COMPRESS_OFFLINE option to local_settings to fix broken Ubuntu 165 | installation 166 | 167 | ####Maintenance 168 | 169 | ##2014-01-16 - 3.0.0 170 | ###Summary 171 | 172 | This is a backwards-incompatible major release for OpenStack Havana. 173 | 174 | ####Backwards-incompatible changes 175 | - Update user and group for Debian family OSes 176 | - Update policy files for RedHat family OSes 177 | - Change keystone_default_role to _member_ 178 | 179 | ####Features 180 | - Enable SSL support with cert/key 181 | - Introduce new parameters: keystone_url, help_url, endpoint type 182 | 183 | ####Bugfixes 184 | - Improve default logging configuration 185 | - Fix bug to set LOGOUT_URL properly 186 | - Fix user/group regression for Debian 187 | 188 | ####Maintenance 189 | 190 | ##2013-10-07 - 2.2.0 191 | ###Summary 192 | 193 | This is a bugfix release in the Grizzly series. 194 | 195 | ####Bugfixes 196 | - Fixed apache 0.9.0 incompatability 197 | 198 | ####Maintenance 199 | - Various lint fixes 200 | 201 | ##2013-08-07 - 2.1.0 202 | ###Summary 203 | 204 | This is a bugfix release in the Grizzly series. 205 | 206 | ####Bugfixes 207 | - Update local_settings.py 208 | 209 | ####Maintenance 210 | - Pin Apache module version 211 | - Various lint fixes 212 | 213 | ##2013-06-24 - 2.0.0 214 | ###Summary 215 | 216 | Initial release on StackForge. 217 | 218 | ####Features 219 | - httpd config now managed on every platform 220 | - Provide option to enable Horizon's display of block device mount points 221 | -------------------------------------------------------------------------------- /CONTRIBUTING.rst: -------------------------------------------------------------------------------- 1 | The source repository for this project can be found at: 2 | 3 | https://opendev.org/openstack/puppet-horizon 4 | 5 | Pull requests submitted through GitHub are not monitored. 6 | 7 | To start contributing to OpenStack, follow the steps in the contribution guide 8 | to set up and use Gerrit: 9 | 10 | https://docs.openstack.org/contributors/code-and-documentation/quick-start.html 11 | 12 | Bugs should be filed on Launchpad: 13 | 14 | https://bugs.launchpad.net/puppet-horizon 15 | 16 | For more specific information about contributing to this repository, see the 17 | Puppet OpenStack contributor guide: 18 | 19 | https://docs.openstack.org/puppet-openstack-guide/latest/contributor/contributing.html 20 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source ENV['GEM_SOURCE'] || "https://rubygems.org" 2 | 3 | group :development, :test, :system_tests do 4 | spec_helper_dir = '/home/zuul/src/opendev.org/openstack/puppet-openstack_spec_helper' 5 | if File.directory?(spec_helper_dir) 6 | if ENV['ZUUL_PROJECT'] == 'openstack/puppet-openstack_spec_helper' 7 | gem 'puppet-openstack_spec_helper', 8 | :path => '../..', 9 | :require => 'false' 10 | else 11 | gem 'puppet-openstack_spec_helper', 12 | :path => spec_helper_dir, 13 | :require => 'false' 14 | end 15 | else 16 | spec_helper_version = ENV['ZUUL_BRANCH'] || "master" 17 | gem 'puppet-openstack_spec_helper', 18 | :git => 'https://opendev.org/openstack/puppet-openstack_spec_helper', 19 | :ref => spec_helper_version, 20 | :require => 'false' 21 | end 22 | end 23 | 24 | if facterversion = ENV['FACTER_GEM_VERSION'] 25 | gem 'facter', facterversion, :require => false 26 | else 27 | gem 'facter', :require => false 28 | end 29 | 30 | if puppetversion = ENV['PUPPET_GEM_VERSION'] 31 | gem 'puppet', puppetversion, :require => false 32 | else 33 | gem 'puppet', :require => false 34 | end 35 | 36 | # vim:ft=ruby 37 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Team and repository tags 2 | ======================== 3 | 4 | [![Team and repository tags](https://governance.openstack.org/tc/badges/puppet-horizon.svg)](https://governance.openstack.org/tc/reference/tags/index.html) 5 | 6 | 7 | 8 | horizon 9 | ======= 10 | 11 | #### Table of Contents 12 | 13 | 1. [Overview - What is the horizon module?](#overview) 14 | 2. [Module Description - What does the module do?](#module-description) 15 | 3. [Setup - The basics of getting started with horizon](#setup) 16 | 4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) 17 | 5. [Limitations - OS compatibility, etc.](#limitations) 18 | 6. [Development - Guide for contributing to the module](#development) 19 | 7. [Release Notes - Release notes for the project](#release-notes) 20 | 8. [Contributors - Those with commits](#contributors) 21 | 9. [Repository - The project source code repository](#repository) 22 | 23 | Overview 24 | -------- 25 | 26 | The horizon module is a part of [OpenStack](https://opendev.org/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module its self is used to flexibly configure and manage the dashboard service for OpenStack. 27 | 28 | Module Description 29 | ------------------ 30 | 31 | The horizon module is a thorough attempt to make Puppet capable of managing the entirety of horizon. Horizon is a fairly classic django application, which results in a fairly simply Puppet module. 32 | 33 | This module is tested in combination with other modules needed to build and leverage an entire OpenStack software stack. 34 | 35 | Setup 36 | ----- 37 | 38 | **What the horizon module affects** 39 | 40 | * [Horizon](https://docs.openstack.org/horizon/latest/), the dashboard service for OpenStack. 41 | 42 | ### Installing horizon 43 | 44 | puppet module install openstack/horizon 45 | 46 | ### Beginning with horizon 47 | 48 | To utilize the horizon module's functionality you will need to declare multiple resources but you'll find that doing so is much less complicated than the other OpenStack component modules. We recommend you consult and understand the [core openstack](http://docs.openstack.org) documentation. 49 | 50 | **Define a horizon dashboard** 51 | 52 | ```puppet 53 | class { 'memcached': 54 | listen_ip => '127.0.0.1', 55 | tcp_port => '11211', 56 | udp_port => '11211', 57 | } 58 | 59 | class { 'horizon': 60 | cache_server_ip => '127.0.0.1', 61 | cache_server_port => '11211', 62 | secret_key => '12345', 63 | django_debug => 'True', 64 | api_result_limit => '2000', 65 | } 66 | ``` 67 | 68 | Implementation 69 | -------------- 70 | 71 | ### horizon 72 | 73 | Horizon is a simple module using the combination of a package, template, and the file_line type. Most all the configuration lives inside the included local_settings template and the file_line type is for selectively inserting needed lines into configuration files that aren't explicitly managed by the horizon module. 74 | 75 | Limitations 76 | ----------- 77 | 78 | * Only supports Apache using mod_wsgi. 79 | 80 | Development 81 | ----------- 82 | 83 | Developer documentation for the entire puppet-openstack project. 84 | 85 | * https://docs.openstack.org/puppet-openstack-guide/latest/ 86 | 87 | Release Notes 88 | ------------- 89 | 90 | * https://docs.openstack.org/releasenotes/puppet-horizon 91 | 92 | Contributors 93 | ------------ 94 | 95 | * https://github.com/openstack/puppet-horizon/graphs/contributors 96 | 97 | Repository 98 | ---------- 99 | 100 | * https://opendev.org/openstack/puppet-horizon 101 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | require 'puppet-openstack_spec_helper/rake_tasks' 2 | -------------------------------------------------------------------------------- /bindep.txt: -------------------------------------------------------------------------------- 1 | # This is a cross-platform list tracking distribution packages needed by tests; 2 | # see https://docs.openstack.org/infra/bindep/ for additional information. 3 | 4 | libxml2-devel [test platform:rpm] 5 | libxml2-dev [test platform:dpkg] 6 | libxslt-devel [test platform:rpm] 7 | libxslt1-dev [test platform:dpkg] 8 | ruby-devel [test platform:rpm] 9 | ruby-dev [test platform:dpkg] 10 | zlib1g-dev [test platform:dpkg] 11 | zlib-devel [test platform:rpm] 12 | puppet [build] 13 | -------------------------------------------------------------------------------- /doc/requirements.txt: -------------------------------------------------------------------------------- 1 | # This is required for the docs build jobs 2 | sphinx>=3.5.1 # BSD 3 | openstackdocstheme>=2.2.7 # Apache-2.0 4 | 5 | # This is required for the releasenotes build jobs 6 | reno>=3.2.0 # Apache-2.0 7 | -------------------------------------------------------------------------------- /lib/puppet/functions/validate_available_themes.rb: -------------------------------------------------------------------------------- 1 | Puppet::Functions.create_function(:validate_available_themes) do 2 | 3 | def validate_available_themes(themes) 4 | req_keys = Set.new(['name', 'label', 'path']) 5 | themes.each do |theme| 6 | if theme.keys.to_set != req_keys 7 | if theme.keys.to_set.subset?(req_keys) 8 | raise Puppet::Error, "Some of the required keys (name, label and path) are missing" 9 | else 10 | raise Puppet::Error, "Unsupported keys are detected" 11 | end 12 | end 13 | end 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /manifests/dashboard.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2018 Binero 3 | # 4 | # Author: Tobias Urdin 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 7 | # not use this file except in compliance with the License. You may obtain 8 | # a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 14 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 15 | # License for the specific language governing permissions and limitations 16 | # under the License. 17 | # 18 | # == Define: horizon::dashboard 19 | # 20 | # This resource installs additional horizon dashboard which is not 21 | # shipped with the horizon packages, but as additional packages. 22 | # 23 | # == Parameters: 24 | # 25 | # [*ensure*] 26 | # (Optional) The ensure state of the dashboard package. 27 | # Defaults to present 28 | # 29 | # == Example: 30 | # 31 | # This will install the correct cloudkitty-dashboard package for your deployment. 32 | # horizon::dashboard { 'cloudkitty': } 33 | # 34 | define horizon::dashboard ( 35 | $ensure = 'present', 36 | ) { 37 | 38 | $dashboard = downcase($name) 39 | 40 | if $dashboard in ['designate', 'ironic', 'heat', 'octavia', 'manila'] { 41 | warning("Use the horizon::dashboard::${dashboard} class instead. \ 42 | The class allows more flexible customization of the ${dashboard} dashboard.") 43 | } 44 | 45 | case $facts['os']['family'] { 46 | 'Debian': { 47 | $dashboard_package_name = "python3-${dashboard}-dashboard" 48 | } 49 | 'RedHat': { 50 | $dashboard_package_name = "openstack-${dashboard}-ui" 51 | } 52 | default: { 53 | fail("Unsupported osfamily: ${facts['os']['family']}") 54 | } 55 | } 56 | 57 | ensure_packages($dashboard_package_name, { 58 | 'ensure' => $ensure, 59 | 'tag' => ['horizon-package'] 60 | }) 61 | } 62 | -------------------------------------------------------------------------------- /manifests/dashboards/designate.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 3 | # not use this file except in compliance with the License. You may obtain 4 | # a copy of the License at 5 | # 6 | # http://www.apache.org/licenses/LICENSE-2.0 7 | # 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 10 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 11 | # License for the specific language governing permissions and limitations 12 | # under the License. 13 | # 14 | # == Class: horizon::dashboards::designate 15 | # 16 | # Manage parameters of designate-dashboard 17 | # 18 | # === Parameters: 19 | # 20 | # [*policy_file*] 21 | # (optional) Local copy of service policy files. 22 | # Defaults to 'designate_policy.yaml' 23 | # 24 | # [*policies*] 25 | # (optional) Set of policies to configure. 26 | # Defaults to undef 27 | # 28 | class horizon::dashboards::designate( 29 | String[1] $policy_file = 'designate_policy.yaml', 30 | Optional[Hash] $policies = undef, 31 | ) { 32 | 33 | include horizon::deps 34 | include horizon::params 35 | 36 | # The horizon class should be included so that some common parameters 37 | # can be picked here. 38 | if ! defined(Class[horizon]) { 39 | fail('The horizon class should be included before the horizon::dashboards::designate class') 40 | } 41 | 42 | $log_handlers = $::horizon::log_handlers 43 | $log_level = $::horizon::log_level 44 | $policy_files = $::horizon::policy_files 45 | 46 | if $policy_files and $policy_files['dns'] { 47 | $policy_file_real = $policy_files['dns'] 48 | } else { 49 | $policy_file_real = $policy_file 50 | } 51 | 52 | $config_file = "${::horizon::params::conf_d_dir}/_1799_dns_settings.py" 53 | 54 | package { 'designate-dashboard': 55 | ensure => $::horizon::package_ensure, 56 | name => $::horizon::params::designate_dashboard_package_name, 57 | tag => ['openstack', 'horizon-package'], 58 | } 59 | 60 | concat { $config_file: 61 | mode => '0640', 62 | owner => $::horizon::params::wsgi_user, 63 | group => $::horizon::params::wsgi_group, 64 | require => File[$::horizon::params::conf_d_dir], 65 | tag => ['django-config'], 66 | } 67 | 68 | concat::fragment { '_1799_dns_settings.py': 69 | target => $config_file, 70 | content => template('horizon/_1799_dns_settings.py.erb'), 71 | order => '50', 72 | } 73 | 74 | if $policies != undef { 75 | # The horizon::policy class should be included so that some common 76 | # parameters about policy management can be picked here 77 | if !defined(Class[horizon::policy]){ 78 | fail('The horizon::policy class should be include in advance to customize policies') 79 | } 80 | 81 | horizon::policy::base { $policy_file_real: 82 | policies => $policies, 83 | file_mode => $::horizon::policy::file_mode, 84 | file_format => $::horizon::policy::file_format, 85 | purge_config => $::horizon::policy::purge_config, 86 | } 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /manifests/dashboards/heat.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 3 | # not use this file except in compliance with the License. You may obtain 4 | # a copy of the License at 5 | # 6 | # http://www.apache.org/licenses/LICENSE-2.0 7 | # 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 10 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 11 | # License for the specific language governing permissions and limitations 12 | # under the License. 13 | # 14 | # == Class: horizon::dashboards::heat 15 | # 16 | # Manage parameters of heat-dashboard 17 | # 18 | # === Parameters: 19 | # 20 | # [*enable_user_pass*] 21 | # (optional) Enable the password field while launching a Heat stack. 22 | # Defaults to true 23 | # 24 | # [*policy_file*] 25 | # (optional) Local copy of service policy files. 26 | # Defaults to 'heat_policy.yaml' 27 | # 28 | # [*template_generator_api_timeout*] 29 | # (optional) API timeout to retrieve response from template generator. 30 | # Defaults to 60 31 | # 32 | # [*template_generator_api_parallel*] 33 | # (optional) Concurrency to retrieve response from template generator. 34 | # Defaults to 2 35 | # 36 | # [*policies*] 37 | # (optional) Set of policies to configure. 38 | # Defaults to undef 39 | # 40 | class horizon::dashboards::heat( 41 | $enable_user_pass = true, 42 | String[1] $policy_file = 'heat_policy.yaml', 43 | $template_generator_api_timeout = 60, 44 | $template_generator_api_parallel = 2, 45 | Optional[Openstacklib::Policies] $policies = undef, 46 | ) { 47 | 48 | include horizon::deps 49 | include horizon::params 50 | 51 | # The horizon class should be included so that some common parameters 52 | # can be picked here. 53 | if ! defined(Class[horizon]) { 54 | fail('The horizon class should be included before the horizon::dashboards::heat class') 55 | } 56 | $log_handlers = $::horizon::log_handlers 57 | $log_level = $::horizon::log_level 58 | $policy_files = $::horizon::policy_files 59 | 60 | if $policy_files and $policy_files['orchestration'] { 61 | $policy_file_real = $policy_files['orchestration'] 62 | } else { 63 | $policy_file_real = $policy_file 64 | } 65 | 66 | $config_file = "${::horizon::params::conf_d_dir}/_1699_orchestration_settings.py" 67 | 68 | package { 'heat-dashboard': 69 | ensure => $::horizon::package_ensure, 70 | name => $::horizon::params::heat_dashboard_package_name, 71 | tag => ['openstack', 'horizon-package'], 72 | } 73 | 74 | concat { $config_file: 75 | mode => '0640', 76 | owner => $::horizon::params::wsgi_user, 77 | group => $::horizon::params::wsgi_group, 78 | require => File[$::horizon::params::conf_d_dir], 79 | tag => ['django-config'], 80 | } 81 | 82 | concat::fragment { '_1699_orchestration_settings.py': 83 | target => $config_file, 84 | content => template('horizon/_1699_orchestration_settings.py.erb'), 85 | order => '50', 86 | } 87 | 88 | if $policies != undef { 89 | # The horizon::policy class should be included so that some common 90 | # parameters about policy management can be picked here 91 | if !defined(Class[horizon::policy]){ 92 | fail('The horizon::policy class should be include in advance to customize policies') 93 | } 94 | 95 | horizon::policy::base { $policy_file_real: 96 | policies => $policies, 97 | file_mode => $::horizon::policy::file_mode, 98 | file_format => $::horizon::policy::file_format, 99 | purge_config => $::horizon::policy::purge_config, 100 | } 101 | } 102 | } 103 | -------------------------------------------------------------------------------- /manifests/dashboards/ironic.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 3 | # not use this file except in compliance with the License. You may obtain 4 | # a copy of the License at 5 | # 6 | # http://www.apache.org/licenses/LICENSE-2.0 7 | # 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 10 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 11 | # License for the specific language governing permissions and limitations 12 | # under the License. 13 | # 14 | # == Class: horizon::dashboards::ironic 15 | # 16 | # Manage parameters of ironic-dashboard 17 | # 18 | # === Parameters: 19 | # 20 | class horizon::dashboards::ironic() { 21 | 22 | include horizon::deps 23 | include horizon::params 24 | 25 | # The horizon class should be included so that some common parameters 26 | # can be picked here. 27 | if ! defined(Class[horizon]) { 28 | fail('The horizon class should be included before the horizon::dashboards::ironic class') 29 | } 30 | 31 | $log_handlers = $::horizon::log_handlers 32 | $log_level = $::horizon::log_level 33 | 34 | $config_file = "${::horizon::params::conf_d_dir}/_2299_baremetal_settings.py" 35 | 36 | package { 'ironic-dashboard': 37 | ensure => $::horizon::package_ensure, 38 | name => $::horizon::params::ironic_dashboard_package_name, 39 | tag => ['openstack', 'horizon-package'], 40 | } 41 | 42 | concat { $config_file: 43 | mode => '0640', 44 | owner => $::horizon::params::wsgi_user, 45 | group => $::horizon::params::wsgi_group, 46 | require => File[$::horizon::params::conf_d_dir], 47 | tag => ['django-config'], 48 | } 49 | 50 | concat::fragment { '_2299_baremetal_settings.py': 51 | target => $config_file, 52 | content => template('horizon/_2299_baremetal_settings.py.erb'), 53 | order => '50', 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /manifests/dashboards/manila.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 3 | # not use this file except in compliance with the License. You may obtain 4 | # a copy of the License at 5 | # 6 | # http://www.apache.org/licenses/LICENSE-2.0 7 | # 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 10 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 11 | # License for the specific language governing permissions and limitations 12 | # under the License. 13 | # 14 | # == Class: horizon::dashboards::manila 15 | # 16 | # Manage parameters of manila-dashboard 17 | # 18 | # === Parameters: 19 | # 20 | # [*policy_file*] 21 | # (optional) Local copy of service policy files. 22 | # Defaults to 'manila_policy.yaml' 23 | # 24 | # [*manila_options*] 25 | # (optional) A hash of parameters to enable features specific to Manila. 26 | # These include; 27 | # 'enable_share_groups': Boolean 28 | # 'enable_replication': Boolean 29 | # 'enable_migration': Boolean 30 | # 'enable_public_share_type_creation': Boolean 31 | # 'enable_public_share_group_type_creation': Boolean 32 | # 'enable_public_shares': Boolean 33 | # 'enabled_share_protocols': Array 34 | # 35 | # [*policies*] 36 | # (optional) Set of policies to configure. 37 | # Defaults to undef 38 | # 39 | class horizon::dashboards::manila( 40 | String[1] $policy_file = 'manila_policy.yaml', 41 | Hash $manila_options = {}, 42 | Optional[Openstacklib::Policies] $policies = undef, 43 | ) { 44 | 45 | include horizon::deps 46 | include horizon::params 47 | 48 | # The horizon class should be included so that some common parameters 49 | # can be picked here. 50 | if ! defined(Class[horizon]) { 51 | fail('The horizon class should be included before the horizon::dashboards::manila class') 52 | } 53 | $log_handlers = $::horizon::log_handlers 54 | $log_level = $::horizon::log_level 55 | $policy_files = $::horizon::policy_files 56 | 57 | if $policy_files and $policy_files['share'] { 58 | $policy_file_real = $policy_files['share'] 59 | } else { 60 | $policy_file_real = $policy_file 61 | } 62 | 63 | # Default options for the OPENSTACK_MANILA_FEATURES section. These will 64 | # be merged with user-provided options when the _90_manila_shares.py.erb 65 | # template is interpolated. 66 | $manila_defaults = { 67 | 'enable_share_groups' => true, 68 | 'enable_replication' => true, 69 | 'enable_migration' => true, 70 | 'enable_public_share_type_creation' => true, 71 | 'enable_public_share_group_type_creation' => true, 72 | 'enable_public_shares' => true, 73 | 'enabled_share_protocols' => ['NFS', 'CIFS', 'GlusterFS', 'HDFS', 'CephFS', 'MapRFS'], 74 | } 75 | $manila_options_real = merge($manila_defaults, $manila_options) 76 | 77 | $config_file = "${::horizon::params::conf_d_dir}/_90_manila_shares.py" 78 | 79 | package { 'manila-dashboard': 80 | ensure => $::horizon::package_ensure, 81 | name => $::horizon::params::manila_dashboard_package_name, 82 | tag => ['openstack', 'horizon-package'], 83 | } 84 | 85 | concat { $config_file: 86 | mode => '0640', 87 | owner => $::horizon::params::wsgi_user, 88 | group => $::horizon::params::wsgi_group, 89 | require => File[$::horizon::params::conf_d_dir], 90 | tag => ['django-config'], 91 | } 92 | 93 | concat::fragment { '_90_manila_shares.py': 94 | target => $config_file, 95 | content => template('horizon/_90_manila_shares.py.erb'), 96 | order => '50', 97 | } 98 | 99 | if $policies != undef { 100 | # The horizon::policy class should be included so that some common 101 | # parameters about policy management can be picked here 102 | if !defined(Class[horizon::policy]){ 103 | fail('The horizon::policy class should be include in advance to customize policies') 104 | } 105 | 106 | horizon::policy::base { $policy_file_real: 107 | policies => $policies, 108 | file_mode => $::horizon::policy::file_mode, 109 | file_format => $::horizon::policy::file_format, 110 | purge_config => $::horizon::policy::purge_config, 111 | } 112 | } 113 | } 114 | -------------------------------------------------------------------------------- /manifests/dashboards/octavia.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 3 | # not use this file except in compliance with the License. You may obtain 4 | # a copy of the License at 5 | # 6 | # http://www.apache.org/licenses/LICENSE-2.0 7 | # 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 10 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 11 | # License for the specific language governing permissions and limitations 12 | # under the License. 13 | # 14 | # == Class: horizon::dashboards::octavia 15 | # 16 | # Manage parameters of octavia-dashboard 17 | # 18 | # === Parameters: 19 | # 20 | # [*policy_file*] 21 | # (optional) Local copy of service policy files. 22 | # Defaults to 'octavia_policy.yaml' 23 | # 24 | # [*policies*] 25 | # (optional) Set of policies to configure. 26 | # Defaults to undef 27 | # 28 | class horizon::dashboards::octavia( 29 | String[1] $policy_file = 'octavia_policy.yaml', 30 | Optional[Hash] $policies = undef, 31 | ) { 32 | 33 | include horizon::deps 34 | include horizon::params 35 | 36 | # The horizon class should be included so that some common parameters 37 | # can be picked here. 38 | if ! defined(Class[horizon]) { 39 | fail('The horizon class should be included before the horizon::dashboards::octavia class') 40 | } 41 | 42 | $log_handlers = $::horizon::log_handlers 43 | $log_level = $::horizon::log_level 44 | $policy_files = $::horizon::policy_files 45 | 46 | if $policy_files and $policy_files['load-balancer'] { 47 | $policy_file_real = $policy_files['load-balancer'] 48 | } else { 49 | $policy_file_real = $policy_file 50 | } 51 | 52 | $config_file = "${::horizon::params::conf_d_dir}/_1499_load_balancer_settings.py" 53 | 54 | package { 'octavia-dashboard': 55 | ensure => $::horizon::package_ensure, 56 | name => $::horizon::params::octavia_dashboard_package_name, 57 | tag => ['openstack', 'horizon-package'], 58 | } 59 | 60 | concat { $config_file: 61 | mode => '0640', 62 | owner => $::horizon::params::wsgi_user, 63 | group => $::horizon::params::wsgi_group, 64 | require => File[$::horizon::params::conf_d_dir], 65 | tag => ['django-config'], 66 | } 67 | 68 | concat::fragment { '_1499_load_balancer_settings.py': 69 | target => $config_file, 70 | content => template('horizon/_1499_load_balancer_settings.py.erb'), 71 | order => '50', 72 | } 73 | 74 | if $policies != undef { 75 | # The horizon::policy class should be included so that some common 76 | # parameters about policy management can be picked here 77 | if !defined(Class[horizon::policy]){ 78 | fail('The horizon::policy class should be include in advance to customize policies') 79 | } 80 | 81 | horizon::policy::base { $policy_file_real: 82 | policies => $policies, 83 | file_mode => $::horizon::policy::file_mode, 84 | file_format => $::horizon::policy::file_format, 85 | purge_config => $::horizon::policy::purge_config, 86 | } 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /manifests/deps.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2018 Binero 3 | # 4 | # Author: Tobias Urdin 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 7 | # not use this file except in compliance with the License. You may obtain 8 | # a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 14 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 15 | # License for the specific language governing permissions and limitations 16 | # under the License. 17 | # 18 | # == Class: horizon::deps 19 | # 20 | # Horizon anchors and dependency management 21 | # 22 | class horizon::deps { 23 | 24 | anchor { 'horizon::install::begin': } 25 | -> Package<| tag == 'horizon-package' |> 26 | ~> anchor { 'horizon::install::end': } 27 | -> anchor { 'horizon::config::begin': } 28 | -> Concat<| tag == 'django-config' |> 29 | ~> anchor { 'horizon::config::end': } 30 | ~> anchor { 'horizon::compress::begin': } 31 | ~> Exec<| tag == 'horizon-compress' |> 32 | ~> anchor { 'horizon::compress::end': } 33 | ~> anchor { 'horizon::service::begin': } 34 | ~> Service<| title == 'httpd' |> 35 | ~> anchor { 'horizon::service::end': } 36 | 37 | # policy config should occur in the config block 38 | Anchor['horizon::config::begin'] 39 | -> Openstacklib::Policy<| tag == 'horizon' |> 40 | -> Anchor['horizon::config::end'] 41 | 42 | # Regenerate django cache after package update 43 | Anchor['horizon::install::end'] ~> Anchor['horizon::compress::begin'] 44 | 45 | # Installation or config changes will always restart services. 46 | Anchor['horizon::install::end'] ~> Anchor['horizon::service::begin'] 47 | Anchor['horizon::config::end'] ~> Anchor['horizon::service::begin'] 48 | } 49 | -------------------------------------------------------------------------------- /manifests/init.pp: -------------------------------------------------------------------------------- 1 | # == Class: horizon 2 | # 3 | # Installs Horizon dashboard with Apache 4 | # 5 | # === Parameters 6 | # 7 | # [*secret_key*] 8 | # (required) Secret key. This is used by Django to provide cryptographic 9 | # signing, and should be set to a unique, unpredictable value. 10 | # 11 | # [*package_ensure*] 12 | # (optional) Package ensure state. Defaults to 'present'. 13 | # 14 | # [*purge_conf_d_dir*] 15 | # (optional) Purge files in the local_settings.d directory 16 | # Defaults to false 17 | # 18 | # [*servername*] 19 | # (optional) FQDN used for the Server Name directives 20 | # Defaults to facts['networking']['fqdn']. 21 | # 22 | # [*allowed_hosts*] 23 | # (optional) List of hosts which will be set as value of ALLOWED_HOSTS 24 | # parameter in settings_local.py. This is used by Django for 25 | # security reasons. Can be set to * in environments where security is 26 | # deemed unimportant. 27 | # Defaults to facts['networking']['fqdn']. 28 | # 29 | # [*server_aliases*] 30 | # (optional) List of names which should be defined as ServerAlias directives 31 | # in vhost.conf. 32 | # Defaults to facts['networking']['fqdn']. 33 | # 34 | # [*memoized_max_size_default*] 35 | # (optional) Global default to help control memory usage when caching. 36 | # Defaults to undef 37 | # 38 | # [*cache_backend*] 39 | # (optional) Horizon cache backend. 40 | # Defaults: 'django.core.cache.backends.locmem.LocMemCache' 41 | # 42 | # [*cache_options*] 43 | # (optional) A hash of parameters to enable specific cache options. 44 | # Defaults to undef 45 | # 46 | # [*cache_timeout*] 47 | # (optional) The default timeout, in seconds, to use for the cache. 48 | # Defaults to undef 49 | # 50 | # [*cache_server_url*] 51 | # (optional) URL of a cache server. 52 | # This allows arbitrary strings to be set as CACHE BACKEND LOCATION. 53 | # Defaults to undef. 54 | # 55 | # [*cache_server_ip*] 56 | # (optional) Memcached IP address. Can be a string, or an array. 57 | # Defaults to undef. 58 | # 59 | # [*cache_server_port*] 60 | # (optional) Memcached port. Defaults to '11211'. 61 | # 62 | # [*cache_tls_enabled*] 63 | # (optional) Global toggle for TLS usage when communicating with 64 | # the caching servers. Defaults to false. 65 | # 66 | # [*cache_tls_cafile*] 67 | # (optional) Path to a file of concatenated CA certificates in PEM 68 | # format necessary to establish the caching server's authenticity. 69 | # If tls_enabled is False, this option is ignored. 70 | # Defaults to undef. 71 | # 72 | # [*cache_tls_certfile*] 73 | # (optional) Path to a single file in PEM format containing the 74 | # client's certificate as well as any number of CA certificates 75 | # needed to establish the certificate's authenticity. This file 76 | # is only required when client side authentication is necessary. 77 | # If tls_enabled is False, this option is ignored. Defaults to undef. 78 | # 79 | # [*cache_tls_keyfile*] 80 | # (optional) Path to a single file containing the client's private 81 | # key in. Otherwise the private key will be taken from the file 82 | # specified in tls_certfile. If tls_enabled is False, this option 83 | # is ignored. Defaults to undef. 84 | # 85 | # [*cache_tls_allowed_ciphers*] 86 | # (optional) Set the available ciphers for sockets created with 87 | # the TLS context. It should be a string in the OpenSSL cipher 88 | # list format. If not specified, all OpenSSL enabled ciphers will 89 | # be available. Defaults to undef. 90 | # 91 | # [*manage_memcache_package*] 92 | # (optional) Boolean if we should manage the memcache package. 93 | # Defaults to true 94 | # 95 | # [*horizon_app_links*] 96 | # (optional) Array of arrays that can be used to add call-out links 97 | # to the dashboard for other apps. There is no specific requirement 98 | # for these apps to be for monitoring, that's just the de-facto purpose. 99 | # Each app is defined in two parts, the display name, and 100 | # the URIDefaults to false. Defaults to undef. (no app links) 101 | # 102 | # [*keystone_url*] 103 | # (optional) Full url of keystone public endpoint. (Defaults to 'http://127.0.0.1:5000') 104 | # 105 | # [*keystone_default_role*] 106 | # (optional) Default Keystone role for new users. Defaults to 'member'. 107 | # 108 | # [*django_debug*] 109 | # (optional) Enable or disable Django debugging. Defaults to false. 110 | # 111 | # [*site_branding*] 112 | # (optional) Set the SITE_BRANDING config option that controls the 113 | # title of the web pages in the browser. Defaults to 'undef'. 114 | # 115 | # [*openstack_endpoint_type*] 116 | # (optional) endpoint type to use for the endpoints in the Keystone 117 | # service catalog. Defaults to 'undef'. 118 | # 119 | # [*secondary_endpoint_type*] 120 | # (optional) secondary endpoint type to use for the endpoints in the 121 | # Keystone service catalog. Defaults to 'undef'. 122 | # 123 | # [*openstack_keystone_endpoint_type*] 124 | # (optional) endpoint type to use for the keystone endpoint from the 125 | # service catalog. Defaults to 'undef'. 126 | # 127 | # [*available_regions*] 128 | # (optional) List of available regions. Value should be a list of tuple: 129 | # [ ['urlOne', 'RegionOne'], ['urlTwo', 'RegionTwo'] ] 130 | # Defaults to undef. 131 | # 132 | # [*api_result_limit*] 133 | # (optional) Maximum number of objects (Swift containers/objects or images) 134 | # to display on a single page. 135 | # Defaults to undef. 136 | # 137 | # [*api_result_page_size*] 138 | # (optional) Maximum number of objects retrieved by a single request. 139 | # Defaults to undef. 140 | # 141 | # [*dropdown_max_items*] 142 | # (optional) Specify a maximum number of items to display in a dropdown. 143 | # Defaults to undef. 144 | # 145 | # [*log_handlers*] 146 | # (optional) Log handlers. Defaults to ['file'] 147 | # 148 | # [*log_level*] 149 | # (optional) Log level. WARNING: Setting this to DEBUG will let plaintext 150 | # passwords be logged in the Horizon log file. 151 | # Defaults to 'INFO' 152 | # 153 | # [*django_log_level*] 154 | # (optional) Log level of django module. This overrides log_level. 155 | # Defaults to undef 156 | # 157 | # [*django_template_log_level*] 158 | # (optional) Log level of django.template module. 159 | # Defaults to 'INFO' 160 | # 161 | # [*syslog_facility*] 162 | # (optional) Syslog facility used when syslog log handler is enabled. 163 | # Defaults to 'local1'. 164 | # 165 | # [*local_settings_template*] 166 | # (optional) Location of template to use for local_settings.py generation. 167 | # Defaults to 'horizon/local_settings.py.erb'. 168 | # 169 | # [*help_url*] 170 | # (optional) Location where the documentation should point. 171 | # Defaults to undef 172 | # 173 | # [*bug_url*] 174 | # (optional) If provided, a "Report Bug" link will be displayed in the site 175 | # header which links to the value of this setting. 176 | # Defaults to undef 177 | # 178 | # [*compress_enabled*] 179 | # (optional) Boolean to enable compression. 180 | # Defaults to True 181 | # 182 | # [*compress_offline*] 183 | # (optional) Boolean to enable offline compress of assets. 184 | # Defaults to True 185 | # 186 | # [*compress_root*] 187 | # (optional) Absolute file path that linked static will be read from and 188 | # compressed static will be written to 189 | # Defaults to undef 190 | # 191 | # [*hypervisor_options*] 192 | # (optional) A hash of parameters to enable features specific to 193 | # Hypervisors. 194 | # Defaults to {} 195 | # 196 | # [*cinder_options*] 197 | # (optional) A hash of parameters to enable features specific to 198 | # Cinder. 199 | # Defaults to {} 200 | # 201 | # [*keystone_options*] 202 | # (optional) A hash of parameters to enable features specific to 203 | # Keystone. 204 | # Defaults to {} 205 | # 206 | # [*neutron_options*] 207 | # (optional) A hash of parameters to enable features specific to 208 | # Neutron. 209 | # Defaults to {} 210 | # 211 | # [*instance_options*] 212 | # (optional) A hash of parameters to enable or disable instance options 213 | # when using the launch instance options under Compute Instances tab. 214 | # Defaults to {} 215 | # 216 | # [*use_simple_tenant_usage*] 217 | # (optional) Use SimpleTenantUsage nova API in the usage overview. 218 | # Defaults to true. 219 | # 220 | # [*configure_apache*] 221 | # (optional) Configure Apache for Horizon. (Defaults to true) 222 | # 223 | # [*bind_address*] 224 | # (optional) Bind address in Apache for Horizon. (Defaults to undef) 225 | # 226 | # [*listen_ssl*] 227 | # (optional) Enable SSL support in Apache. (Defaults to false) 228 | # 229 | # [*http_port*] 230 | # (optional) Port to use for the HTTP virtual host. (Defaults to 80) 231 | # 232 | # [*https_port*] 233 | # (optional) Port to use for the HTTPS virtual host. (Defaults to 443) 234 | # 235 | # [*ssl_no_verify*] 236 | # (optional) Disable SSL hostname verifying. Set it if you don't have 237 | # properly configured DNS which will resolve hostnames for SSL endpoints 238 | # Horizon will connect to. (Defaults to false) 239 | # 240 | # [*openstack_ssl_cacert*] 241 | # (optional) The CA certificate to use to verify SSL 242 | # openstack connection. 243 | # 244 | # [*ssl_redirect*] 245 | # (optional) Whether to redirect http to https 246 | # Defaults to True 247 | # 248 | # [*ssl_cert*] 249 | # (required with listen_ssl) Certificate to use for SSL support. 250 | # 251 | # [*ssl_key*] 252 | # (required with listen_ssl) Private key to use for SSL support. 253 | # 254 | # [*ssl_ca*] 255 | # (required with listen_ssl) CA certificate to use for SSL support. 256 | # 257 | # [*ssl_verify_client*] 258 | # Set the Certificate verification level for Client Authentication. 259 | # Defaults to undef 260 | # 261 | # [*wsgi_processes*] 262 | # (optional) Number of Horizon processes to spawn 263 | # Defaults to $facts['os_workers'] 264 | # 265 | # [*wsgi_threads*] 266 | # (optional) Number of thread to run in a Horizon process 267 | # Defaults to '1' 268 | # 269 | # [*custom_wsgi_process_options*] 270 | # (optional) gives you the opportunity to add custom process options or to 271 | # overwrite the default options for the WSGI main process. 272 | # eg. to use a virtual python environment for the WSGI process 273 | # you could set it to: 274 | # { python-path => '/my/python/virtualenv' } 275 | # Defaults to {} 276 | # 277 | # [*vhost_extra_params*] 278 | # (optional) extra parameter to pass to the apache::vhost class 279 | # Defaults to undef 280 | # 281 | # [*file_upload_temp_dir*] 282 | # (optional) Location to use for temporary storage of images uploaded 283 | # You must ensure that the path leading to the directory is created 284 | # already, only the last level directory is created by this manifest. 285 | # Specify an absolute pathname. 286 | # Defaults to /tmp 287 | # 288 | # [*policy_files_path*] 289 | # (Optional) The path to the policy files 290 | # Defaults to undef. 291 | # 292 | # [*policy_files*] 293 | # (Optional) Policy files 294 | # Defaults to undef. 295 | # 296 | # [*secure_cookies*] 297 | # (optional) Enables security settings for cookies. Useful when using 298 | # https on public sites. See: https://docs.openstack.org/security-guide/dashboard/cookies.html 299 | # Defaults to false 300 | # 301 | # [*django_session_engine*] 302 | # (optional) Selects the session engine for Django to use. 303 | # Defaults to undef - will not add entry to local settings. 304 | # 305 | # [*redirect_type*] 306 | # (optional) What type of redirect to use when redirecting an http request 307 | # for a user. This should be either 'temp' or 'permanent'. Setting this value 308 | # to 'permanent' will result in the use of a 301 redirect which may be cached 309 | # by a user's browser. Setting this value to 'temp' will result in the use 310 | # of a 302 redirect which is not cached by browsers and may solve issues if 311 | # users report errors accessing horizon. Only used if configure_apache is 312 | # set to true. 313 | # Defaults to 'permanent' 314 | # 315 | # [*api_versions*] 316 | # (optional) A hash of parameters to set specific api versions. 317 | # Example: api_versions => {'identity' => 3} 318 | # Default to {} 319 | # 320 | # [*keystone_multidomain_support*] 321 | # (optional) Enables multi-domain in horizon. When this is enabled, it will require user to enter 322 | # the Domain name in addition to username for login. 323 | # Default to false 324 | # 325 | # [*keystone_default_domain*] 326 | # (optional) Overrides the default domain used when running on single-domain model with Keystone V3. 327 | # All entities will be created in the default domain. 328 | # Default to undef 329 | # 330 | # [*keystone_domain_choices*] 331 | # (optional) A hash of hashes to populate a dropdown for the domain field on 332 | # the horizon login page. 333 | # Example: [ 334 | # {'name' => 'default', 'display' => 'The default domain'}, 335 | # {'name' => 'LDAP', 'display' => 'The LDAP Catalog'}, 336 | # ] 337 | # Defaults to undef 338 | # 339 | # [*image_backend*] 340 | # (optional) Overrides the default image backend settings. This allows the list of supported 341 | # image types etc. to be explicitly defined. 342 | # Example: image_backend => { 'image_formats' => { '' => 'Select type', 'qcow2' => 'QCOW2' } } 343 | # Default to empty hash 344 | # 345 | # [*overview_days_range*] 346 | # (optional) The default date range in the Overview panel meters - either minus N 347 | # days (if the value is integer N), or from the beginning of the current month 348 | # until today (if it's undefined). This setting should be used to limit the amount 349 | # of data fetched by default when rendering the Overview panel. 350 | # Defaults to undef. 351 | # 352 | # [*root_url*] 353 | # (optional) The base URL used to construct horizon web addresses. 354 | # Defaults to '/dashboard' or '/horizon' depending OS 355 | # 356 | # [*root_path*] 357 | # (optional) The path to the location of static assets. 358 | # Defaults to "${::horizon::params::static_path}/openstack-dashboard" 359 | # 360 | # [*access_log_format*] 361 | # (optional) The log format for the access log. 362 | # Defaults to undef 363 | # 364 | # [*session_timeout*] 365 | # (optional) The session timeout for horizon in seconds. After this many 366 | # seconds of inactivity the user is logged out. 367 | # Defaults to 3600. 368 | # 369 | # [*simultaneous_sessions*] 370 | # (optional) Controls whether a user can have multiple simultaneous 371 | # sessions. 372 | # Defaults to undef 373 | # 374 | # [*token_timeout_margin*] 375 | # (optional) A time margin in seconds to subtract from the real token's 376 | # validity. 377 | # Defaults to 0. 378 | # 379 | # [*timezone*] 380 | # (optional) The timezone of the server. 381 | # Defaults to 'UTC'. 382 | # 383 | # [*available_themes*] 384 | # (optional) An array of hashes detailing available themes. Each hash must 385 | # have the followings keys for themes to be made available; name, label, 386 | # path. Defaults to undef 387 | # 388 | # { 'name' => 'theme_name', 'label' => 'theme_label', 'path' => 'theme_path' } 389 | # 390 | # Example: 391 | # class { 'horizon': 392 | # available_themes => [ 393 | # { 'name' => 'default', 'label' => 'Default', 'path' => 'themes/default'}, 394 | # { 'name' => 'material', 'label' => 'Material', 'path' => 'themes/material'}, 395 | # ] 396 | # } 397 | # 398 | # Or in Hiera: 399 | # horizon::available_themes: 400 | # - { name: 'default', label: 'Default', path: 'themes/default' } 401 | # - { name: 'material', label: 'Material', path: 'themes/material' } 402 | # 403 | # [*default_theme*] 404 | # (optional) The default theme to use from list of available themes. Value 405 | # should be theme_name. 406 | # Defaults to undef 407 | # 408 | # [*authentication_plugins*] 409 | # (optional) List of authentication plugins to be used. 410 | # Defaults to [] 411 | # 412 | # [*password_autocomplete*] 413 | # (optional) Whether to instruct the client browser to autofill the login form password 414 | # Valid values are 'on' and 'off' 415 | # Defaults to 'off' 416 | # 417 | # [*create_image_defaults*] 418 | # (optional) A dictionary of default settings for create image modal. 419 | # Defaults to undef - will not add entry to local settings. 420 | # 421 | # [*password_retrieve*] 422 | # (optional) Enables the use of 'Retrieve Password' in the Horizon Web UI. 423 | # Defaults to false 424 | # 425 | # [*disable_password_reveal*] 426 | # (optional) Disables the use of reveal button for passwords in the UI. 427 | # Defaults to false 428 | # 429 | # [*enforce_password_check*] 430 | # (optional) Disables Admin password prompt on Change Password form. 431 | # Defaults to false 432 | # 433 | # [*enable_secure_proxy_ssl_header*] 434 | # (optional) Enables the SECURE_PROXY_SSL_HEADER option which makes django 435 | # take the X-Forwarded-Proto header into account. Note that this is only 436 | # recommended if you're running horizon behind a proxy. 437 | # Defaults to false 438 | # 439 | # [*secure_proxy_addr_header*] 440 | # (optional) Enables the SECURE_PROXY_ADDR_HEADER option. 441 | # This setting specifies the name of the header with remote IP address. 442 | # The common value for this setting 443 | # is HTTP_X_REAL_IP or HTTP_X_FORWARDED_FOR. Note that this is only 444 | # recommended if you're running horizon behind a proxy. 445 | # If not present, then REMOTE_ADDR header is used 446 | # Defaults to undef 447 | # 448 | # [*disallow_iframe_embed*] 449 | # (optional)DISALLOW_IFRAME_EMBED can be used to prevent Horizon from being embedded 450 | # within an iframe. Legacy browsers are still vulnerable to a Cross-Frame 451 | # Scripting (XFS) vulnerability, so this option allows extra security hardening 452 | # where iframes are not used in deployment. Default setting is True. 453 | # 454 | # [*websso_enabled*] 455 | # (optional)Enable the WEBSSO_ENABLED option which turn on the keystone web 456 | # single-sign-on if set to true. 457 | # Default to false 458 | # 459 | # [*websso_initial_choice*] 460 | # (optional)Set the WEBSSO_INITIAL_CHOICE option used to determine which 461 | # authentication choice to show as default. 462 | # Defaults to undef 463 | # 464 | # [*websso_choices*] 465 | # (optional)Set the WEBSSO_CHOICES option, A list of authentication 466 | # mechanisms which include keystone federation protocols and identity 467 | # provide protocol mapping keys (WEBSSO_IDP_MAPPING). 468 | # Default to undef 469 | # 470 | # Example: 471 | # websso_choices => [ 472 | # ['oidc', 'OpenID Connect'], 473 | # ['saml2', 'Security Assertion Markup Language'] 474 | # ] 475 | # 476 | # [*websso_choices_hide_keystone*] 477 | # (optional)The WEBSSO_CHOICES option will by default include an entry for 478 | # "Keystone Credentials". Setting this option to true will hide it. 479 | # Note that websso_initial_choice will need to be set to a valid option. 480 | # Default to false 481 | # 482 | # [*websso_idp_mapping*] 483 | # (optional)Set the WEBSSO_IDP_MAPPING option. 484 | # A dictionary of specific identity provider and protocol combinations. 485 | # From the selected authentication mechanism, the value will be looked up as 486 | # keys in the dictionary. If a match is found, it will redirect the user to 487 | # a identity provider and federation protocol specific WebSSO endpoint in 488 | # keystone, otherwise it will use the value as the protocol_id when 489 | # redirecting to the WebSSO by protocol endpoint. 490 | # Default to undef 491 | # 492 | # Example: 493 | # websso_idp_mapping => { 494 | # 'acme_oidc' => ['acme', 'oidc'], 495 | # 'acme_saml2' => ['acme', 'saml2'], 496 | # } 497 | # 498 | # [*websso_default_redirect*] 499 | # (optional) Enables redirection on login to the identity provider defined on 500 | # WEBSSO_DEFAULT_REDIRECT_PROTOCOL and WEBSSO_DEFAULT_REDIRECT_REGIO. 501 | # Defaults to undef 502 | # 503 | # [*websso_default_redirect_protocol*] 504 | # (optional) Specifies the protocol to use fo default redirection on login. 505 | # Defaults to undef 506 | # 507 | # [*websso_default_redirect_region*] 508 | # (optional) Specifies the region to which the connection will be established 509 | # on login. 510 | # Defaults to undef 511 | # 512 | # [*websso_default_redirect_logout*] 513 | # (optional) Enables redirection on logout to the method specified on 514 | # the identity provider. 515 | # Defaults to undef 516 | # 517 | # [*totp_enabled*] 518 | # (optional) Activate TOTP support. 519 | # Defaults to false 520 | # 521 | # [*password_validator*] 522 | # (optional) Horizon provides a password validation check, which OpenStack cloud 523 | # operators can use to enforce password complexity checks for users within horizon. 524 | # A dictionary containing a regular expression can be used for password validation 525 | # with help text that is displayed if the password does not pass validation. 526 | # 527 | # [*password_validator_help*] 528 | # (optional) Help text to display when password validation fails in horizon. 529 | # 530 | # [*customization_module*] 531 | # (optional) Horizon has a global override mechanism available to perform 532 | # customizations. This adds a key - customization_module - to HORIZON_CONFIG 533 | # dictionary in local_settings.py. The value should be a string with the 534 | # path to your module containing modifications in dotted python path 535 | # notation. 536 | # Defaults to undef 537 | # 538 | # Example: 539 | # customization_module => "my_project.overrides" 540 | # 541 | # [*horizon_upload_mode*] 542 | # (optional) Horizon provides the upload mode. The default mode is legacy, off 543 | # will disable the function in Horizon, direct will allow the user agent to directly 544 | # talk to the glance-api. 545 | # 546 | # [*default_boot_source*] 547 | # (optional) A default instance boot source. Allowed values are: "image", 548 | # "snapshot", "volume" and "volume_snapshot". 549 | # Defaults to undef 550 | # 551 | # [*system_scope_services*] 552 | # (optional) Enable the use of the system scope token on per-service basis. 553 | # Defaults to undef 554 | # 555 | # [*show_diff*] 556 | # (optional) show diff changes in localsetting config file 557 | # Defaults to false 558 | # 559 | # === Examples 560 | # 561 | # class { 'horizon': 562 | # secret_key => 's3cr3t', 563 | # keystone_url => 'https://10.0.0.10:5000', 564 | # available_regions => [ 565 | # ['http://region-1.example.com:5000', 'Region-1'], 566 | # ['http://region-2.example.com:5000', 'Region-2'] 567 | # ] 568 | # } 569 | # 570 | class horizon( 571 | $secret_key, 572 | $package_ensure = 'present', 573 | Boolean $purge_conf_d_dir = false, 574 | Optional[Integer[0]] $memoized_max_size_default = undef, 575 | $cache_backend = 'django.core.cache.backends.locmem.LocMemCache', 576 | Hash $cache_options = {}, 577 | $cache_timeout = undef, 578 | $cache_server_url = undef, 579 | $cache_server_ip = undef, 580 | $cache_server_port = '11211', 581 | Boolean $cache_tls_enabled = false, 582 | Optional[Stdlib::Absolutepath] $cache_tls_cafile = undef, 583 | Optional[Stdlib::Absolutepath] $cache_tls_certfile = undef, 584 | Optional[Stdlib::Absolutepath] $cache_tls_keyfile = undef, 585 | $cache_tls_allowed_ciphers = undef, 586 | Boolean $manage_memcache_package = true, 587 | Array[Stdlib::HTTPUrl] $horizon_app_links = [], 588 | Stdlib::HTTPUrl $keystone_url = 'http://127.0.0.1:5000', 589 | $keystone_default_role = 'member', 590 | $django_debug = false, 591 | $site_branding = undef, 592 | $openstack_endpoint_type = undef, 593 | $secondary_endpoint_type = undef, 594 | $openstack_keystone_endpoint_type = undef, 595 | $available_regions = undef, 596 | $api_result_limit = undef, 597 | $api_result_page_size = undef, 598 | $dropdown_max_items = undef, 599 | Array[String[1]] $log_handlers = ['file'], 600 | $log_level = 'INFO', 601 | $django_log_level = undef, 602 | $django_template_log_level = 'INFO', 603 | $syslog_facility = 'local1', 604 | Optional[Stdlib::HTTPUrl] $help_url = undef, 605 | Optional[Stdlib::HTTPUrl] $bug_url = undef, 606 | $local_settings_template = 'horizon/local_settings.py.erb', 607 | Boolean $configure_apache = true, 608 | $bind_address = undef, 609 | $servername = $facts['networking']['fqdn'], 610 | $server_aliases = $facts['networking']['fqdn'], 611 | $allowed_hosts = $facts['networking']['fqdn'], 612 | Boolean $listen_ssl = false, 613 | $http_port = 80, 614 | $https_port = 443, 615 | Boolean $ssl_no_verify = false, 616 | $openstack_ssl_cacert = '', 617 | Boolean $ssl_redirect = true, 618 | $ssl_cert = undef, 619 | $ssl_key = undef, 620 | $ssl_ca = undef, 621 | $ssl_verify_client = undef, 622 | $wsgi_processes = $facts['os_workers'], 623 | $wsgi_threads = '1', 624 | $custom_wsgi_process_options = {}, 625 | Boolean $compress_enabled = true, 626 | Boolean $compress_offline = true, 627 | Optional[Stdlib::Absolutepath] $compress_root = undef, 628 | # TODO(tkajinam) Consider adding more strict validation about key-value 629 | Hash $hypervisor_options = {}, 630 | Hash $cinder_options = {}, 631 | Hash $keystone_options = {}, 632 | Hash $neutron_options = {}, 633 | Hash $instance_options = {}, 634 | Boolean $use_simple_tenant_usage = true, 635 | Stdlib::Absolutepath $file_upload_temp_dir = '/tmp', 636 | Optional[Stdlib::Absolutepath] $policy_files_path = undef, 637 | Optional[Hash[String, String]] $policy_files = undef, 638 | Enum['temp', 'permanent'] $redirect_type = 'permanent', 639 | Hash $api_versions = {}, 640 | Boolean $keystone_multidomain_support = false, 641 | $keystone_default_domain = undef, 642 | $keystone_domain_choices = undef, 643 | Hash[String, Hash[String, String]] $image_backend = {}, 644 | $overview_days_range = undef, 645 | $root_url = $::horizon::params::root_url, 646 | Stdlib::Absolutepath $root_path = "${::horizon::params::static_path}/openstack-dashboard", 647 | $access_log_format = undef, 648 | $session_timeout = 3600, 649 | $token_timeout_margin = 0, 650 | $simultaneous_sessions = undef, 651 | $timezone = 'UTC', 652 | Boolean $secure_cookies = false, 653 | $django_session_engine = undef, 654 | $vhost_extra_params = undef, 655 | Horizon::AvailableThemes $available_themes = undef, 656 | Optional[String[1]] $default_theme = undef, 657 | Array[String[1]] $authentication_plugins = [], 658 | Enum['on', 'off'] $password_autocomplete = 'off', 659 | $create_image_defaults = undef, 660 | Boolean $password_retrieve = false, 661 | Boolean $disable_password_reveal = false, 662 | Boolean $enforce_password_check = false, 663 | Boolean $enable_secure_proxy_ssl_header = false, 664 | $secure_proxy_addr_header = undef, 665 | Boolean $disallow_iframe_embed = true, 666 | Boolean $websso_enabled = false, 667 | $websso_initial_choice = undef, 668 | $websso_choices = undef, 669 | Boolean $websso_choices_hide_keystone = false, 670 | $websso_idp_mapping = undef, 671 | Boolean $websso_default_redirect = false, 672 | $websso_default_redirect_protocol = undef, 673 | $websso_default_redirect_region = undef, 674 | $websso_default_redirect_logout = undef, 675 | Boolean $totp_enabled = false, 676 | $password_validator = undef, 677 | $password_validator_help = undef, 678 | $customization_module = undef, 679 | $horizon_upload_mode = undef, 680 | $default_boot_source = undef, 681 | $system_scope_services = undef, 682 | Boolean $show_diff = false, 683 | ) inherits horizon::params { 684 | 685 | include horizon::deps 686 | 687 | if $cache_server_url and $cache_server_ip { 688 | fail('Only one of cache_server_url or cache_server_ip can be set.') 689 | } 690 | 691 | if $cache_server_ip { 692 | $cache_server_ip_real = normalize_ip_for_uri($cache_server_ip) 693 | } 694 | 695 | if $websso_choices_hide_keystone and !$websso_initial_choice { 696 | fail('websso_initial_choice is required when websso_choices_hide_keystone is true') 697 | } 698 | 699 | if $available_themes { 700 | validate_available_themes($available_themes) 701 | } 702 | 703 | Service <| title == 'memcached' |> -> Class['horizon'] 704 | 705 | if $policy_files_path != undef { 706 | $policy_files_path_real = $policy_files_path 707 | } else { 708 | $policy_files_path_real = $::horizon::params::policy_dir 709 | } 710 | 711 | if $manage_memcache_package { 712 | if $cache_backend =~ /\.MemcachedCache$/ { 713 | fail('MemcachedCache backend is no longer supported') 714 | } elsif $cache_backend =~ /\.PyMemcacheCache$/ { 715 | ensure_packages('python-pymemcache', { 716 | name => $::horizon::params::pymemcache_package, 717 | tag => ['openstack'], 718 | }) 719 | Anchor['horizon::install::begin'] 720 | -> Package<| name == $::horizon::params::pymemcache_package |> 721 | -> Anchor['horizon::install::end'] 722 | } elsif $cache_backend =~ /\.RedisCache$/ { 723 | ensure_packages('python-redis', { 724 | name => $::horizon::params::python_redis_package, 725 | tag => ['openstack'], 726 | }) 727 | Anchor['horizon::install::begin'] 728 | -> Package<| name == $::horizon::params::python_redis_package |> 729 | -> Anchor['horizon::install::end'] 730 | } 731 | } 732 | 733 | $django_log_level_real = pick($django_log_level, $log_level) 734 | 735 | package { 'horizon': 736 | ensure => $package_ensure, 737 | name => $::horizon::params::package_name, 738 | tag => ['openstack', 'horizon-package'], 739 | } 740 | 741 | $secret_key_path = "${::horizon::params::config_dir}/.secret_key_store" 742 | file { $secret_key_path: 743 | mode => '0600', 744 | content => $secret_key, 745 | owner => $::horizon::params::wsgi_user, 746 | group => $::horizon::params::wsgi_group, 747 | show_diff => false, 748 | require => Anchor['horizon::config::begin'], 749 | notify => Anchor['horizon::config::end'], 750 | } 751 | 752 | concat { $::horizon::params::config_file: 753 | mode => '0640', 754 | owner => $::horizon::params::wsgi_user, 755 | group => $::horizon::params::wsgi_group, 756 | show_diff => $show_diff, 757 | tag => ['django-config'], 758 | } 759 | 760 | concat::fragment { 'local_settings.py': 761 | target => $::horizon::params::config_file, 762 | content => template($local_settings_template), 763 | order => '50', 764 | } 765 | 766 | file { $::horizon::params::conf_d_dir: 767 | ensure => 'directory', 768 | mode => '0755', 769 | purge => $purge_conf_d_dir, 770 | recurse => $purge_conf_d_dir, 771 | owner => $::horizon::params::wsgi_user, 772 | group => $::horizon::params::wsgi_group, 773 | require => Anchor['horizon::config::begin'], 774 | } 775 | 776 | if $compress_offline { 777 | if $facts['os']['family'] == 'Debian' { 778 | exec { 'refresh_horizon_django_compress': 779 | command => "${::horizon::params::manage_py} compress --force", 780 | refreshonly => true, 781 | tag => ['horizon-compress'], 782 | } 783 | } 784 | } 785 | 786 | if $configure_apache { 787 | class { 'horizon::wsgi::apache': 788 | bind_address => $bind_address, 789 | servername => $servername, 790 | server_aliases => $server_aliases, 791 | listen_ssl => $listen_ssl, 792 | http_port => $http_port, 793 | https_port => $https_port, 794 | ssl_redirect => $ssl_redirect, 795 | ssl_cert => $ssl_cert, 796 | ssl_key => $ssl_key, 797 | ssl_ca => $ssl_ca, 798 | ssl_verify_client => $ssl_verify_client, 799 | wsgi_processes => $wsgi_processes, 800 | wsgi_threads => $wsgi_threads, 801 | custom_wsgi_process_options => $custom_wsgi_process_options, 802 | extra_params => $vhost_extra_params, 803 | redirect_type => $redirect_type, 804 | root_url => $root_url, 805 | root_path => $root_path, 806 | access_log_format => $access_log_format, 807 | } 808 | } 809 | 810 | if ! ($file_upload_temp_dir in ['/tmp','/var/tmp']) { 811 | file { $file_upload_temp_dir : 812 | ensure => directory, 813 | owner => $::horizon::params::wsgi_user, 814 | group => $::horizon::params::wsgi_group, 815 | mode => '0755', 816 | } 817 | } 818 | 819 | } 820 | -------------------------------------------------------------------------------- /manifests/params.pp: -------------------------------------------------------------------------------- 1 | # these parameters need to be accessed from several locations and 2 | # should be considered to be constant 3 | class horizon::params { 4 | include openstacklib::defaults 5 | 6 | $logdir = '/var/log/horizon' 7 | $manage_py = '/usr/share/openstack-dashboard/manage.py' 8 | $wsgi_application_group = '%{GLOBAL}' 9 | 10 | case $facts['os']['family'] { 11 | 'RedHat': { 12 | $package_name = 'openstack-dashboard' 13 | $config_dir = '/etc/openstack-dashboard' 14 | $conf_d_dir = '/etc/openstack-dashboard/local_settings.d' 15 | $config_file = '/etc/openstack-dashboard/local_settings' 16 | $policy_dir = '/etc/openstack-dashboard' 17 | $httpd_config_file = '/etc/httpd/conf.d/openstack-dashboard.conf' 18 | $httpd_listen_config_file = '/etc/httpd/conf/httpd.conf' 19 | $root_url = '/dashboard' 20 | $static_path = '/usr/share' 21 | $django_wsgi = '/usr/share/openstack-dashboard/openstack_dashboard/wsgi.py' 22 | $wsgi_user = 'apache' 23 | $wsgi_group = 'apache' 24 | $pymemcache_package = 'python3-pymemcache' 25 | $python_redis_package = 'python3-redis' 26 | $designate_dashboard_package_name = 'openstack-designate-ui' 27 | $heat_dashboard_package_name = 'openstack-heat-ui' 28 | $ironic_dashboard_package_name = 'openstack-ironic-ui' 29 | $manila_dashboard_package_name = 'openstack-manila-ui' 30 | $octavia_dashboard_package_name = 'openstack-octavia-ui' 31 | } 32 | 'Debian': { 33 | $config_dir = '/etc/openstack-dashboard' 34 | $conf_d_dir = '/etc/openstack-dashboard/local_settings.d' 35 | $config_file = '/etc/openstack-dashboard/local_settings.py' 36 | $policy_dir = undef 37 | $httpd_listen_config_file = '/etc/apache2/ports.conf' 38 | $root_url = '/horizon' 39 | $static_path = '/var/lib' 40 | $wsgi_user = 'horizon' 41 | $wsgi_group = 'horizon' 42 | $pymemcache_package = 'python3-pymemcache' 43 | $python_redis_package = 'python3-redis' 44 | $designate_dashboard_package_name = 'python3-designate-dashboard' 45 | $heat_dashboard_package_name = 'python3-heat-dashboard' 46 | $ironic_dashboard_package_name = 'python3-ironic-ui' 47 | $manila_dashboard_package_name = 'python3-manila-ui' 48 | $octavia_dashboard_package_name = 'python3-octavia-dashboard' 49 | case $facts['os']['name'] { 50 | 'Debian': { 51 | $package_name = 'openstack-dashboard-apache' 52 | $httpd_config_file = '/etc/apache2/sites-available/openstack-dashboard-alias-only.conf' 53 | $django_wsgi = '/usr/share/openstack-dashboard/wsgi.py' 54 | } 55 | default: { 56 | $package_name = 'openstack-dashboard' 57 | $httpd_config_file = '/etc/apache2/conf-available/openstack-dashboard.conf' 58 | $django_wsgi = '/usr/share/openstack-dashboard/openstack_dashboard/wsgi.py' 59 | } 60 | } 61 | } 62 | default: { 63 | fail("Unsupported osfamily: ${facts['os']['family']}") 64 | } 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /manifests/policy.pp: -------------------------------------------------------------------------------- 1 | # == Class horizon::policy 2 | # 3 | # Manage policy files for Horizon 4 | # 5 | # == Parameters 6 | # 7 | # [*file_mode*] 8 | # (Optional) Permission mode for the policy file. 9 | # Defaults to '0640' 10 | # 11 | # [*file_format*] 12 | # (Optional) Format for file contents. 13 | # Defaults to 'yaml'. 14 | # 15 | # [*purge_config*] 16 | # (Optional) Whether to set only the specified policy rules in the policy 17 | # file. 18 | # Defaults to false. 19 | # 20 | # [*cinder_policies*] 21 | # (Optional) Set of cinder policies to configure. 22 | # Defaults to {} 23 | # 24 | # [*glance_policies*] 25 | # (Optional) Set of glance policies to configure. 26 | # Defaults to {} 27 | # 28 | # [*keystone_policies*] 29 | # (Optional) Set of keystone policies to configure. 30 | # Defaults to {} 31 | # 32 | # [*neutron_policies*] 33 | # (Optional) Set of neutron policies to configure. 34 | # Defaults to {} 35 | # 36 | # [*nova_policies*] 37 | # (Optional) Set of nova policies to configure. 38 | # Defaults to {} 39 | # 40 | class horizon::policy( 41 | # common parameters 42 | Stdlib::FileMode $file_mode = '0640', 43 | Enum['yaml'] $file_format = 'yaml', 44 | Boolean $purge_config = false, 45 | # service specific parameters 46 | Openstacklib::Policies $cinder_policies = {}, 47 | Openstacklib::Policies $glance_policies = {}, 48 | Openstacklib::Policies $keystone_policies = {}, 49 | Openstacklib::Policies $neutron_policies = {}, 50 | Openstacklib::Policies $nova_policies = {}, 51 | ) { 52 | include horizon::deps 53 | 54 | if !defined(Class[horizon]){ 55 | fail('The horizon class should be included in advance') 56 | } 57 | 58 | $policy_files = pick($::horizon::policy_files, {}) 59 | $policy_files_default = { 60 | 'identity' => 'keystone_policy.yaml', 61 | 'compute' => 'nova_policy.yaml', 62 | 'volume' => 'cinder_policy.yaml', 63 | 'image' => 'glance_policy.yaml', 64 | 'network' => 'neutron_policy.yaml', 65 | } 66 | $policy_files_real = merge($policy_files_default, $policy_files) 67 | 68 | $policy_resources = { 69 | $policy_files_real['volume'] => { 'policies' => $cinder_policies }, 70 | $policy_files_real['image'] => { 'policies' => $glance_policies }, 71 | $policy_files_real['identity'] => { 'policies' => $keystone_policies }, 72 | $policy_files_real['network'] => { 'policies' => $neutron_policies }, 73 | $policy_files_real['compute'] => { 'policies' => $nova_policies }, 74 | } 75 | 76 | $policy_defaults = { 77 | 'file_mode' => $file_mode, 78 | 'file_format' => $file_format, 79 | 'purge_config' => $purge_config 80 | } 81 | 82 | create_resources('horizon::policy::base', $policy_resources, $policy_defaults) 83 | } 84 | -------------------------------------------------------------------------------- /manifests/policy/base.pp: -------------------------------------------------------------------------------- 1 | # == Define horizon::policy::base 2 | # 3 | # Manage a policy file for Horizon 4 | # 5 | # == Parameters 6 | # 7 | # [*policy_file*] 8 | # (Optional) Name to the policy file. 9 | # Defaults to $name 10 | # 11 | # [*policies*] 12 | # (Optional) Set of policies to configure 13 | # 14 | # [*file_mode*] 15 | # (Optional) Permission mode for the policy file 16 | # Defaults to '0640' 17 | # 18 | # [*file_format*] 19 | # (Optional) Format for file contents. Valid value is 'yaml' 20 | # Defaults to 'yaml'. 21 | # 22 | # [*purge_config*] 23 | # (Optional) Whether to set only the specified policy rules in the policy 24 | # file. 25 | # Defaults to false. 26 | # 27 | define horizon::policy::base( 28 | String[1] $policy_file = $name, 29 | Openstacklib::Policies $policies = {}, 30 | Stdlib::Filemode $file_mode = '0640', 31 | Enum['yaml'] $file_format = 'yaml', 32 | Boolean $purge_config = false, 33 | ) { 34 | include horizon::deps 35 | include horizon::params 36 | 37 | if !defined(Class[horizon]){ 38 | fail('The horizon class should be included in advance') 39 | } 40 | 41 | $policy_files_path = $::horizon::policy_files_path_real 42 | if ! $policy_files_path { 43 | # In Ubuntu/Debian, the default policies files are located in source 44 | # directories, and the path should be updated to more appropriate path 45 | # like /etc. 46 | fail('Please set the horizon::policy_files_path parameter to customize policies') 47 | } 48 | 49 | openstacklib::policy { "${policy_files_path}/${policy_file}" : 50 | policies => $policies, 51 | file_user => $::horizon::params::wsgi_user, 52 | file_group => $::horizon::params::wsgi_group, 53 | file_mode => $file_mode, 54 | file_format => $file_format, 55 | purge_config => $purge_config, 56 | tag => 'horizon', 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /manifests/wsgi/apache.pp: -------------------------------------------------------------------------------- 1 | # == Class: horizon::wsgi::apache 2 | # 3 | # Configures Apache WSGI for Horizon. 4 | # 5 | # === Parameters 6 | # 7 | # [*bind_address*] 8 | # (optional) Bind address in Apache for Horizon. (Defaults to '0.0.0.0') 9 | # 10 | # [*servername*] 11 | # (Optional) Server Name 12 | # Defaults to facts['networking']['fqdn']. 13 | # 14 | # [*ssl_redirect*] 15 | # (Optional) Enable SSL Redirect 16 | # Defaults to 'true'. 17 | # 18 | # [*server_aliases*] 19 | # (optional) List of names which should be defined as ServerAlias directives 20 | # in vhost.conf. 21 | # Defaults to facts['networking']['fqdn']. 22 | # 23 | # [*listen_ssl*] 24 | # (optional) Enable SSL support in Apache. (Defaults to false) 25 | # 26 | # [*http_port*] 27 | # (optional) Port to use for the HTTP virtual host. (Defaults to 80) 28 | # 29 | # [*https_port*] 30 | # (optional) Port to use for the HTTPS virtual host. (Defaults to 443) 31 | # 32 | # [*ssl_cert*] 33 | # (required with listen_ssl) Certificate to use for SSL support. 34 | # 35 | # [*ssl_key*] 36 | # (required with listen_ssl) Private key to use for SSL support. 37 | # 38 | # [*ssl_ca*] 39 | # (required with listen_ssl) CA certificate to use for SSL support. 40 | # 41 | # [*ssl_verify_client*] 42 | # (required with ssl_ca) Set the Certificate verification level 43 | # for Client Authentication. 44 | # Defaults to undef 45 | # 46 | # [*wsgi_processes*] 47 | # (optional) Number of Horizon processes to spawn 48 | # Defaults to $facts['os_workers'] 49 | # 50 | # [*wsgi_threads*] 51 | # (optional) Number of thread to run in a Horizon process 52 | # Defaults to '1' 53 | # 54 | # [*custom_wsgi_process_options*] 55 | # (optional) gives you the opportunity to add custom process options or to 56 | # overwrite the default options for the WSGI main process. 57 | # eg. to use a virtual python environment for the WSGI process 58 | # you could set it to: 59 | # { python-path => '/my/python/virtualenv' } 60 | # Defaults to {} 61 | # 62 | # [*priority*] 63 | # (optional) The apache vhost priority. 64 | # Defaults to 15. To set Horizon as the primary vhost, change to 10. 65 | # 66 | # [*vhost_conf_name*] 67 | # (Optional) Description 68 | # Defaults to 'horizon_vhost'. 69 | # 70 | # [*vhost_ssl_conf_name*] 71 | # (Optional) Description 72 | # Defaults to 'horizon_ssl_vhost'. 73 | # 74 | # [*extra_params*] 75 | # (optional) A hash of extra parameters for apache::wsgi class. 76 | # Defaults to {} 77 | # 78 | # [*ssl_extra_params*] 79 | # (optional) A hash of extra parameters for apache::wsgi class. This is used 80 | # for SSL vhost and overrides $extra_params. 81 | # Defaults to undef 82 | # 83 | # [*redirect_type*] 84 | # (optional) What type of redirect to use when redirecting an http request 85 | # for a user. This should be either 'temp' or 'permanent'. Setting this value 86 | # to 'permanent' will result in the use of a 301 redirect which may be cached 87 | # by a user's browser. Setting this value to 'temp' will result in the use 88 | # of a 302 redirect which is not cached by browsers and may solve issues if 89 | # users report errors accessing horizon. 90 | # Defaults to 'permanent' 91 | # 92 | # [*root_url*] 93 | # (optional) The base URL used to construct horizon web addresses. 94 | # Defaults to '/dashboard' or '/horizon' depending OS 95 | # 96 | # [*root_path*] 97 | # (optional) The path to the location of static assets. 98 | # Defaults to "${::horizon::params::static_path}/openstack-dashboard" 99 | # 100 | # [*access_log_format*] 101 | # (optional) The log format to use to the access log. 102 | # Defaults to undef 103 | # 104 | # [*access_log_file*] 105 | # (optional) The log file name for the virtualhost. 106 | # Defaults to 'horizon_access.log' 107 | # 108 | # [*error_log_file*] 109 | # (optional) The error log file name for the virtualhost. 110 | # Defaults to 'horizon_error.log' 111 | # 112 | # [*ssl_access_log_file*] 113 | # (optional) The log file name for the ssl virtualhost. 114 | # Defaults to 'horizon_ssl_access.log' 115 | # 116 | # [*ssl_error_log_file*] 117 | # (optional) The error log file name for the ssl virtualhost. 118 | # Defaults to 'horizon_ssl_error.log' 119 | # 120 | class horizon::wsgi::apache ( 121 | $bind_address = undef, 122 | $servername = $facts['networking']['fqdn'], 123 | $server_aliases = $facts['networking']['fqdn'], 124 | Boolean $listen_ssl = false, 125 | $http_port = 80, 126 | $https_port = 443, 127 | Boolean $ssl_redirect = true, 128 | $ssl_cert = undef, 129 | $ssl_key = undef, 130 | $ssl_ca = undef, 131 | $ssl_verify_client = undef, 132 | $wsgi_processes = $facts['os_workers'], 133 | $wsgi_threads = '1', 134 | $custom_wsgi_process_options = {}, 135 | $priority = 15, 136 | $vhost_conf_name = 'horizon_vhost', 137 | $vhost_ssl_conf_name = 'horizon_ssl_vhost', 138 | $extra_params = {}, 139 | $ssl_extra_params = undef, 140 | Enum['temp', 'permanent'] $redirect_type = 'permanent', 141 | $root_url = $::horizon::params::root_url, 142 | $root_path = "${::horizon::params::static_path}/openstack-dashboard", 143 | $access_log_format = undef, 144 | $access_log_file = 'horizon_access.log', 145 | $error_log_file = 'horizon_error.log', 146 | $ssl_access_log_file = 'horizon_ssl_access.log', 147 | $ssl_error_log_file = 'horizon_ssl_error.log', 148 | ) inherits horizon::params { 149 | 150 | include horizon::deps 151 | include apache 152 | 153 | # We already use apache::vhost to generate our own 154 | # configuration file, let's clean the configuration 155 | # embedded within the package 156 | file { $::horizon::params::httpd_config_file: 157 | ensure => present, 158 | content => "# 159 | # This file has been cleaned by Puppet. 160 | # 161 | # OpenStack Horizon configuration has been moved to: 162 | # - ${priority}-${vhost_conf_name}.conf 163 | # - ${priority}-${vhost_ssl_conf_name}.conf 164 | #", 165 | require => Anchor['horizon::config::begin'], 166 | } 167 | 168 | # NOTE(tobasco): If root_url is set to '/' the paths in the apache 169 | # configuration will be wrong (double slashes) so we fix that here. 170 | if $root_url == '/' { 171 | $root_url_real = '' 172 | } else { 173 | $root_url_real = $root_url 174 | } 175 | 176 | if $listen_ssl { 177 | $ensure_ssl_vhost = 'present' 178 | 179 | if $ssl_cert == undef { 180 | fail('The ssl_cert parameter is required when listen_ssl is true') 181 | } 182 | 183 | if $ssl_key == undef { 184 | fail('The ssl_key parameter is required when listen_ssl is true') 185 | } 186 | 187 | if ($ssl_ca != undef and $ssl_verify_client == undef) { 188 | fail('The ssl_verify_client parameter is required when setting ssl_ca') 189 | } 190 | 191 | if $ssl_redirect { 192 | $redirect_match = '(.*)' 193 | $redirect_url = "https://${servername}" 194 | } else { 195 | $redirect_match = '^/$' 196 | $redirect_url = $root_url_real 197 | } 198 | } else { 199 | case $root_url_real { 200 | '': { 201 | $ensure_ssl_vhost = 'absent' 202 | $redirect_match = "^${::horizon::params::root_url}\$" 203 | $redirect_url = '/' 204 | } 205 | default: { 206 | $ensure_ssl_vhost = 'absent' 207 | $redirect_match = '^/$' 208 | $redirect_url = $root_url_real 209 | } 210 | } 211 | } 212 | 213 | Anchor['horizon::install::end'] -> Package['httpd'] 214 | 215 | $unix_user = $::horizon::params::wsgi_user 216 | $unix_group = $::horizon::params::wsgi_group 217 | 218 | file { $::horizon::params::logdir: 219 | ensure => directory, 220 | owner => $unix_user, 221 | group => $unix_group, 222 | before => Service['httpd'], 223 | mode => '0750', 224 | require => Anchor['horizon::config::begin'], 225 | } 226 | 227 | file { "${::horizon::params::logdir}/horizon.log": 228 | ensure => file, 229 | owner => $unix_user, 230 | group => $unix_group, 231 | before => Service['httpd'], 232 | mode => '0640', 233 | require => File[$::horizon::params::logdir], 234 | } 235 | 236 | $script_url = $root_url_real ? { 237 | '' => '/', 238 | default => $root_url_real, 239 | } 240 | 241 | $wsgi_daemon_process_options = merge( 242 | { 243 | processes => $wsgi_processes, 244 | threads => $wsgi_threads, 245 | user => $unix_user, 246 | group => $unix_group, 247 | display-name => 'horizon', 248 | }, 249 | $custom_wsgi_process_options 250 | ) 251 | 252 | $default_vhost_conf = { 253 | ip => $bind_address, 254 | servername => $servername, 255 | serveraliases => any2array($server_aliases), 256 | docroot => '/var/www/', 257 | access_log_file => $access_log_file, 258 | access_log_format => $access_log_format, 259 | error_log_file => $error_log_file, 260 | priority => $priority, 261 | aliases => [{ 262 | alias => "${root_url_real}/static", 263 | path => "${root_path}/static", 264 | }], 265 | port => $http_port, 266 | ssl_cert => $ssl_cert, 267 | ssl_key => $ssl_key, 268 | ssl_ca => $ssl_ca, 269 | ssl_verify_client => $ssl_verify_client, 270 | wsgi_script_aliases => Hash([$script_url, $::horizon::params::django_wsgi]), 271 | wsgi_import_script => $::horizon::params::django_wsgi, 272 | wsgi_process_group => $::horizon::params::wsgi_group, 273 | wsgi_application_group => $::horizon::params::wsgi_application_group, 274 | redirectmatch_status => $redirect_type, 275 | options => ['-Indexes', '+FollowSymLinks','+MultiViews'], 276 | } 277 | 278 | if $listen_ssl and $ssl_redirect { 279 | # If we run SSL and has enabled ssl redirect we should always force https 280 | # no matter what the root url is. 281 | $redirectmatch_regexp_real = $redirect_match 282 | $redirectmatch_url_real = $redirect_url 283 | } else { 284 | $redirectmatch_regexp_real = $root_url_real ? { '' => undef, '/' => undef, default => $redirect_match } 285 | $redirectmatch_url_real = $root_url_real ? { '' => undef, '/' => undef, default => $redirect_url } 286 | } 287 | 288 | ensure_resource('apache::vhost', $vhost_conf_name, merge( 289 | $default_vhost_conf, 290 | $extra_params, 291 | { 292 | wsgi_daemon_process => Hash([$::horizon::params::wsgi_group, $wsgi_daemon_process_options]) 293 | }, 294 | { 295 | redirectmatch_regexp => $redirectmatch_regexp_real, 296 | redirectmatch_dest => $redirectmatch_url_real, 297 | } 298 | )) 299 | 300 | 301 | $ssl_extra_params_real = pick_default($ssl_extra_params, $extra_params) 302 | ensure_resource('apache::vhost', $vhost_ssl_conf_name, merge( 303 | $default_vhost_conf, 304 | $ssl_extra_params_real, 305 | { 306 | wsgi_daemon_process => Hash(['horizon-ssl', $wsgi_daemon_process_options]), 307 | }, 308 | { 309 | access_log_file => $ssl_access_log_file, 310 | error_log_file => $ssl_error_log_file, 311 | priority => $priority, 312 | ssl => true, 313 | port => $https_port, 314 | ensure => $ensure_ssl_vhost, 315 | wsgi_process_group => 'horizon-ssl', 316 | redirectmatch_regexp => $root_url_real ? { '' => undef, '/' => undef, default => '^/$' }, 317 | redirectmatch_dest => $root_url_real ? { '' => undef, '/' => undef, default => $root_url_real }, 318 | } 319 | )) 320 | 321 | } 322 | -------------------------------------------------------------------------------- /metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "author": "Puppet Labs and OpenStack Contributors", 3 | "dependencies": [ 4 | { 5 | "name": "puppetlabs/apache", 6 | "version_requirement": ">=5.0.0 <13.0.0" 7 | }, 8 | { 9 | "name": "puppetlabs/concat", 10 | "version_requirement": ">=1.0.0 <10.0.0" 11 | }, 12 | { 13 | "name": "puppetlabs/stdlib", 14 | "version_requirement": ">=5.0.0 <10.0.0" 15 | }, 16 | { 17 | "name": "saz/memcached", 18 | "version_requirement": ">=2.0.2 <10.0.0" 19 | }, 20 | { 21 | "name": "openstack/openstacklib", 22 | "version_requirement": ">=26.0.0 <27.0.0" 23 | } 24 | ], 25 | "description": "Installs and configures OpenStack Horizon (Dashboard).", 26 | "issues_url": "https://bugs.launchpad.net/puppet-horizon", 27 | "license": "Apache-2.0", 28 | "name": "openstack-horizon", 29 | "operatingsystem_support": [ 30 | { 31 | "operatingsystem": "Debian", 32 | "operatingsystemrelease": [ 33 | "12" 34 | ] 35 | }, 36 | { 37 | "operatingsystem": "RedHat", 38 | "operatingsystemrelease": [ 39 | "9" 40 | ] 41 | }, 42 | { 43 | "operatingsystem": "CentOS", 44 | "operatingsystemrelease": [ 45 | "9" 46 | ] 47 | }, 48 | { 49 | "operatingsystem": "Ubuntu", 50 | "operatingsystemrelease": [ 51 | "24.04" 52 | ] 53 | } 54 | ], 55 | "project_page": "https://launchpad.net/puppet-horizon", 56 | "requirements": [ 57 | { 58 | "name": "puppet", 59 | "version_requirement": ">= 7.0.0 < 9.0.0" 60 | } 61 | ], 62 | "source": "https://opendev.org/openstack/puppet-horizon.git", 63 | "summary": "Puppet module for OpenStack Horizon", 64 | "version": "26.0.0" 65 | } 66 | -------------------------------------------------------------------------------- /releasenotes/notes/add-access-log-format-fdbdd77c94ff1abd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added horizon::access_log_format and horizon::wsgi::apache::access_log_format 5 | that can be used to set the log format for the access log. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add-b3d6015cc987a835.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | features: 4 | - Add the config option "HORIZON_IMAGES_UPLOAD_MODE". 5 | now it is possible in puppet to configure the option 6 | with "off", "legacy" and "direct". 7 | -------------------------------------------------------------------------------- /releasenotes/notes/add-customization-module-config-option-798d0bb4e00737c3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Horizon has a global override mechanism available to perform 4 | customizations. This change adds customization_module key 5 | to HORIZON_CONFIG dictionary in local_settings.py. The 6 | value of the parameter should be a string with the path 7 | to the module containing modifications in dotted python 8 | path notation. 9 | -------------------------------------------------------------------------------- /releasenotes/notes/add-dropdown_max_items-38ea8e64152d76e5.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added new horizon::dropdown_max_items parameter that configures the 5 | DROPDOWN_MAX_ITEMS config option in local_settings.py. Default value 6 | is set to 30 like the Horizon default is. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/add-http-https-port-to-init-e4924a20fb8cdc40.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | You can now override the http and https port to horizon by passing integers 5 | to the http_port and https_ports parameters. Default values are still the same. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add-images-panel-parameter-cb010871c8e1d0d1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - A new panel for glance images based on angularjs 4 | has been created in horizon. New parameter images_panel 5 | has been added to puppet-horizon to configure 6 | the enabled panel for images, legacy or angular. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/add-keystone_domain_choices-parameter-17bdbef68e57299c.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added the parameter "keystone_domain_choices" to the ::horizon class. 5 | Setting this parameter would replace the domain text-field at the horizon 6 | login-page with a drop-down menu. The parameter should be an array with 7 | hashes, and the hashes should have two items each (name, display) containing 8 | the domain name and a human-readable description of the domain respectively. 9 | -------------------------------------------------------------------------------- /releasenotes/notes/add-option-WEBSSO-hide-keystone-10149289b2ad8c9c.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added a new option ``websso_choices_hide_keystone``. This lets you hide 5 | the ability to log in with Keystone-credentials when using federation. 6 | Be aware that this also requires you to set ``websso_initial_choice`` to 7 | a valid value. 8 | -------------------------------------------------------------------------------- /releasenotes/notes/add-secure-proxy-addr-header-07c36d89f8bf2ad2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Support was added to set the SECURE_PROXY_ADDR_HEADER option. 4 | If horizon is behind a proxy server and the proxy is configured, 5 | the IP address from request is passed using header variables 6 | inside the request. 7 | This setting specifies the name of the header with remote IP address. 8 | -------------------------------------------------------------------------------- /releasenotes/notes/add-simple-ip-mgmt-e8a1227a1a811a2d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | New parameter horizon::simple_ip_manage can now be set to true to set and 5 | enable simple_ip_management in the Horizon local_settings config. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add-site-branding-be1c2b6e1e70c782.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added new parameter horizon::site_branding which can be used to set the 5 | SITE_BRANDING settings that controls the title of the web pages that 6 | horizon will render. The default value is undef which will not add this 7 | value to the configuration file and the horizon default value of 8 | 'OpenStack Dashboard' will be used. 9 | -------------------------------------------------------------------------------- /releasenotes/notes/add-ssl_verify_client-3e2bc9a7f1d4291a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added the ssl_verify_client parameter to init class and horizon::wsgi::apache 5 | that is passed down to the created apache::vhost resource. 6 | upgrade: 7 | - | 8 | The puppetlabs-apache module 2.1.0 introduced a change where ssl_verify_client 9 | is required otherwise the SSL CA certificate passed to the horizon module using 10 | the horizon_ca parameter is ignored. 11 | -------------------------------------------------------------------------------- /releasenotes/notes/add-support-for-SECURE_PROXY_SSL_HEADER-fbd83ad4f85bd52b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Support was added to enable/disable the SECURE_PROXY_SSL_HEADER which 4 | enables horizon (via Django) to process the X-Forwarded-Proto header. This 5 | done with the "enable_secure_proxy_ssl_header" in the manifest. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add-support-for-WEBSSO-options-a2d7e7f757b747d1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Support was added for WEBSSO options in local_settings.py.erb. 4 | WEBSSO options enables keystone web single-sign-on. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/added_instance_default_config_options-123cc41099d5e098.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Added parameter to horizon class to allow configuring LAUNCH_INSTANCE_DEFAULTS. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/added_new_theme_params_deprecated_custome_theme_path-e872713d93c45044.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - In mitaka release, available themes was introduced. A parameter was introduced to allow 4 | configuration of this setting. 5 | - In mitaka release, default theme was introduced where the value would be defined from 6 | available themes. A new parameter was introduced to allow configuration of this setting. 7 | deprecations: 8 | - custom_theme_path has been deprecated in mitaka release. 9 | -------------------------------------------------------------------------------- /releasenotes/notes/any2array-64602422742c9abe.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The os_any2array function that the Horizon module used internally is now 5 | removed and it instead uses the any2array function exposed by the stdlib 6 | module. The stdlib module introduced the any2array function in 2013 so we 7 | are now expecting that you are using atleast stdlib >= 4.0.0 8 | -------------------------------------------------------------------------------- /releasenotes/notes/apache-log-files-8474bbad1411ba51.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``horizon::wsgi::apache`` class now supports customizing name of vhost 5 | log files. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/apache-vhost-wsgi_daemon_process-37b8be9a679e31d0.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | This module now requires a puppetlabs-apache version >= 5.0.0 5 | -------------------------------------------------------------------------------- /releasenotes/notes/apache-wsgi-custom-init-d1064242a6c0f8e8.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The wsgi_processes and wsgi_threads options that is passed to horizon::wsgi::apache 5 | can now be set in ::horizon class. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/apache-wsgi-processes-threads-66255fc01d1d48ed.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The default value for horizon::wsgi::apache::wsgi_processes changed to $::os_workers 5 | - | 6 | The default value for horizon::wsgi::apache::wsgi_threads changed to 1 7 | -------------------------------------------------------------------------------- /releasenotes/notes/apache_ports-5d0eb0ca775ad7d1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Allow Apache http/https ports to be configurable. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/api_result_page_size-9efaaf9a23cd0454.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::api_result_page_size`` parameter has been added, to 5 | support the ``API_RESULT_PAGE_SIZE`` parameter. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/bug-1942722-3cc45ac696688336.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Fixed wrong usage of the ``DISALLOW_IFRAME_EMBED`` option. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/bug-1956904-f4393eade5197c47.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | `Bug #1956904 `_: 5 | The hard-coded ``REST_API_REQUIRED_SETTINGS`` parameter was removed, to use 6 | the default value defined in Horizon itself. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/bug-1988205-9689371154ba1d70.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Now the pymemcache library is automatically installed when pymemcache 5 | backend is used. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/bug-url-5a1ae52b4b34dbc7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::bug_url`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/ca-optional-7443c07bcef671ce.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | security: 3 | - | 4 | The horizon_ca option is now optional. This implies that you could in theory 5 | use the CA configured in the global httpd SSL configuration (ssl.conf) or 6 | simply not using this value. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/cache_timeout-40252b507b11e4e5.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::cache_timeout`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/centos-9-support-fe1fa3c9387e4d50.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Now this module supports CentOS 9 and Red Hat Enterprise Linux 9. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/change-keystone-default-role-fe630805edb631f4.yaml: -------------------------------------------------------------------------------- 1 | features: 2 | - | 3 | The default keystone role horizon::keystone_default_role is changed from 4 | _member_ to member to conform with what keystone-bootstrap creates. 5 | This sets the OPENSTACK_KEYSTONE_DEFAULT_ROLE configuration option in 6 | local_settings. 7 | upgrade: 8 | - | 9 | The default keystone role horizon::keystone_default_role is changed from 10 | _member_ to member. This sets the OPENSTACK_KEYSTONE_DEFAULT_ROLE config 11 | option in local_settings, if you still require or use the _member_ role 12 | as default you need to set this explicitly. 13 | -------------------------------------------------------------------------------- /releasenotes/notes/compress_enabled-9597ee6f04403fa3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::compress_enabled`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/compress_root-0a77ff2912d85a57.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::compress_root`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/dashboard-remove-2b250155570ab317.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added ``ensure`` parameter to ``horizon::dashboard`` resource which defaults 5 | to ``present``. You can now set this to absent if you want to remove a horizon 6 | dashboard package. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/default_boot_source-8c7b960d1213fdcf.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::default_boot_source`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-images-panel-6c22100afadedbd4.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``horizon::images_panel`` parameter has been deprecated and has no 5 | effect. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-memcache-backend-ce0b3304e4842cae.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | Support for the MemcachedCache backend has been deprecated. This backend 5 | was deprecated in django 3.2 . 6 | -------------------------------------------------------------------------------- /releasenotes/notes/designate-dashboard-db1a2ec4621c61e3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::dashboards::designate`` class has been added. This class 5 | can be used to manage parameters for designate-dashboard. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/disable-password-reveal-3ce6cbddf0bdb67e.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Added ability to configure disable_password_reveal 4 | -------------------------------------------------------------------------------- /releasenotes/notes/disallow_iframe_embed-f0ffa1cabeca5b1e.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Making DISALLOW_IFRAME_EMBED in local_settings.py a configurable value 4 | DISALLOW_IFRAME_EMBED can be used to prevent Horizon from being embedded 5 | within an iframe 6 | -------------------------------------------------------------------------------- /releasenotes/notes/django_log_level-d4c7c89e8935c67a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::django_log_level`` parameter has been added. This 5 | parameter determines log level of the django module and overrides 6 | the global ``log_level`` parameter. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/django_template_log_level-187b891542873d91.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::django_template_log_level`` parameter has been added. 5 | This parameter controls log level of the ``django.template`` module. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/drop-fedora-ec61b145255a8c37.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Fedora is no longer supported. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/empty-root-url-495e1f1f47372f47.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - Fixes wrong apache vhost config when root_url is empty 4 | -------------------------------------------------------------------------------- /releasenotes/notes/enable-password-retrieve-b0bfa91053b24186.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Making OPENSTACK_ENABLE_PASSWORD_RETRIEVE in local_settings.py a configurable value 4 | This allows users to retrieve the instance autogenerated password via Horizon 5 | -------------------------------------------------------------------------------- /releasenotes/notes/enable_user_pass-c30e80d0705b0954.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Added ability to enable/disable the password field while launching 4 | a Heat stack by setting the enable_user_pass parameter of the 5 | OPENSTACK_HEAT_STACK dictionary in local_settings.py. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/enforce_password_check-7e29e1e968874e04.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Added ability to configure enforce_password_check 4 | -------------------------------------------------------------------------------- /releasenotes/notes/fix-external-monitoring-fe259c7bec13c1a8.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Fixed rendering of the ``horizon::horizon_app_links`` parameter into 5 | the EXTERNAL_MONITORING option. 6 | 7 | upgrade: 8 | - | 9 | The ``horizon::horizon_app_links`` parameter accepts only an array of http 10 | url strings. 11 | -------------------------------------------------------------------------------- /releasenotes/notes/fix_missing_quotes_for_images_upload-bcd649d0311afe32.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Fix HORIZON_IMAGES_UPLOAD_MODE in template file because the value must be 5 | encapsulated with quotes or it will be treated as an expression by horizon. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/fix_ssl_handshake_errors-aece1e80e78820a2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | issues: 3 | - an issue with horizon having ssl handshake issues under apache with ssl endpoints. 4 | Fix adds in WSGIApplicationGroup apache directive. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/heat-dashboard-c34cea1d256164cd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::dashboards::heat`` class has been added. This class can 5 | be used to manage parameters for heat-dashboard. 6 | 7 | deprecations: 8 | - | 9 | The ``horizon::enable_user_pass`` parameter has been deprecated. Use 10 | the ``horizon::dashboards::heat`` class instead. 11 | -------------------------------------------------------------------------------- /releasenotes/notes/heat_template_generator-bc485a59c5e63b62.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``heat::dashboards::heat`` class now supports the following two 5 | parameters. 6 | 7 | - ``template_generator_api_timeout`` 8 | - ``template_generator_api_parallel`` 9 | -------------------------------------------------------------------------------- /releasenotes/notes/horizon-add-dashboard-support-0d14ebc190c01070.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added new resource horizon::dashboard which can be used to install 5 | additional dashboards that is not shipped with the horizon packages. 6 | Example would be install the heat-dashboard using horizon::dashboard { 'heat': } 7 | -------------------------------------------------------------------------------- /releasenotes/notes/horizon-custom_wsgi_process_options-e11e7d92a9d631b1.yaml: -------------------------------------------------------------------------------- 1 | features: 2 | - | 3 | Added ``horizon::custom_wsgi_process_options`` parameter that is passed 4 | down to the ``horizon::wsgi::apache`` class when ``configure_apache`` 5 | is set to true. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/horizon-django-wsgi-entry-09354eb4692d3836.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Django WSGI entrypoint changed from django.wsgi to wsgi.py file as deprecated 5 | by the Horizon project. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/horizon-fix-invalid-root-url-0c8e54a5c6de2f5e.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Fixed a bug where passing a '/' as root_url would cause faulty paths in 5 | local_settings.py and apache configuration. You can now set it to '/' and 6 | the module will fix the correct root url for you. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/horizon_django_cache_compress_ubuntu-e1807c69e52048fd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - Horizon Offline Generation Error on ubuntu systems. Previously, the 'manage.py compress' only ran on redhat. This change 4 | allows the command to be executed on ubuntu also. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/ironic-dashboard-0dc5814a56121d5b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::dashboards::ironic`` class has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/keystone-endpoint-type-e4c520d5728acad5.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added ``openstack_keystone_endpoint_type`` to configure the endpoint 5 | type to use for Keystone when grabbing it from service catalog. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/keystone_v3-d381e37592d3b29b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Use keystone v3 with horizon by default. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/local-settings-permissions-666e7cd5d55cf813.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | security: 3 | - local_settings file is no longer world readable (from 644 to 640) as it may 4 | contain sensitive information. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/manage-memcache-param-4fbc465b88b062db.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added a new parameter horizon::manage_memcache_package that can be used to 5 | determine if you want the python memcache library installed if the cache 6 | backend is set to using memcache. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/manila-dashboard-aaf28389e0bcfa9b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::dashboards::manila`` class has been added. This class 5 | can be used to manage parameters for manila-dashboard. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/memoized_max_size_default-0d8e33d09875f380.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::memoized_max_size_default`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/multiple-log_handlers-5b7157cb351f0bec.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::log_handlers`` parameter was added to specify multiple 5 | log handlers. 6 | 7 | deprecations: 8 | - | 9 | The ``horizon::log_handler`` parameter has been deprecated in favor of 10 | the ``horizon::log_handlers`` parameter and will be removed in a future 11 | release. 12 | -------------------------------------------------------------------------------- /releasenotes/notes/octavia-dashboard-0eb5300606586e80.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::dashboards::octavia`` class has been added. This class 5 | can be used to manage parameters for octavia-dashboard. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/password_validator-fdb08ff1d27aa652.yaml: -------------------------------------------------------------------------------- 1 | features: 2 | - Making password_validator a configurable value 3 | password_validator allows operators to use a 4 | regular express to insure passwords are validated 5 | for a certain criterion, which in turn allows 6 | stronger security over password complexity 7 | -------------------------------------------------------------------------------- /releasenotes/notes/policy-05bec63b1ab26902.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::policy`` class has been added. This class can be used 5 | to manage policy rules for the following services. 6 | 7 | - ``cinder`` 8 | - ``glance`` 9 | - ``keystone`` 10 | - ``neutron`` 11 | - ``nova`` 12 | 13 | - | 14 | The new ``policies`` parameter has been added to the following classes, 15 | to allow customizing policiy rules for additional services. 16 | 17 | - ``horizon::dashboards::heat`` 18 | - ``horizon::dashboards::octavia`` 19 | - ``horizon::dashboards::manila`` 20 | -------------------------------------------------------------------------------- /releasenotes/notes/puppet-8-2654c8e29011ca99.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | This module now officially supports Puppet 8. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/purge-conf_d_dir-daeefef45e54dcf7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::purge_conf_d_dir`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/quote-horizon_upload_mode-fa7b34f53f32351d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``horizon::horizon_upload_mode`` parameter is now always surrounded by 5 | double quotes(``""``) when being rendered into the local_settings file. 6 | Quotes should be removed from the parameter. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/rectify-static-alias-prefix-7c182dd08a98a8ea.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - Rectify static alias prefix since starting from Ocata 4 | on Debian platforms static files resides in /var/lib. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/release-note-ubuntu-py3-bbbb3edb079f4094.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | prelude: > 3 | In this release Ubuntu has moved all projects that supported it to python3 4 | which means that there will be a lot of changes. The Puppet OpenStack project 5 | does not test the upgrade path from python2 to python3 packages so there might 6 | be manual steps required when moving to the python3 packages. 7 | upgrade: 8 | - | 9 | Ubuntu packages are now using python3, the upgrade path is not tested by 10 | Puppet OpenStack. Manual steps may be required when upgrading. 11 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-centos-8-e19473b41af483fb.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | CentOS 8 Stream is no longer supported by this module. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-enable_user_pass-from-base-e6e72e9dd5d6b85d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``horizon::enable_user_pass`` parameter has been removed. Use 5 | the ``horizon::dashboards::heat::enable_user_pass`` parameter instead. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-hardcoded-hypervisor-options-8ed400c16d54fe97.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The default value of the hypervisor_options parameter has been changed 5 | to an empty hash and does no longer set can_set_mount_point to true by 6 | default since this does not reflect the Horizon default value. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-images_panel-e200ecb20dec7057.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``horizon::images_panel`` parameter has been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-log_handlers-62c1f89f2b7851ef.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The deprecated ``horizon::log_handler`` parameter has been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-memcached-backend-e429c4f280d4b02b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Support for MemcachedCache backend has been removed. The backend was 5 | removed in django 4.1, and can no longer be used because now horizon 6 | requires django 4.2 or later. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-old-ssl-params-0a94b4e8f88106ed.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The following parameters have been removed. Please use the new ``ssl_*`` 5 | parameters instead. 6 | 7 | - ``horizon::horizon_cert`` 8 | - ``horizon::horizon_key`` 9 | - ``horizon::horizon_ca`` 10 | - ``horizon::wsgi::apache::horizon_cert`` 11 | - ``horizon::wsgi::apache::horizon_key`` 12 | - ``horizon::wsgi::apache::horizon_ca`` 13 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-puppet-6-9c9d36db80bdb726.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Puppet 6 is no longer supported. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-sim-50f5d779a67d489d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The horizon::simple_ip_management parameter has been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove_lesscpy-b4b677de57351078.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - Remove installation of lesscpy package, not needed since Horizon has been using pyscss. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/rename-ssl-params-5c58357688b4850f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added ssl_cert, ssl_key and ssl_ca parameter to init class and the 5 | horizon::wsgi::apache class. 6 | upgrade: 7 | - | 8 | You should now set the ssl_cert, ssl_key and ssl_ca parameters instead of 9 | the horizon_cert, horizon_key and horizon_ca parameters in the init and 10 | horizon::wsgi::apache class. 11 | - | 12 | When setting ssl_ca (or the deprecated horizon_ca) end users must now set 13 | the ssl_verify_client parameter or the puppetlabs-apache module will not 14 | set SSLCACertificate in the vhost configuration. 15 | deprecations: 16 | - | 17 | The horizon_cert, horizon_key and horizon_ca parameters is deprecated. 18 | Please use ssl_cert, ssl_key and ssl_ca. 19 | -------------------------------------------------------------------------------- /releasenotes/notes/require-boolean-for-use_simple_tenant_usage-206a3e399976fd9d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``horizon::use_simple_tenant_usage`` parameter now requires a boolean 5 | value. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/rocky-remove-deprecated-params-c788c10d6468657c.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The deprecated horizon::fqdn parameter is now removed. 5 | Please use the allowed_hosts and server_aliases parameters instead. 6 | - | 7 | The deprecated horizon::wsgi::apache::fqdn parameter is now removed. 8 | Please use the server_aliases parameter instead. 9 | - | 10 | The deprecated horizon::custom_theme_path parameter is now removed. 11 | Please use the available_themes parameter instead. 12 | - | 13 | The deprecated tuskar_ui, tuskar_ui_ironic_discoverd_url, tuskar_ui_undercloud_admin_password 14 | and tuskar_ui_deployment_mode is now removed. Please remove the usage of these parameters. 15 | -------------------------------------------------------------------------------- /releasenotes/notes/root_path-4dbbddfa82bc6b56.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Allows to specify a custom root_path to static assets. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/root_url-cede3a4a7ecafdf9.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Making root_url configurable. 4 | This needs to occur to allow people the ability to serve Horizon from the 5 | root of a vhost. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/rspec-puppet-facts-7ec9c688aba3e69e.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | other: 3 | - Tests updated to leverage rspec-puppet-facts for testing 4 | multiple OS versions. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/simultaneous_sessions-c503feb527139590.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::simultaneous_sessions`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/ssl-redirect-bug-38095eeba290933a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Fixed a bug where having ssl and redirection enabled combined with a empty 5 | root_url did not redirect. If you are setting listen_ssl and ssl_redirect to 6 | true it will always redirect to https no matter what your root_url is. 7 | - | 8 | Fixed a bug where the http vhost would not redirect to the custom root_url when 9 | setting listen_ssl to true and ssl_redirect to false. 10 | -------------------------------------------------------------------------------- /releasenotes/notes/sso-redirect-opts-8e190e4c0f6338df.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Support for SSO redirect options have been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/syslog_facility-0fee14adc9a7de4f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::syslog_facility`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/system_scope_services-5e19b53fc2b8b48c.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::system_scope_services`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/token_timeout_margin-33c86659acbcad13.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::token_timeout_margin`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/totp-support-c31e3b9213c8d68d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::totp_enabled`` parameter has been added. This parameter 5 | can be used to customize the ``OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED`` option 6 | in Horizon to enable TOTP support. 7 | 8 | - | 9 | The ``authentication_plugins`` parameter has been added to allow 10 | customizing the ``AUTHENTICATION_PLUGINS`` option, which is required to 11 | enable TOTP support. 12 | -------------------------------------------------------------------------------- /releasenotes/notes/trigger_collectstatic-fb465ebec48b3bc7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Leave an ability to trigger collectstatic for debian/ubuntu. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/tuskar-9fa7bbe0df150fd1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - deprecate all tuskar parameters since the project is no longer maintained. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/ubuntu-jammy-699e196cd813179d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | This module now supports Ubuntu 22.04 (Jammy Jellyfish). 5 | 6 | upgrade: 7 | - | 8 | This module no longer supports Ubuntu 20.04 (Focal Fossa). 9 | -------------------------------------------------------------------------------- /releasenotes/notes/ubuntu-noble-7072fa6f20dc8b5e.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Ubuntu 24.04 is now formally supported. 5 | 6 | upgrade: 7 | - | 8 | Ubuntu 22.04 is no longer supported. 9 | -------------------------------------------------------------------------------- /releasenotes/notes/update-apache-constraints-a51e2ff894772b0a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Updated the cap on the puppetlabs-apache module to include the 2.x series. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/update-default-session_timeout-fb7b20f13967160f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Default value of the ``horizon::session_timeout`` parameter has been 5 | changed from `1800` to `3600`, to be aligned with the default value in 6 | horizon. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/update_local_settings_mitaka-f182327ce660fda0.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Update of local_settings template from Mitaka. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/use-reno-1caaec4ba5aa4285.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Release notes are no longer maintained by hand, we now use the reno tool to 4 | manage them. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/use_simple_tenant_usage-f53e475bf7a5252f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::use_simple_tenant_usage`` parameter has been added. 5 | This parameter controls value of the ``OPENSTACK_USE_SIMPLE_TENANT_USAGE`` 6 | parameter. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/wsgi-ssl_extra_params-f775a56966c5d475.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``horizon::wsgi::apache::ssl_extra_params`` parameter has been 5 | added. This parameter affects only ssl vhost and overrides 6 | the ``extra_params`` parameter when set. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/wsgi_process_options-7d03be050e15b0ab.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Add parameter to wsgi::apache to allow to overwrite 4 | and/or add additional wsgi process options. 5 | -------------------------------------------------------------------------------- /releasenotes/source/2023.1.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2023.1 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/2023.1 7 | -------------------------------------------------------------------------------- /releasenotes/source/2023.2.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2023.2 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2023.2 7 | -------------------------------------------------------------------------------- /releasenotes/source/2024.1.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2024.1 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2024.1 7 | -------------------------------------------------------------------------------- /releasenotes/source/2024.2.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2024.2 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2024.2 7 | -------------------------------------------------------------------------------- /releasenotes/source/2025.1.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2025.1 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2025.1 7 | -------------------------------------------------------------------------------- /releasenotes/source/_static/.placeholder: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openstack/puppet-horizon/561eaf1ae729c97220ccdf6fad1d3c28f0eaf02b/releasenotes/source/_static/.placeholder -------------------------------------------------------------------------------- /releasenotes/source/conf.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # Licensed under the Apache License, Version 2.0 (the "License"); 3 | # you may not use this file except in compliance with the License. 4 | # You may obtain a copy of the License at 5 | # 6 | # http://www.apache.org/licenses/LICENSE-2.0 7 | # 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, 10 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 11 | # implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | # 15 | 16 | # If extensions (or modules to document with autodoc) are in another directory, 17 | # add these directories to sys.path here. If the directory is relative to the 18 | # documentation root, use os.path.abspath to make it absolute, like shown here. 19 | #sys.path.insert(0, os.path.abspath('.')) 20 | 21 | # -- General configuration ------------------------------------------------ 22 | 23 | 24 | # If your documentation needs a minimal Sphinx version, state it here. 25 | #needs_sphinx = '1.0' 26 | 27 | # Add any Sphinx extension module names here, as strings. They can be 28 | # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom 29 | # ones. 30 | extensions = [ 31 | 'openstackdocstheme', 32 | 'reno.sphinxext', 33 | ] 34 | 35 | # Add any paths that contain templates here, relative to this directory. 36 | templates_path = ['_templates'] 37 | 38 | # The suffix of source filenames. 39 | source_suffix = '.rst' 40 | 41 | # The encoding of source files. 42 | #source_encoding = 'utf-8-sig' 43 | 44 | # The master toctree document. 45 | master_doc = 'index' 46 | 47 | # General information about the project. 48 | copyright = '2017, Puppet OpenStack Developers' 49 | 50 | # The version info for the project you're documenting, acts as replacement for 51 | # |version| and |release|, also used in various other places throughout the 52 | # built documents. 53 | # 54 | # The short X.Y version. 55 | version = '' 56 | # The full version, including alpha/beta/rc tags. 57 | release = '' 58 | 59 | # The language for content autogenerated by Sphinx. Refer to documentation 60 | # for a list of supported languages. 61 | #language = None 62 | 63 | # There are two options for replacing |today|: either, you set today to some 64 | # non-false value, then it is used: 65 | #today = '' 66 | # Else, today_fmt is used as the format for a strftime call. 67 | #today_fmt = '%B %d, %Y' 68 | 69 | # List of patterns, relative to source directory, that match files and 70 | # directories to ignore when looking for source files. 71 | exclude_patterns = [] 72 | 73 | # The reST default role (used for this markup: `text`) to use for all 74 | # documents. 75 | #default_role = None 76 | 77 | # If true, '()' will be appended to :func: etc. cross-reference text. 78 | #add_function_parentheses = True 79 | 80 | # If true, the current module name will be prepended to all description 81 | # unit titles (such as .. function::). 82 | #add_module_names = True 83 | 84 | # If true, sectionauthor and moduleauthor directives will be shown in the 85 | # output. They are ignored by default. 86 | #show_authors = False 87 | 88 | # The name of the Pygments (syntax highlighting) style to use. 89 | pygments_style = 'native' 90 | 91 | # A list of ignored prefixes for module index sorting. 92 | #modindex_common_prefix = [] 93 | 94 | # If true, keep warnings as "system message" paragraphs in the built documents. 95 | #keep_warnings = False 96 | 97 | 98 | # -- Options for HTML output ---------------------------------------------- 99 | 100 | # The theme to use for HTML and HTML Help pages. See the documentation for 101 | # a list of builtin themes. 102 | html_theme = 'openstackdocs' 103 | 104 | # Theme options are theme-specific and customize the look and feel of a theme 105 | # further. For a list of options available for each theme, see the 106 | # documentation. 107 | #html_theme_options = {} 108 | 109 | # Add any paths that contain custom themes here, relative to this directory. 110 | # html_theme_path = [] 111 | 112 | # The name for this set of Sphinx documents. If None, it defaults to 113 | # " v documentation". 114 | #html_title = None 115 | 116 | # A shorter title for the navigation bar. Default is the same as html_title. 117 | #html_short_title = None 118 | 119 | # The name of an image file (relative to this directory) to place at the top 120 | # of the sidebar. 121 | #html_logo = None 122 | 123 | # The name of an image file (within the static path) to use as favicon of the 124 | # docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 125 | # pixels large. 126 | #html_favicon = None 127 | 128 | # Add any paths that contain custom static files (such as style sheets) here, 129 | # relative to this directory. They are copied after the builtin static files, 130 | # so a file named "default.css" will overwrite the builtin "default.css". 131 | html_static_path = ['_static'] 132 | 133 | # Add any extra paths that contain custom files (such as robots.txt or 134 | # .htaccess) here, relative to this directory. These files are copied 135 | # directly to the root of the documentation. 136 | #html_extra_path = [] 137 | 138 | # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, 139 | # using the given strftime format. 140 | 141 | # If true, SmartyPants will be used to convert quotes and dashes to 142 | # typographically correct entities. 143 | #html_use_smartypants = True 144 | 145 | # Custom sidebar templates, maps document names to template names. 146 | #html_sidebars = {} 147 | 148 | # Additional templates that should be rendered to pages, maps page names to 149 | # template names. 150 | #html_additional_pages = {} 151 | 152 | # If false, no module index is generated. 153 | #html_domain_indices = True 154 | 155 | # If false, no index is generated. 156 | #html_use_index = True 157 | 158 | # If true, the index is split into individual pages for each letter. 159 | #html_split_index = False 160 | 161 | # If true, links to the reST sources are added to the pages. 162 | #html_show_sourcelink = True 163 | 164 | # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. 165 | #html_show_sphinx = True 166 | 167 | # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. 168 | #html_show_copyright = True 169 | 170 | # If true, an OpenSearch description file will be output, and all pages will 171 | # contain a tag referring to it. The value of this option must be the 172 | # base URL from which the finished HTML is served. 173 | #html_use_opensearch = '' 174 | 175 | # This is the file name suffix for HTML files (e.g. ".xhtml"). 176 | #html_file_suffix = None 177 | 178 | # Output file base name for HTML help builder. 179 | htmlhelp_basename = 'puppet-horizonReleaseNotesdoc' 180 | 181 | 182 | # -- Options for LaTeX output --------------------------------------------- 183 | 184 | # Grouping the document tree into LaTeX files. List of tuples 185 | # (source start file, target name, title, 186 | # author, documentclass [howto, manual, or own class]). 187 | latex_documents = [ 188 | ('index', 'puppet-horizonReleaseNotes.tex', 'puppet-horizon Release Notes Documentation', 189 | '2017, Puppet OpenStack Developers', 'manual'), 190 | ] 191 | 192 | # The name of an image file (relative to this directory) to place at the top of 193 | # the title page. 194 | #latex_logo = None 195 | 196 | # For "manual" documents, if this is true, then toplevel headings are parts, 197 | # not chapters. 198 | #latex_use_parts = False 199 | 200 | # If true, show page references after internal links. 201 | #latex_show_pagerefs = False 202 | 203 | # If true, show URL addresses after external links. 204 | #latex_show_urls = False 205 | 206 | # Documents to append as an appendix to all manuals. 207 | #latex_appendices = [] 208 | 209 | # If false, no module index is generated. 210 | #latex_domain_indices = True 211 | 212 | 213 | # -- Options for manual page output --------------------------------------- 214 | 215 | # One entry per manual page. List of tuples 216 | # (source start file, name, description, authors, manual section). 217 | man_pages = [ 218 | ('index', 'puppet-horizonreleasenotes', 'puppet-horizon Release Notes Documentation', 219 | ['2017, Puppet OpenStack Developers'], 1) 220 | ] 221 | 222 | # If true, show URL addresses after external links. 223 | #man_show_urls = False 224 | 225 | 226 | # -- Options for Texinfo output ------------------------------------------- 227 | 228 | # Grouping the document tree into Texinfo files. List of tuples 229 | # (source start file, target name, title, author, 230 | # dir menu entry, description, category) 231 | texinfo_documents = [ 232 | ('index', 'puppet-horizonReleaseNotes', 'puppet-horizon Release Notes Documentation', 233 | '2017, Puppet OpenStack Developers', 'puppet-horizonReleaseNotes', 'One line description of project.', 234 | 'Miscellaneous'), 235 | ] 236 | 237 | # Documents to append as an appendix to all manuals. 238 | #texinfo_appendices = [] 239 | 240 | # If false, no module index is generated. 241 | #texinfo_domain_indices = True 242 | 243 | # How to display URL addresses: 'footnote', 'no', or 'inline'. 244 | #texinfo_show_urls = 'footnote' 245 | 246 | # If true, do not generate a @detailmenu in the "Top" node's menu. 247 | #texinfo_no_detailmenu = False 248 | 249 | # -- Options for Internationalization output ------------------------------ 250 | locale_dirs = ['locale/'] 251 | 252 | # openstackdocstheme options 253 | openstackdocs_repo_name = 'openstack/puppet-horizon' 254 | openstackdocs_bug_project = 'puppet-horizon' 255 | openstackdocs_bug_tag = '' 256 | openstackdocs_auto_name = False 257 | -------------------------------------------------------------------------------- /releasenotes/source/index.rst: -------------------------------------------------------------------------------- 1 | ======================================== 2 | Welcome to puppet-horizon Release Notes! 3 | ======================================== 4 | 5 | Contents 6 | ======== 7 | 8 | .. toctree:: 9 | :maxdepth: 2 10 | 11 | unreleased 12 | 2025.1 13 | 2024.2 14 | 2024.1 15 | 2023.2 16 | 2023.1 17 | zed 18 | yoga 19 | xena 20 | wallaby 21 | victoria 22 | ussuri 23 | train 24 | stein 25 | rocky 26 | queens 27 | pike 28 | ocata 29 | newton 30 | mitaka 31 | 32 | 33 | Indices and tables 34 | ================== 35 | 36 | * :ref:`genindex` 37 | * :ref:`search` 38 | -------------------------------------------------------------------------------- /releasenotes/source/mitaka.rst: -------------------------------------------------------------------------------- 1 | ============================ 2 | Mitaka Series Release Notes 3 | ============================ 4 | 5 | .. release-notes:: 6 | :branch: origin/stable/mitaka 7 | -------------------------------------------------------------------------------- /releasenotes/source/newton.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Newton Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: origin/stable/newton 7 | -------------------------------------------------------------------------------- /releasenotes/source/ocata.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Ocata Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: origin/stable/ocata 7 | -------------------------------------------------------------------------------- /releasenotes/source/pike.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Pike Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/pike 7 | -------------------------------------------------------------------------------- /releasenotes/source/queens.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Queens Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/queens 7 | -------------------------------------------------------------------------------- /releasenotes/source/rocky.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Rocky Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/rocky 7 | -------------------------------------------------------------------------------- /releasenotes/source/stein.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Stein Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/stein 7 | -------------------------------------------------------------------------------- /releasenotes/source/train.rst: -------------------------------------------------------------------------------- 1 | ========================== 2 | Train Series Release Notes 3 | ========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/train 7 | -------------------------------------------------------------------------------- /releasenotes/source/unreleased.rst: -------------------------------------------------------------------------------- 1 | ============================== 2 | Current Series Release Notes 3 | ============================== 4 | 5 | .. release-notes:: 6 | -------------------------------------------------------------------------------- /releasenotes/source/ussuri.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | Ussuri Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/ussuri 7 | -------------------------------------------------------------------------------- /releasenotes/source/victoria.rst: -------------------------------------------------------------------------------- 1 | ============================= 2 | Victoria Series Release Notes 3 | ============================= 4 | 5 | .. release-notes:: 6 | :branch: stable/victoria 7 | -------------------------------------------------------------------------------- /releasenotes/source/wallaby.rst: -------------------------------------------------------------------------------- 1 | ============================ 2 | Wallaby Series Release Notes 3 | ============================ 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/wallaby 7 | -------------------------------------------------------------------------------- /releasenotes/source/xena.rst: -------------------------------------------------------------------------------- 1 | ========================= 2 | Xena Series Release Notes 3 | ========================= 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/xena 7 | -------------------------------------------------------------------------------- /releasenotes/source/yoga.rst: -------------------------------------------------------------------------------- 1 | ========================= 2 | Yoga Series Release Notes 3 | ========================= 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/yoga 7 | -------------------------------------------------------------------------------- /releasenotes/source/zed.rst: -------------------------------------------------------------------------------- 1 | ======================== 2 | Zed Series Release Notes 3 | ======================== 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/zed 7 | -------------------------------------------------------------------------------- /setup.cfg: -------------------------------------------------------------------------------- 1 | [metadata] 2 | name = puppet-horizon 3 | summary = Puppet module for OpenStack Horizon 4 | description_file = 5 | README.md 6 | author = OpenStack 7 | author_email = openstack-discuss@lists.openstack.org 8 | home_page = https://docs.openstack.org/puppet-openstack-guide/latest 9 | license = Apache License, Version 2.0 10 | classifier = 11 | Intended Audience :: Developers 12 | Intended Audience :: Information Technology 13 | Intended Audience :: System Administrators 14 | License :: OSI Approved :: Apache Software License 15 | Operating System :: POSIX :: Linux 16 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | # Copyright (c) 2013 Hewlett-Packard Development Company, L.P. 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 12 | # implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | import setuptools 17 | 18 | setuptools.setup( 19 | setup_requires=['pbr>=2.0.0'], 20 | py_modules=[], 21 | pbr=True) 22 | -------------------------------------------------------------------------------- /spec/acceptance/horizon_with_apache_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper_acceptance' 2 | 3 | describe 'horizon class' do 4 | 5 | context 'default parameters' do 6 | 7 | it 'should work with no errors' do 8 | pp= <<-EOS 9 | include openstack_integration 10 | include openstack_integration::repos 11 | include openstack_integration::apache 12 | include openstack_integration::memcached 13 | 14 | include openstack_integration::horizon 15 | EOS 16 | 17 | # Run it twice and test for idempotency 18 | apply_manifest(pp, :catch_failures => true) 19 | apply_manifest(pp, :catch_changes => true) 20 | end 21 | 22 | # basic test for now, to make sure Apache serve /horizon dashboard 23 | if os[:family] == 'Debian' 24 | it 'executes curl and returns 200' do 25 | command('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://127.0.0.1/horizon -o /dev/null', :acceptable_exit_codes => [0]) do |r| 26 | expect(r.stdout).to match(/^200/) 27 | end 28 | end 29 | elsif os[:family] == 'RedHat' 30 | it 'executes curl and returns 200' do 31 | command('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://127.0.0.1/dashboard -o /dev/null', :acceptable_exit_codes => [0]) do |r| 32 | expect(r.stdout).to match(/^200/) 33 | end 34 | end 35 | end 36 | 37 | end 38 | 39 | context 'parameters with modified root' do 40 | 41 | it 'should work with no errors' do 42 | pp= <<-EOS 43 | include openstack_integration 44 | include openstack_integration::repos 45 | include openstack_integration::apache 46 | include openstack_integration::memcached 47 | 48 | class { 'openstack_integration::horizon': 49 | root_url => '', 50 | } 51 | EOS 52 | 53 | # Run it twice and test for idempotency 54 | apply_manifest(pp, :catch_failures => true) 55 | apply_manifest(pp, :catch_changes => true) 56 | end 57 | 58 | # basic test for now, to make sure Apache serve /horizon dashboard 59 | it 'executes curl and returns 200' do 60 | command('curl --connect-timeout 5 -sL -w "%{http_code} %{url_effective}\n" http://127.0.0.1 -o /dev/null', :acceptable_exit_codes => [0]) do |r| 61 | expect(r.stdout).to match(/^200/) 62 | end 63 | end 64 | end 65 | end 66 | -------------------------------------------------------------------------------- /spec/classes/horizon_dashboards_designate_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::dashboards::designate' do 4 | 5 | let :params do 6 | {} 7 | end 8 | 9 | shared_examples_for 'horizon::dashboards::designate' do 10 | 11 | context 'with default parameters' do 12 | let(:pre_condition) do 13 | <<-eos 14 | class { 'horizon': 15 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 16 | } 17 | eos 18 | end 19 | 20 | it 'installs designate-dashboard package' do 21 | is_expected.to contain_package('designate-dashboard').with( 22 | :ensure => 'present', 23 | :name => platform_params[:designate_dashboard_package_name], 24 | :tag => ['openstack', 'horizon-package'] 25 | ) 26 | end 27 | 28 | it 'generates _1799_dns_settings.py' do 29 | verify_concat_fragment_contents(catalogue, '_1799_dns_settings.py', [ 30 | "settings.POLICY_FILES.update({", 31 | " 'dns': 'designate_policy.yaml',", 32 | "})" 33 | ]) 34 | end 35 | end 36 | 37 | context 'without the horizon class defined' do 38 | it { should raise_error(Puppet::Error) } 39 | end 40 | 41 | context 'with policy customization' do 42 | let(:pre_condition) do 43 | <<-eos 44 | class { 'horizon': 45 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 46 | policy_files_path => '/etc/openstack-dashboard', 47 | } 48 | class { 'horizon::policy': } 49 | eos 50 | end 51 | 52 | before do 53 | params.merge!({ 54 | :policies => {} 55 | }) 56 | end 57 | 58 | it 'configures policy' do 59 | is_expected.to contain_horizon__policy__base('designate_policy.yaml').with( 60 | :policies => {}, 61 | :file_mode => '0640', 62 | :file_format => 'yaml', 63 | :purge_config => false, 64 | ) 65 | end 66 | end 67 | 68 | context 'with policy customization but without the horizon::policy class' do 69 | let(:pre_condition) do 70 | <<-eos 71 | class { 'horizon': 72 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 73 | policy_files_path => '/etc/openstack-dashboard', 74 | } 75 | eos 76 | end 77 | 78 | before do 79 | params.merge!({ 80 | :policies => {} 81 | }) 82 | end 83 | 84 | it { should raise_error(Puppet::Error) } 85 | end 86 | end 87 | 88 | on_supported_os({ 89 | :supported_os => OSDefaults.get_supported_os 90 | }).each do |os,facts| 91 | context "on #{os}" do 92 | let (:facts) do 93 | facts.merge!(OSDefaults.get_facts()) 94 | end 95 | 96 | let(:platform_params) do 97 | case facts[:os]['family'] 98 | when 'Debian' 99 | { :designate_dashboard_package_name => 'python3-designate-dashboard' } 100 | when 'RedHat' 101 | { :designate_dashboard_package_name => 'openstack-designate-ui' } 102 | end 103 | end 104 | 105 | it_behaves_like 'horizon::dashboards::designate' 106 | end 107 | end 108 | 109 | end 110 | -------------------------------------------------------------------------------- /spec/classes/horizon_dashboards_heat_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::dashboards::heat' do 4 | 5 | let :params do 6 | {} 7 | end 8 | 9 | shared_examples_for 'horizon::dashboards::heat' do 10 | 11 | context 'with default parameters' do 12 | let(:pre_condition) do 13 | <<-eos 14 | class { 'horizon': 15 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 16 | } 17 | eos 18 | end 19 | it 'installs heat-dashboard package' do 20 | is_expected.to contain_package('heat-dashboard').with( 21 | :ensure => 'present', 22 | :name => platform_params[:heat_dashboard_package_name], 23 | :tag => ['openstack', 'horizon-package'] 24 | ) 25 | end 26 | 27 | it 'generates _1699_orchestration_settings.py' do 28 | verify_concat_fragment_contents(catalogue, '_1699_orchestration_settings.py', [ 29 | "settings.POLICY_FILES.update({", 30 | " 'orchestration': 'heat_policy.yaml',", 31 | "})" 32 | ]) 33 | verify_concat_fragment_contents(catalogue, '_1699_orchestration_settings.py', [ 34 | "OPENSTACK_HEAT_STACK = {", 35 | " 'enable_user_pass': True,", 36 | "}", 37 | ]) 38 | verify_concat_fragment_contents(catalogue, '_1699_orchestration_settings.py', [ 39 | "HEAT_TEMPLATE_GENERATOR_API_TIMEOUT = 60" 40 | ]) 41 | verify_concat_fragment_contents(catalogue, '_1699_orchestration_settings.py', [ 42 | "HEAT_TEMPLATE_GENERATOR_API_PARALLEL = 2" 43 | ]) 44 | end 45 | end 46 | 47 | context 'with enable_user_pass disabled' do 48 | let(:pre_condition) do 49 | <<-eos 50 | class { 'horizon': 51 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 52 | } 53 | eos 54 | end 55 | before do 56 | params.merge!({ :enable_user_pass => false }) 57 | end 58 | it 'generates _1699_orchestration_settings.py' do 59 | verify_concat_fragment_contents(catalogue, '_1699_orchestration_settings.py', [ 60 | "OPENSTACK_HEAT_STACK = {", 61 | " 'enable_user_pass': False,", 62 | "}", 63 | ]) 64 | end 65 | end 66 | 67 | context 'with template_generator parameters set' do 68 | let(:pre_condition) do 69 | <<-eos 70 | class { 'horizon': 71 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 72 | } 73 | eos 74 | end 75 | before do 76 | params.merge!({ 77 | :template_generator_api_timeout => 120, 78 | :template_generator_api_parallel => 4, 79 | }) 80 | end 81 | it 'generates _1699_orchestration_settings.py' do 82 | verify_concat_fragment_contents(catalogue, '_1699_orchestration_settings.py', [ 83 | "HEAT_TEMPLATE_GENERATOR_API_TIMEOUT = 120" 84 | ]) 85 | verify_concat_fragment_contents(catalogue, '_1699_orchestration_settings.py', [ 86 | "HEAT_TEMPLATE_GENERATOR_API_PARALLEL = 4" 87 | ]) 88 | end 89 | end 90 | 91 | context 'without the horizon class defined' do 92 | it { should raise_error(Puppet::Error) } 93 | end 94 | 95 | context 'with policy customization' do 96 | let(:pre_condition) do 97 | <<-eos 98 | class { 'horizon': 99 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 100 | policy_files_path => '/etc/openstack-dashboard', 101 | } 102 | class { 'horizon::policy': } 103 | eos 104 | end 105 | 106 | before do 107 | params.merge!({ 108 | :policies => {} 109 | }) 110 | end 111 | 112 | it 'configures policy' do 113 | is_expected.to contain_horizon__policy__base('heat_policy.yaml').with( 114 | :policies => {}, 115 | :file_mode => '0640', 116 | :file_format => 'yaml', 117 | :purge_config => false, 118 | ) 119 | end 120 | end 121 | 122 | context 'with policy customization but without the horizon::policy class' do 123 | let(:pre_condition) do 124 | <<-eos 125 | class { 'horizon': 126 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 127 | policy_files_path => '/etc/openstack-dashboard', 128 | } 129 | eos 130 | end 131 | 132 | before do 133 | params.merge!({ 134 | :policies => {} 135 | }) 136 | end 137 | 138 | it { should raise_error(Puppet::Error) } 139 | end 140 | end 141 | 142 | on_supported_os({ 143 | :supported_os => OSDefaults.get_supported_os 144 | }).each do |os,facts| 145 | context "on #{os}" do 146 | let (:facts) do 147 | facts.merge!(OSDefaults.get_facts()) 148 | end 149 | 150 | let(:platform_params) do 151 | case facts[:os]['family'] 152 | when 'Debian' 153 | { :heat_dashboard_package_name => 'python3-heat-dashboard' } 154 | when 'RedHat' 155 | { :heat_dashboard_package_name => 'openstack-heat-ui' } 156 | end 157 | end 158 | 159 | it_behaves_like 'horizon::dashboards::heat' 160 | end 161 | end 162 | 163 | end 164 | -------------------------------------------------------------------------------- /spec/classes/horizon_dashboards_ironic_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::dashboards::ironic' do 4 | 5 | let :params do 6 | {} 7 | end 8 | 9 | shared_examples_for 'horizon::dashboards::ironic' do 10 | 11 | context 'with default parameters' do 12 | let(:pre_condition) do 13 | <<-eos 14 | class { 'horizon': 15 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 16 | } 17 | eos 18 | end 19 | 20 | it 'installs ironic-dashboard package' do 21 | is_expected.to contain_package('ironic-dashboard').with( 22 | :ensure => 'present', 23 | :name => platform_params[:ironic_dashboard_package_name], 24 | :tag => ['openstack', 'horizon-package'] 25 | ) 26 | end 27 | end 28 | 29 | context 'without the horizon class defined' do 30 | it { should raise_error(Puppet::Error) } 31 | end 32 | end 33 | 34 | on_supported_os({ 35 | :supported_os => OSDefaults.get_supported_os 36 | }).each do |os,facts| 37 | context "on #{os}" do 38 | let (:facts) do 39 | facts.merge!(OSDefaults.get_facts()) 40 | end 41 | 42 | let(:platform_params) do 43 | case facts[:os]['family'] 44 | when 'Debian' 45 | { :ironic_dashboard_package_name => 'python3-ironic-ui' } 46 | when 'RedHat' 47 | { :ironic_dashboard_package_name => 'openstack-ironic-ui' } 48 | end 49 | end 50 | 51 | it_behaves_like 'horizon::dashboards::ironic' 52 | end 53 | end 54 | 55 | end 56 | -------------------------------------------------------------------------------- /spec/classes/horizon_dashboards_manila_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::dashboards::manila' do 4 | 5 | let :params do 6 | {} 7 | end 8 | 9 | shared_examples_for 'horizon::dashboards::manila' do 10 | 11 | context 'with default parameters' do 12 | let(:pre_condition) do 13 | <<-eos 14 | class { 'horizon': 15 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 16 | } 17 | eos 18 | end 19 | 20 | it 'installs manila-dashboard package' do 21 | is_expected.to contain_package('manila-dashboard').with( 22 | :ensure => 'present', 23 | :name => platform_params[:manila_dashboard_package_name], 24 | :tag => ['openstack', 'horizon-package'] 25 | ) 26 | end 27 | 28 | it 'generates _90_manila_shares.py' do 29 | verify_concat_fragment_contents(catalogue, '_90_manila_shares.py', [ 30 | "settings.POLICY_FILES.update({", 31 | " 'share': 'manila_policy.yaml',", 32 | "})" 33 | ]) 34 | verify_concat_fragment_contents(catalogue, '_90_manila_shares.py', [ 35 | " 'enable_share_groups': True,", 36 | " 'enable_replication': True,", 37 | " 'enable_migration': True,", 38 | " 'enable_public_share_type_creation': True,", 39 | " 'enable_public_share_group_type_creation': True,", 40 | " 'enable_public_shares': True,", 41 | " 'enabled_share_protocols': ['NFS', 'CIFS', 'GlusterFS', 'HDFS', 'CephFS', 'MapRFS'],", 42 | ]) 43 | end 44 | end 45 | 46 | context 'without the horizon class defined' do 47 | it { should raise_error(Puppet::Error) } 48 | end 49 | 50 | context 'with policy customization' do 51 | let(:pre_condition) do 52 | <<-eos 53 | class { 'horizon': 54 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 55 | policy_files_path => '/etc/openstack-dashboard', 56 | } 57 | class { 'horizon::policy': } 58 | eos 59 | end 60 | 61 | before do 62 | params.merge!({ 63 | :policies => {} 64 | }) 65 | end 66 | 67 | it 'configures policy' do 68 | is_expected.to contain_horizon__policy__base('manila_policy.yaml').with( 69 | :policies => {}, 70 | :file_mode => '0640', 71 | :file_format => 'yaml', 72 | :purge_config => false, 73 | ) 74 | end 75 | end 76 | 77 | context 'with policy customization but without the horizon::policy class' do 78 | let(:pre_condition) do 79 | <<-eos 80 | class { 'horizon': 81 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 82 | policy_files_path => '/etc/openstack-dashboard', 83 | } 84 | eos 85 | end 86 | 87 | before do 88 | params.merge!({ 89 | :policies => {} 90 | }) 91 | end 92 | 93 | it { should raise_error(Puppet::Error) } 94 | end 95 | end 96 | 97 | on_supported_os({ 98 | :supported_os => OSDefaults.get_supported_os 99 | }).each do |os,facts| 100 | context "on #{os}" do 101 | let (:facts) do 102 | facts.merge!(OSDefaults.get_facts()) 103 | end 104 | 105 | let(:platform_params) do 106 | case facts[:os]['family'] 107 | when 'Debian' 108 | { :manila_dashboard_package_name => 'python3-manila-ui' } 109 | when 'RedHat' 110 | { :manila_dashboard_package_name => 'openstack-manila-ui' } 111 | end 112 | end 113 | 114 | it_behaves_like 'horizon::dashboards::manila' 115 | end 116 | end 117 | 118 | end 119 | -------------------------------------------------------------------------------- /spec/classes/horizon_dashboards_octavia_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::dashboards::octavia' do 4 | 5 | let :params do 6 | {} 7 | end 8 | 9 | shared_examples_for 'horizon::dashboards::octavia' do 10 | 11 | context 'with default parameters' do 12 | let(:pre_condition) do 13 | <<-eos 14 | class { 'horizon': 15 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 16 | } 17 | eos 18 | end 19 | 20 | it 'installs octavia-dashboard package' do 21 | is_expected.to contain_package('octavia-dashboard').with( 22 | :ensure => 'present', 23 | :name => platform_params[:octavia_dashboard_package_name], 24 | :tag => ['openstack', 'horizon-package'] 25 | ) 26 | end 27 | 28 | it 'generates _1499_load_balancer_settings.py' do 29 | verify_concat_fragment_contents(catalogue, '_1499_load_balancer_settings.py', [ 30 | "settings.POLICY_FILES.update({", 31 | " 'load-balancer': 'octavia_policy.yaml',", 32 | "})" 33 | ]) 34 | end 35 | end 36 | 37 | context 'without the horizon class defined' do 38 | it { should raise_error(Puppet::Error) } 39 | end 40 | 41 | context 'with policy customization' do 42 | let(:pre_condition) do 43 | <<-eos 44 | class { 'horizon': 45 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 46 | policy_files_path => '/etc/openstack-dashboard', 47 | } 48 | class { 'horizon::policy': } 49 | eos 50 | end 51 | 52 | before do 53 | params.merge!({ 54 | :policies => {} 55 | }) 56 | end 57 | 58 | it 'configures policy' do 59 | is_expected.to contain_horizon__policy__base('octavia_policy.yaml').with( 60 | :policies => {}, 61 | :file_mode => '0640', 62 | :file_format => 'yaml', 63 | :purge_config => false, 64 | ) 65 | end 66 | end 67 | 68 | context 'with policy customization but without the horizon::policy class' do 69 | let(:pre_condition) do 70 | <<-eos 71 | class { 'horizon': 72 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 73 | policy_files_path => '/etc/openstack-dashboard', 74 | } 75 | eos 76 | end 77 | 78 | before do 79 | params.merge!({ 80 | :policies => {} 81 | }) 82 | end 83 | 84 | it { should raise_error(Puppet::Error) } 85 | end 86 | end 87 | 88 | on_supported_os({ 89 | :supported_os => OSDefaults.get_supported_os 90 | }).each do |os,facts| 91 | context "on #{os}" do 92 | let (:facts) do 93 | facts.merge!(OSDefaults.get_facts()) 94 | end 95 | 96 | let(:platform_params) do 97 | case facts[:os]['family'] 98 | when 'Debian' 99 | { :octavia_dashboard_package_name => 'python3-octavia-dashboard' } 100 | when 'RedHat' 101 | { :octavia_dashboard_package_name => 'openstack-octavia-ui' } 102 | end 103 | end 104 | 105 | it_behaves_like 'horizon::dashboards::octavia' 106 | end 107 | end 108 | 109 | end 110 | -------------------------------------------------------------------------------- /spec/classes/horizon_policy_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::policy' do 4 | 5 | let :params do 6 | {} 7 | end 8 | 9 | shared_examples_for 'horizon::policy' do 10 | 11 | context 'with default parameters' do 12 | let(:pre_condition) do 13 | <<-eos 14 | class { 'horizon': 15 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 16 | policy_files_path => '/etc/openstack-dashboard' 17 | } 18 | eos 19 | end 20 | 21 | it 'configures defaults' do 22 | is_expected.to contain_horizon__policy__base('cinder_policy.yaml').with( 23 | :file_mode => '0640', 24 | :file_format => 'yaml', 25 | :purge_config => false, 26 | ) 27 | is_expected.to contain_horizon__policy__base('glance_policy.yaml').with( 28 | :file_mode => '0640', 29 | :file_format => 'yaml', 30 | :purge_config => false, 31 | ) 32 | is_expected.to contain_horizon__policy__base('keystone_policy.yaml').with( 33 | :file_mode => '0640', 34 | :file_format => 'yaml', 35 | :purge_config => false, 36 | ) 37 | is_expected.to contain_horizon__policy__base('neutron_policy.yaml').with( 38 | :file_mode => '0640', 39 | :file_format => 'yaml', 40 | :purge_config => false, 41 | ) 42 | is_expected.to contain_horizon__policy__base('nova_policy.yaml').with( 43 | :file_mode => '0640', 44 | :file_format => 'yaml', 45 | :purge_config => false, 46 | ) 47 | end 48 | end 49 | 50 | context 'with parameters' do 51 | let(:pre_condition) do 52 | <<-eos 53 | class { 'horizon': 54 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 55 | policy_files_path => '/opt/openstack-dashboard', 56 | policy_files => { 57 | 'identity' => 'keystone.yaml', 58 | 'compute' => 'nova.yaml', 59 | 'volume' => 'cinder.yaml', 60 | 'image' => 'glance.yaml', 61 | 'network' => 'neutron.yaml' 62 | } 63 | } 64 | eos 65 | end 66 | 67 | let :params do 68 | { 69 | :file_mode => '0644', 70 | :purge_config => true, 71 | } 72 | end 73 | 74 | it 'configures defaults' do 75 | is_expected.to contain_horizon__policy__base('cinder.yaml').with( 76 | :file_mode => '0644', 77 | :file_format => 'yaml', 78 | :purge_config => true, 79 | ) 80 | is_expected.to contain_horizon__policy__base('glance.yaml').with( 81 | :file_mode => '0644', 82 | :file_format => 'yaml', 83 | :purge_config => true, 84 | ) 85 | is_expected.to contain_horizon__policy__base('keystone.yaml').with( 86 | :file_mode => '0644', 87 | :file_format => 'yaml', 88 | :purge_config => true, 89 | ) 90 | is_expected.to contain_horizon__policy__base('neutron.yaml').with( 91 | :file_mode => '0644', 92 | :file_format => 'yaml', 93 | :purge_config => true, 94 | ) 95 | is_expected.to contain_horizon__policy__base('nova.yaml').with( 96 | :file_mode => '0644', 97 | :file_format => 'yaml', 98 | :purge_config => true, 99 | ) 100 | end 101 | end 102 | 103 | context 'without the horizon class defined' do 104 | it { should raise_error(Puppet::Error) } 105 | end 106 | end 107 | 108 | on_supported_os({ 109 | :supported_os => OSDefaults.get_supported_os 110 | }).each do |os,facts| 111 | context "on #{os}" do 112 | let (:facts) do 113 | facts.merge!(OSDefaults.get_facts()) 114 | end 115 | 116 | it_behaves_like 'horizon::policy' 117 | end 118 | end 119 | 120 | end 121 | -------------------------------------------------------------------------------- /spec/classes/horizon_wsgi_apache_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::wsgi::apache' do 4 | let :params do 5 | {} 6 | end 7 | 8 | let :pre_condition do 9 | "include apache 10 | class { 'horizon': secret_key => 's3cr3t', configure_apache => false }" 11 | end 12 | 13 | let :fixtures_path do 14 | File.expand_path(File.join(__FILE__, '..', '..', 'fixtures')) 15 | end 16 | 17 | shared_examples 'horizon::wsgi::apache' do 18 | 19 | context 'with default parameters' do 20 | it { should contain_class('horizon::params') } 21 | it { should contain_class('apache') } 22 | it { should contain_file(platforms_params[:httpd_config_file]) } 23 | it { should contain_package('horizon').with_ensure('present') } 24 | 25 | it { should contain_apache__vhost('horizon_vhost').with( 26 | :servername => 'foo.example.com', 27 | :access_log_file => 'horizon_access.log', 28 | :error_log_file => 'horizon_error.log', 29 | :priority => 15, 30 | :serveraliases => ['foo.example.com'], 31 | :docroot => '/var/www/', 32 | :ssl => 'false', 33 | :port => '80', 34 | :redirectmatch_status => 'permanent', 35 | :redirectmatch_regexp => '^/$', 36 | :redirectmatch_dest => platforms_params[:root_url], 37 | :wsgi_script_aliases => { platforms_params[:root_url] => platforms_params[:django_wsgi] }, 38 | :wsgi_process_group => platforms_params[:wsgi_group], 39 | :wsgi_daemon_process => { 40 | platforms_params[:wsgi_group] => { 41 | 'processes' => facts[:os_workers], 42 | 'threads' => '1', 43 | 'user' => platforms_params[:wsgi_user], 44 | 'group' => platforms_params[:wsgi_group], 45 | 'display-name' => 'horizon' 46 | }}, 47 | :wsgi_application_group => '%{GLOBAL}', 48 | )} 49 | end 50 | 51 | context 'with overridden parameters' do 52 | before do 53 | params.merge!({ 54 | :priority => 10, 55 | :redirect_type => 'temp', 56 | :wsgi_processes => '13', 57 | :wsgi_threads => '3', 58 | :access_log_format => 'common', 59 | }) 60 | end 61 | 62 | it { should contain_class('horizon::params') } 63 | it { should contain_class('apache') } 64 | it { should contain_file(platforms_params[:httpd_config_file]) } 65 | it { should contain_package('horizon').with_ensure('present') } 66 | 67 | it { should contain_apache__vhost('horizon_vhost').with( 68 | :servername => 'foo.example.com', 69 | :access_log_file => 'horizon_access.log', 70 | :access_log_format => 'common', 71 | :error_log_file => 'horizon_error.log', 72 | :priority => params[:priority], 73 | :serveraliases => ['foo.example.com'], 74 | :docroot => '/var/www/', 75 | :ssl => 'false', 76 | :port => '80', 77 | :redirectmatch_status => 'temp', 78 | :redirectmatch_regexp => '^/$', 79 | :redirectmatch_dest => platforms_params[:root_url], 80 | :wsgi_script_aliases => { platforms_params[:root_url] => platforms_params[:django_wsgi] }, 81 | :wsgi_process_group => platforms_params[:wsgi_group], 82 | :wsgi_daemon_process => { 83 | platforms_params[:wsgi_group] => { 84 | 'processes' => '13', 85 | 'threads' => '3', 86 | 'user' => platforms_params[:wsgi_user], 87 | 'group' => platforms_params[:wsgi_group], 88 | 'display-name' => 'horizon' 89 | }}, 90 | :wsgi_application_group => '%{GLOBAL}', 91 | )} 92 | end 93 | 94 | context 'with custom_custom_wsgi_options' do 95 | before do 96 | params.merge!({ 97 | :custom_wsgi_process_options => { 98 | 'user' => 'myuser', 99 | 'python_path' => '/my/python/admin/path', 100 | }, 101 | }) 102 | end 103 | 104 | it { should contain_apache__vhost('horizon_vhost').with( 105 | :wsgi_daemon_process => { 106 | platforms_params[:wsgi_group] => { 107 | 'processes' => facts[:os_workers], 108 | 'threads' => '1', 109 | 'user' => 'myuser', 110 | 'group' => platforms_params[:wsgi_group], 111 | 'display-name' => 'horizon', 112 | 'python_path' => '/my/python/admin/path' 113 | }} 114 | )} 115 | end 116 | 117 | context 'with ssl enabled' do 118 | before do 119 | params.merge!({ 120 | :listen_ssl => true, 121 | :ssl_redirect => true, 122 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 123 | :ssl_key => '/etc/pki/tls/private/httpd.key', 124 | :ssl_ca => '/etc/pki/tls/certs/ca.crt', 125 | :ssl_verify_client => 'optional', 126 | }) 127 | end 128 | 129 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 130 | :servername => 'foo.example.com', 131 | :access_log_file => 'horizon_ssl_access.log', 132 | :error_log_file => 'horizon_ssl_error.log', 133 | :priority => 15, 134 | :serveraliases => ['foo.example.com'], 135 | :docroot => '/var/www/', 136 | :ssl => 'true', 137 | :port => '443', 138 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 139 | :ssl_key => '/etc/pki/tls/private/httpd.key', 140 | :ssl_ca => '/etc/pki/tls/certs/ca.crt', 141 | :ssl_verify_client => 'optional', 142 | :redirectmatch_status => 'permanent', 143 | :redirectmatch_regexp => '^/$', 144 | :redirectmatch_dest => platforms_params[:root_url], 145 | :wsgi_process_group => 'horizon-ssl', 146 | :wsgi_daemon_process => { 147 | 'horizon-ssl' => { 148 | 'processes' => facts[:os_workers], 149 | 'threads' => '1', 150 | 'user' => platforms_params[:wsgi_user], 151 | 'group' => platforms_params[:wsgi_group], 152 | 'display-name' => 'horizon' 153 | }}, 154 | :wsgi_application_group => '%{GLOBAL}', 155 | :wsgi_script_aliases => { 156 | platforms_params[:root_url] => platforms_params[:django_wsgi] 157 | } 158 | )} 159 | 160 | it { should contain_apache__vhost('horizon_vhost').with( 161 | :servername => 'foo.example.com', 162 | :access_log_file => 'horizon_access.log', 163 | :error_log_file => 'horizon_error.log', 164 | :priority => 15, 165 | :serveraliases => ['foo.example.com'], 166 | :docroot => '/var/www/', 167 | :ssl => 'false', 168 | :port => '80', 169 | :redirectmatch_status => 'permanent', 170 | :redirectmatch_regexp => '(.*)', 171 | :redirectmatch_dest => 'https://foo.example.com', 172 | :wsgi_process_group => platforms_params[:wsgi_group], 173 | :wsgi_daemon_process => { 174 | platforms_params[:wsgi_group] => { 175 | 'processes' => facts[:os_workers], 176 | 'threads' => '1', 177 | 'user' => platforms_params[:wsgi_user], 178 | 'group' => platforms_params[:wsgi_group], 179 | 'display-name' => 'horizon' 180 | }}, 181 | :wsgi_application_group => '%{GLOBAL}', 182 | :wsgi_script_aliases => { 183 | platforms_params[:root_url] => platforms_params[:django_wsgi] 184 | } 185 | )} 186 | end 187 | 188 | context 'without ssl_cert parameter' do 189 | before do 190 | params.merge!( :listen_ssl => true ) 191 | end 192 | 193 | it { should raise_error(Puppet::Error, /The ssl_cert parameter is required when listen_ssl is true/) } 194 | end 195 | 196 | context 'without ssl_key parameter' do 197 | before do 198 | params.merge!( :listen_ssl => true, 199 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt' ) 200 | end 201 | 202 | it { should raise_error(Puppet::Error, /The ssl_key parameter is required when listen_ssl is true/) } 203 | end 204 | 205 | context 'without ssl_verify_client' do 206 | before do 207 | params.merge!( :listen_ssl => true, 208 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 209 | :ssl_key => '/etc/pki/tls/certs/httpd.key', 210 | :ssl_ca => '/etc/pki/tls/certs/httpd.ca' ) 211 | end 212 | 213 | it { should raise_error(Puppet::Error, /The ssl_verify_client parameter is required when setting ssl_ca/) } 214 | end 215 | 216 | context 'with extra parameters' do 217 | before do 218 | params.merge!({ 219 | :extra_params => { 220 | 'add_listen' => false, 221 | 'docroot' => '/tmp' 222 | }, 223 | }) 224 | end 225 | 226 | it { should contain_apache__vhost('horizon_vhost').with( 227 | :add_listen => false, 228 | :docroot => '/tmp' 229 | )} 230 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 231 | :add_listen => false, 232 | :docroot => '/tmp' 233 | )} 234 | end 235 | 236 | context 'with ssl extra parameters' do 237 | before do 238 | params.merge!({ 239 | :extra_params => { 240 | 'docroot' => '/root1' 241 | }, 242 | :ssl_extra_params => { 243 | 'docroot' => '/root2' 244 | }, 245 | }) 246 | end 247 | 248 | it { should contain_apache__vhost('horizon_vhost').with( 249 | :docroot => '/root1' 250 | )} 251 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 252 | :docroot => '/root2' 253 | )} 254 | end 255 | 256 | context 'with root_url set to /' do 257 | before do 258 | params.merge!({ 259 | :root_url => '/', 260 | :root_path => '/tmp/horizon' 261 | }) 262 | end 263 | 264 | it { should contain_apache__vhost('horizon_vhost').with( 265 | :aliases => [ 266 | { 'alias' => '/static', 'path' => '/tmp/horizon/static' } 267 | ], 268 | :wsgi_script_aliases => { 269 | '/' => platforms_params[:django_wsgi] 270 | } 271 | )} 272 | 273 | it { should_not contain_apache__vhost('horizon_vhost').with( 274 | :redirectmatch_regexp => '^/$', 275 | :redirectmatch_dest => '/' 276 | )} 277 | 278 | it { should_not contain_apache__vhost('horizon_ssl_vhost').with( 279 | :redirectmatch_regexp => '^/$', 280 | :redirectmatch_dest => '/' 281 | )} 282 | end 283 | 284 | context 'with root_url set to empty' do 285 | before do 286 | params.merge!({ 287 | :root_url => '', 288 | }) 289 | end 290 | 291 | it { should_not contain_apache__vhost('horizon_vhost').with( 292 | :redirectmatch_regexp => '(.*)', 293 | :redirectmatch_dest => '/' 294 | )} 295 | 296 | it { should_not contain_apache__vhost('horizon_ssl_vhost').with( 297 | :redirectmatch_regexp => '^/$', 298 | :redirectmatch_dest => '' 299 | )} 300 | end 301 | 302 | context 'without ssl and custom root_url' do 303 | before do 304 | params.merge!({ 305 | :listen_ssl => false, 306 | :root_url => '/custom', 307 | }) 308 | end 309 | 310 | it { should contain_apache__vhost('horizon_vhost').with( 311 | :redirectmatch_regexp => '^/$', 312 | :redirectmatch_dest => '/custom', 313 | )} 314 | end 315 | 316 | context 'without ssl and slash root_url' do 317 | before do 318 | params.merge!({ 319 | :listen_ssl => false, 320 | :root_url => '/', 321 | }) 322 | end 323 | 324 | it { should contain_apache__vhost('horizon_vhost').with( 325 | :redirectmatch_regexp => nil, 326 | :redirectmatch_dest => nil, 327 | )} 328 | end 329 | 330 | context 'with listen_ssl and ssl_redirect set to true' do 331 | before do 332 | params.merge!({ 333 | :listen_ssl => true, 334 | :ssl_redirect => true, 335 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 336 | :ssl_key => '/etc/pki/tls/private/httpd.key', 337 | :ssl_ca => '/etc/pki/tls/certs/ca.crt', 338 | :ssl_verify_client => 'optional', 339 | }) 340 | end 341 | 342 | it { should contain_apache__vhost('horizon_vhost').with( 343 | :redirectmatch_regexp => '(.*)', 344 | :redirectmatch_dest => 'https://foo.example.com', 345 | )} 346 | 347 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 348 | :redirectmatch_regexp => '^/$', 349 | :redirectmatch_dest => platforms_params[:root_url], 350 | )} 351 | end 352 | 353 | context 'with listen_ssl and ssl_redirect with a slash root_url' do 354 | before do 355 | params.merge!({ 356 | :listen_ssl => true, 357 | :ssl_redirect => true, 358 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 359 | :ssl_key => '/etc/pki/tls/private/httpd.key', 360 | :ssl_ca => '/etc/pki/tls/certs/ca.crt', 361 | :ssl_verify_client => 'optional', 362 | :root_url => '/', 363 | }) 364 | end 365 | 366 | it { should contain_apache__vhost('horizon_vhost').with( 367 | :redirectmatch_regexp => '(.*)', 368 | :redirectmatch_dest => 'https://foo.example.com', 369 | )} 370 | 371 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 372 | :redirectmatch_regexp => nil, 373 | :redirectmatch_dest => nil, 374 | )} 375 | end 376 | 377 | context 'with listen_ssl and ssl_redirect with an empty root_url' do 378 | before do 379 | params.merge!({ 380 | :listen_ssl => true, 381 | :ssl_redirect => true, 382 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 383 | :ssl_key => '/etc/pki/tls/private/httpd.key', 384 | :ssl_ca => '/etc/pki/tls/certs/ca.crt', 385 | :ssl_verify_client => 'optional', 386 | :root_url => '', 387 | }) 388 | end 389 | 390 | it { should contain_apache__vhost('horizon_vhost').with( 391 | :redirectmatch_regexp => '(.*)', 392 | :redirectmatch_dest => 'https://foo.example.com', 393 | )} 394 | 395 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 396 | :redirectmatch_regexp => nil, 397 | :redirectmatch_dest => nil, 398 | )} 399 | end 400 | 401 | context 'with listen_ssl and ssl_redirect disabled' do 402 | before do 403 | params.merge!({ 404 | :listen_ssl => true, 405 | :ssl_redirect => false, 406 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 407 | :ssl_key => '/etc/pki/tls/private/httpd.key', 408 | :ssl_ca => '/etc/pki/tls/certs/ca.crt', 409 | :ssl_verify_client => 'optional', 410 | }) 411 | end 412 | 413 | it { should contain_apache__vhost('horizon_vhost').with( 414 | :redirectmatch_regexp => '^/$', 415 | :redirectmatch_dest => platforms_params[:root_url], 416 | )} 417 | 418 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 419 | :redirectmatch_regexp => '^/$', 420 | :redirectmatch_dest => platforms_params[:root_url], 421 | )} 422 | end 423 | 424 | context 'with listen_ssl and ssl_redirect disabled with custom root_url' do 425 | before do 426 | params.merge!({ 427 | :listen_ssl => true, 428 | :ssl_redirect => false, 429 | :ssl_cert => '/etc/pki/tls/certs/httpd.crt', 430 | :ssl_key => '/etc/pki/tls/private/httpd.key', 431 | :ssl_ca => '/etc/pki/tls/certs/ca.crt', 432 | :ssl_verify_client => 'optional', 433 | :root_url => '/custom', 434 | }) 435 | end 436 | 437 | it { should contain_apache__vhost('horizon_vhost').with( 438 | :redirectmatch_regexp => '^/$', 439 | :redirectmatch_dest => '/custom', 440 | )} 441 | 442 | it { should contain_apache__vhost('horizon_ssl_vhost').with( 443 | :redirectmatch_regexp => '^/$', 444 | :redirectmatch_dest => '/custom', 445 | )} 446 | end 447 | end 448 | 449 | shared_examples 'horizon::wsgi::apache on RedHat' do 450 | it { should contain_apache__vhost('horizon_vhost').with( 451 | :aliases => [ 452 | { 'alias' => '/dashboard/static', 'path' => '/usr/share/openstack-dashboard/static' } 453 | ], 454 | )} 455 | 456 | context 'with root_path set to /tmp/horizon' do 457 | before do 458 | params.merge!({ 459 | :root_path => '/tmp/horizon', 460 | }) 461 | end 462 | 463 | it { should contain_apache__vhost('horizon_vhost').with( 464 | :aliases => [ 465 | { 'alias' => '/dashboard/static', 'path' => '/tmp/horizon/static' } 466 | ], 467 | )} 468 | end 469 | end 470 | 471 | shared_examples 'horizon::wsgi::apache on Debian' do 472 | it { should contain_apache__vhost('horizon_vhost').with( 473 | :aliases => [ 474 | { 'alias' => '/horizon/static', 'path' => '/var/lib/openstack-dashboard/static' } 475 | ], 476 | )} 477 | 478 | context 'with root_path set to /tmp/horizon' do 479 | before do 480 | params.merge!({ 481 | :root_path => '/tmp/horizon', 482 | }) 483 | end 484 | 485 | it { should contain_apache__vhost('horizon_vhost').with( 486 | :aliases => [ 487 | { 'alias' => '/horizon/static', 'path' => '/tmp/horizon/static' } 488 | ], 489 | )} 490 | end 491 | end 492 | 493 | on_supported_os({ 494 | :supported_os => OSDefaults.get_supported_os 495 | }).each do |os,facts| 496 | context "on #{os}" do 497 | let (:facts) do 498 | facts.merge!(OSDefaults.get_facts({ 499 | :os_workers => '6' 500 | })) 501 | end 502 | 503 | let(:platforms_params) do 504 | case facts[:os]['family'] 505 | when 'Debian' 506 | case facts[:os]['name'] 507 | when 'Debian' 508 | { 509 | :httpd_config_file => '/etc/apache2/sites-available/openstack-dashboard-alias-only.conf', 510 | :django_wsgi => '/usr/share/openstack-dashboard/wsgi.py', 511 | :root_url => '/horizon', 512 | :wsgi_user => 'horizon', 513 | :wsgi_group => 'horizon' 514 | } 515 | when 'Ubuntu' 516 | { 517 | :httpd_config_file => '/etc/apache2/conf-available/openstack-dashboard.conf', 518 | :django_wsgi => '/usr/share/openstack-dashboard/openstack_dashboard/wsgi.py', 519 | :root_url => '/horizon', 520 | :wsgi_user => 'horizon', 521 | :wsgi_group => 'horizon' 522 | } 523 | end 524 | when 'RedHat' 525 | { 526 | :httpd_config_file => '/etc/httpd/conf.d/openstack-dashboard.conf', 527 | :django_wsgi => '/usr/share/openstack-dashboard/openstack_dashboard/wsgi.py', 528 | :root_url => '/dashboard', 529 | :wsgi_user => 'apache', 530 | :wsgi_group => 'apache' 531 | } 532 | end 533 | end 534 | 535 | it_behaves_like 'horizon::wsgi::apache' 536 | it_behaves_like "horizon::wsgi::apache on #{facts[:os]['family']}" 537 | end 538 | end 539 | 540 | end 541 | -------------------------------------------------------------------------------- /spec/classes/releasenotes/notes/add_show_diff_parameter-d056b46bceea2f09.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Add ``show_diff`` parameter to show diff on upgrade of parameters. 5 | -------------------------------------------------------------------------------- /spec/defines/horizon_dashboard_spec.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2018 Binero 3 | # 4 | # Author: Tobias Urdin 5 | # 6 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 7 | # not use this file except in compliance with the License. You may obtain 8 | # a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 14 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 15 | # License for the specific language governing permissions and limitations 16 | # under the License. 17 | 18 | require 'spec_helper' 19 | 20 | describe 'horizon::dashboard' do 21 | # NOTE(tobasco): Intentionally set to uppercase to make sure 22 | # it's corrected to lowercase in the code. 23 | let (:title) { 'HeAt' } 24 | 25 | shared_examples 'horizon::dashboard' do 26 | context 'with default' do 27 | it { should contain_package(platform_params[:heat_dashboard_package_name]).with( 28 | :ensure => 'installed', 29 | :tag => ['horizon-package'] 30 | )} 31 | end 32 | 33 | context 'with absent' do 34 | let :params do 35 | { 36 | :ensure => 'absent', 37 | } 38 | end 39 | 40 | it { should contain_package(platform_params[:heat_dashboard_package_name]).with( 41 | :ensure => 'absent', 42 | :tag => ['horizon-package'] 43 | )} 44 | end 45 | end 46 | 47 | shared_examples 'horizon::dashboard on Debian' do 48 | context 'with default' do 49 | it { should contain_package('python3-heat-dashboard').with( 50 | :ensure => 'installed', 51 | :tag => ['horizon-package'] 52 | )} 53 | end 54 | end 55 | 56 | shared_examples 'horizon::dashboard on Ubuntu' do 57 | context 'with default' do 58 | it { should contain_package('python3-heat-dashboard').with( 59 | :ensure => 'installed', 60 | :tag => ['horizon-package'] 61 | )} 62 | end 63 | end 64 | 65 | on_supported_os({ 66 | :supported_os => OSDefaults.get_supported_os 67 | }).each do |os,facts| 68 | context "on #{os}" do 69 | let (:facts) do 70 | facts.merge!(OSDefaults.get_facts()) 71 | end 72 | 73 | let(:platform_params) do 74 | case facts[:os]['family'] 75 | when 'Debian' 76 | { :heat_dashboard_package_name => 'python3-heat-dashboard' } 77 | when 'RedHat' 78 | { :heat_dashboard_package_name => 'openstack-heat-ui' } 79 | end 80 | end 81 | 82 | it_behaves_like 'horizon::dashboard' 83 | 84 | if facts[:os]['family'] == 'Debian' 85 | it_behaves_like "horizon::dashboard on #{facts[:os]['name']}" 86 | end 87 | end 88 | end 89 | 90 | end 91 | -------------------------------------------------------------------------------- /spec/defines/horizon_policy_base_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'horizon::policy::base' do 4 | let (:title) { 'keystone_policy.yaml' } 5 | 6 | shared_examples 'horizon::policy::base' do 7 | context 'with default' do 8 | let :pre_condition do 9 | <<-eos 10 | class { 'horizon': 11 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 12 | policy_files_path => '/etc/openstack-dashboard' 13 | } 14 | eos 15 | end 16 | 17 | let :params do 18 | {} 19 | end 20 | 21 | it 'should configure defaults' do 22 | is_expected.to contain_openstacklib__policy('/etc/openstack-dashboard/keystone_policy.yaml').with( 23 | :policies => {}, 24 | :file_user => platform_params[:wsgi_user], 25 | :file_group => platform_params[:wsgi_group], 26 | :file_mode => '0640', 27 | :purge_config => false, 28 | :tag => 'horizon', 29 | ) 30 | end 31 | end 32 | 33 | context 'with parameters' do 34 | let :pre_condition do 35 | <<-eos 36 | class { 'horizon': 37 | secret_key => 'elj1IWiLoWHgcyYxFVLj7cM5rGOOxWl0', 38 | policy_files_path => '/opt/openstack-dashboard' 39 | } 40 | eos 41 | end 42 | 43 | let :params do 44 | { 45 | :file_mode => '0644', 46 | :purge_config => true, 47 | } 48 | end 49 | 50 | it 'should configure defaults' do 51 | is_expected.to contain_openstacklib__policy('/opt/openstack-dashboard/keystone_policy.yaml').with( 52 | :policies => {}, 53 | :file_user => platform_params[:wsgi_user], 54 | :file_group => platform_params[:wsgi_group], 55 | :file_mode => '0644', 56 | :purge_config => true, 57 | :tag => 'horizon', 58 | ) 59 | end 60 | end 61 | 62 | context 'without the horizon class defined' do 63 | it { should raise_error(Puppet::Error) } 64 | end 65 | end 66 | 67 | on_supported_os({ 68 | :supported_os => OSDefaults.get_supported_os 69 | }).each do |os,facts| 70 | context "on #{os}" do 71 | let (:facts) do 72 | facts.merge!(OSDefaults.get_facts()) 73 | end 74 | 75 | let (:platform_params) do 76 | case facts[:os]['family'] 77 | when 'Debian' 78 | { :wsgi_user => 'horizon', 79 | :wsgi_group => 'horizon' } 80 | when 'RedHat' 81 | { :wsgi_user => 'apache', 82 | :wsgi_group => 'apache' } 83 | end 84 | end 85 | 86 | it_behaves_like 'horizon::policy::base' 87 | end 88 | end 89 | 90 | end 91 | -------------------------------------------------------------------------------- /spec/fixtures/override_local_settings.py.erb: -------------------------------------------------------------------------------- 1 | # Custom local_settings.py 2 | DEBUG = <%= @django_debug %> 3 | 4 | HORIZON_CONFIG["help_url"] = "<%= @help_url %>" 5 | -------------------------------------------------------------------------------- /spec/shared_examples.rb: -------------------------------------------------------------------------------- 1 | shared_examples_for "a Puppet::Error" do |description| 2 | it "with message matching #{description.inspect}" do 3 | expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) 4 | end 5 | end 6 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'puppetlabs_spec_helper/module_spec_helper' 2 | require 'shared_examples' 3 | require 'puppet-openstack_spec_helper/facts' 4 | 5 | fixture_path = File.expand_path(File.join(File.dirname(__FILE__), 'fixtures')) 6 | 7 | RSpec.configure do |c| 8 | c.alias_it_should_behave_like_to :it_configures, 'configures' 9 | c.alias_it_should_behave_like_to :it_raises, 'raises' 10 | 11 | c.module_path = File.join(fixture_path, 'modules') 12 | end 13 | 14 | def verify_concat_fragment_contents(subject, title, expected_lines) 15 | content = subject.resource('concat::fragment', title).send(:parameters)[:content] 16 | expected_lines.each do |expected_line| 17 | expect([expected_line] & content.split("\n")).to eq([expected_line]) 18 | end 19 | end 20 | 21 | at_exit { RSpec::Puppet::Coverage.report! } 22 | -------------------------------------------------------------------------------- /spec/spec_helper_acceptance.rb: -------------------------------------------------------------------------------- 1 | require 'puppet-openstack_spec_helper/litmus_spec_helper' 2 | -------------------------------------------------------------------------------- /spec/type_aliases/availablethemes_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'Horizon::AvailableThemes' do 4 | describe 'valid types' do 5 | context 'with valid types' do 6 | [ 7 | [ 8 | {'name' => 'default'} 9 | ], 10 | [ 11 | {'name' => 'default'}, 12 | {'name' => 'custom'} 13 | ], 14 | ].each do |value| 15 | describe value.inspect do 16 | it { is_expected.to allow_value(value) } 17 | end 18 | end 19 | end 20 | end 21 | 22 | describe 'invalid types' do 23 | context 'with garbage inputs' do 24 | [ 25 | [], 26 | ['name'], 27 | [{'name' => 1}], 28 | [{1 => 'default'}], 29 | [{'name' => ''}], 30 | [{'' => 'default'}], 31 | ].each do |value| 32 | describe value.inspect do 33 | it { is_expected.not_to allow_value(value) } 34 | end 35 | end 36 | end 37 | end 38 | end 39 | -------------------------------------------------------------------------------- /templates/_1499_load_balancer_settings.py.erb: -------------------------------------------------------------------------------- 1 | from django.conf import settings 2 | 3 | 4 | settings.POLICY_FILES.update({ 5 | 'load-balancer': '<%= @policy_file_real %>', 6 | }) 7 | 8 | settings.DEFAULT_POLICY_FILES.update({ 9 | 'load-balancer': 'default_policies/octavia.yaml', 10 | }) 11 | 12 | # Sample 13 | # settings.LOGGING['loggers'].update({ 14 | # 'openstack': { 15 | # 'handlers': ['console'], 16 | # 'level': 'DEBUG', 17 | # 'propagate': False, 18 | # }, 19 | # 'barbicanclient': { 20 | # 'handlers': ['console'], 21 | # 'level': 'DEBUG', 22 | # 'propagate': False, 23 | # } 24 | # }) 25 | settings.LOGGING['loggers'].update({ 26 | 'openstack': { 27 | # 'handlers': ['console'], 28 | 'handlers': ['<%= @log_handlers.join("', '") %>'], 29 | # level': 'DEBUG', 30 | 'level': '<%= @log_level %>', 31 | 'propagate': False, 32 | }, 33 | 'barbicanclient': { 34 | # 'handlers': ['console'], 35 | 'handlers': ['<%= @log_handlers.join("', '") %>'], 36 | # level': 'DEBUG', 37 | 'level': '<%= @log_level %>', 38 | 'propagate': False, 39 | } 40 | }) 41 | -------------------------------------------------------------------------------- /templates/_1699_orchestration_settings.py.erb: -------------------------------------------------------------------------------- 1 | from django.conf import settings 2 | 3 | 4 | OPENSTACK_HEAT_STACK = { 5 | 'enable_user_pass': <%= @enable_user_pass.to_s.capitalize %>, 6 | } 7 | 8 | settings.POLICY_FILES.update({ 9 | 'orchestration': '<%= @policy_file_real %>', 10 | }) 11 | 12 | settings.DEFAULT_POLICY_FILES.update({ 13 | 'orchestration': 'default_policies/heat.yaml', 14 | }) 15 | 16 | # Sample 17 | # settings.LOGGING['loggers'].update({ 18 | # 'heatclient': { 19 | # 'handlers': ['console'], 20 | # 'level': 'DEBUG', 21 | # 'propagate': False, 22 | # } 23 | # }) 24 | settings.LOGGING['loggers'].update({ 25 | 'heatclient': { 26 | # 'handlers': ['console'], 27 | 'handlers': ['<%= @log_handlers.join("', '") %>'], 28 | # level': 'DEBUG', 29 | 'level': '<%= @log_level %>', 30 | 'propagate': False, 31 | } 32 | }) 33 | 34 | # Template Generator retrieve options API TIMEOUT 35 | HEAT_TEMPLATE_GENERATOR_API_TIMEOUT = <%= @template_generator_api_timeout.to_s %> 36 | 37 | # Template Generator retrieve options API PARALLEL LEVEL 38 | HEAT_TEMPLATE_GENERATOR_API_PARALLEL = <%= @template_generator_api_parallel.to_s %> 39 | -------------------------------------------------------------------------------- /templates/_1799_dns_settings.py.erb: -------------------------------------------------------------------------------- 1 | from django.conf import settings 2 | 3 | 4 | settings.POLICY_FILES.update({ 5 | 'dns': '<%= @policy_file_real %>', 6 | }) 7 | 8 | settings.DEFAULT_POLICY_FILES.update({ 9 | 'dns': 'default_policies/designate.yaml', 10 | }) 11 | -------------------------------------------------------------------------------- /templates/_2299_baremetal_settings.py.erb: -------------------------------------------------------------------------------- 1 | from django.conf import settings 2 | 3 | 4 | # Sample 5 | # settings.LOGGING['loggers'].update({ 6 | # 'ironicclient': { 7 | # 'handlers': ['console'], 8 | # 'level': 'DEBUG', 9 | # 'propagate': False, 10 | # } 11 | # }) 12 | settings.LOGGING['loggers'].update({ 13 | 'ironicclient': { 14 | # 'handlers': ['console'], 15 | 'handlers': ['<%= @log_handlers.join("', '") %>'], 16 | # level': 'DEBUG', 17 | 'level': '<%= @log_level %>', 18 | 'propagate': False, 19 | } 20 | }) 21 | -------------------------------------------------------------------------------- /templates/_90_manila_shares.py.erb: -------------------------------------------------------------------------------- 1 | from django.conf import settings 2 | 3 | 4 | settings.POLICY_FILES.update({ 5 | 'share': '<%= @policy_file_real %>', 6 | }) 7 | 8 | settings.DEFAULT_POLICY_FILES.update({ 9 | 'share': 'default_policies/manila.yaml', 10 | }) 11 | 12 | # Sample 13 | # settings.LOGGING['loggers'].update({ 14 | # 'manilaclient': { 15 | # 'handlers': ['console'], 16 | # 'level': 'DEBUG', 17 | # 'propagate': False, 18 | # } 19 | # }) 20 | settings.LOGGING['loggers'].update({ 21 | 'manilaclient': { 22 | # 'handlers': ['console'], 23 | 'handlers': ['<%= @log_handlers.join("', '") %>'], 24 | # level': 'DEBUG', 25 | 'level': '<%= @log_level %>', 26 | 'propagate': False, 27 | } 28 | }) 29 | 30 | # The OPENSTACK_MANILA_FEATURES settings can be used to enable or disable 31 | # the UI for the various services provided by Manila. 32 | #OPENSTACK_MANILA_FEATURES = { 33 | # 'enable_share_groups': True, 34 | # 'enable_replication': True, 35 | # 'enable_migration': True, 36 | # 'enable_public_share_type_creation': True, 37 | # 'enable_public_share_group_type_creation': True, 38 | # 'enable_public_shares': True, 39 | # 'enabled_share_protocols': ['NFS', 'CIFS', 'GlusterFS', 'HDFS', 'CephFS', 40 | # 'MapRFS'], 41 | #} 42 | <%- if ! (@manila_options_real.empty?) -%> 43 | OPENSTACK_MANILA_FEATURES = { 44 | <%- @manila_options_real.sort.each do |opt_name,opt_val| -%> 45 | <%- if opt_val == true or opt_val == false -%> 46 | '<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>, 47 | <%- elsif opt_val.kind_of?(Array) -%> 48 | '<%= opt_name -%>': ['<%= opt_val.join("', '") %>'], 49 | <%- else -%> 50 | '<%= opt_name -%>': '<%= opt_val -%>', 51 | <%-end-%> 52 | <%-end-%> 53 | } 54 | <%-end-%> 55 | -------------------------------------------------------------------------------- /tox.ini: -------------------------------------------------------------------------------- 1 | [tox] 2 | minversion = 3.1 3 | skipsdist = True 4 | envlist = releasenotes 5 | ignore_basepython_conflict = True 6 | 7 | [testenv] 8 | basepython = python3 9 | 10 | [testenv:releasenotes] 11 | deps = -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} 12 | -r{toxinidir}/doc/requirements.txt 13 | commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html 14 | -------------------------------------------------------------------------------- /types/availablethemes.pp: -------------------------------------------------------------------------------- 1 | type Horizon::AvailableThemes = Optional[ 2 | Array[ 3 | Hash[String[1], String[1]], 4 | 1 5 | ] 6 | ] 7 | --------------------------------------------------------------------------------