1 files changed, 123 insertions, 0 deletions

diff --git a/openstack/usr/share/openstack/keystone.yml b/openstack/usr/share/openstack/keystone.yml
new file mode 100644
index 00000000..b139b39f
--- /dev/null
+++ b/openstack/usr/share/openstack/keystone.yml
@@ -0,0 +1,123 @@
+---
+- hosts: localhost
+  vars_files:
+  - "/etc/openstack/keystone.conf"
+  tasks:
+
+  # RabbitMQ configuration, this may end up in a different playbook
+  - name: Create rabbitmq user
+    user: name=rabbitmq comment="Rabbitmq server daemon" shell=/sbin/nologin home=/var/lib/rabbitmq
+
+  - name: Create the rabbitmq directories
+    file: path={{ item }} state=directory owner=rabbitmq group=rabbitmq
+    with_items:
+    - /var/run/rabbitmq
+    - /var/log/rabbitmq
+    - /etc/rabbitmq
+
+  - name: Add the configuration needed for rabbitmq in /etc/rabbitmq using templates
+    template: src=/usr/share/openstack/rabbitmq/{{ item }} dest=/etc/rabbitmq/{{ item }} owner=rabbitmq group=rabbitmq mode=0644
+    with_items:
+    - rabbitmq.config
+    - rabbitmq-env.conf
+
+  - name: Enable and start rabbitmq services
+    service: name={{ item }} enabled=yes state=started
+    with_items:
+    - rabbitmq-server
+
+  # Postgres configuration, this may end up in a different playbook
+  - name: Create postgres user
+    user: name=postgres comment="PostgreSQL Server" shell=/sbin/nologin home=/var/lib/pgsql
+
+  - name: Create the postgres directories
+    file: path={{ item }} state=directory owner=postgres group=postgres
+    with_items:
+    - /var/run/postgresql
+    - /var/lib/pgsql/data
+
+  - name: Initialise postgres database
+    shell: pg_ctl -D  /var/lib/pgsql/data initdb creates=/var/lib/pgsql/data/base
+    sudo: yes
+    sudo_user: postgres
+
+  - name: Add the configuration needed for postgres for Openstack
+    template: src=/usr/share/openstack/postgres/{{ item }} dest=/var/lib/pgsql/data/{{ item }} owner=postgres group=postgres mode=0600
+    with_items:
+    - postgresql.conf
+    - pg_hba.conf
+
+  - name: Enable and start postgres services
+    service: name={{ item }} enabled=yes state=started
+    with_items:
+    - postgres-server
+
+
+  # Keystone configuration
+  - name: Create the keystone user.
+    user: name=keystone comment="Openstack Keystone Daemons" shell=/sbin/nologin home=/var/lib/keystone
+
+  - name: Create the /var folders for keystone
+    file: path={{ item }} state=directory owner=keystone group=keystone
+    with_items:
+    - /var/run/keystone
+    - /var/lock/keystone
+    - /var/log/keystone
+    - /var/lib/keystone
+
+  - file: path=/etc/keystone state=directory
+  - name: Add the configuration needed for lorry in /etc using templates
+    template: src=/usr/share/openstack/keystone/{{ item }} dest=/etc/keystone/{{ item }}
+    with_lines:
+    - (cd /usr/share/openstack/keystone && find -type f)
+
+  - postgresql_user: name={{ KEYSTONE_DB_USER }} password={{ KEYSTONE_DB_PASSWORD }}
+    sudo: yes
+    sudo_user: keystone
+  - postgresql_db: name=keystone owner={{ KEYSTONE_DB_USER }}
+    sudo: yes
+    sudo_user: keystone
+
+  - keystone_manage: action=dbsync
+    sudo: yes
+    sudo_user: keystone
+
+  - name: Enable and start openstack-keystone service
+    service: name=openstack-keystone.service enabled=yes state=started
+
+  - keystone_user: >
+        tenant=admin
+        tenant_description="Admin Tenant"
+        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+        endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+  - keystone_user: >
+        user=admin
+        tenant=admin
+        password={{ KEYSTONE_ADMIN_PASSWORD }}
+        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+        endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+  - keystone_user: >
+        role=admin
+        user=admin
+        tenant=admin
+        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+        endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+  - keystone_user: >
+        tenant=service
+        tenant_description="Service Tenant"
+        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+        endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+
+  - keystone_service: >
+        name=keystone
+        type=identity
+        description="Keystone Identity Service"
+        publicurl=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
+        internalurl=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0
+        adminurl=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0
+        region='regionOne'
+        token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+        endpoint=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0