openstack/openstack-ansible-os_adjutant
Code Issues Proposed changes
e89e3b34f1
openstack-ansible-os_adjutant/templates/adjutant.yaml.j2
Dmitriy Rabotyagov fd85ef7fc8 Use proper galera port in configuration 
While <servuce>_galera_port is defined and used for db_setup
role, it's not in fact used in a connection string for oslo.db.

Change-Id: I7979259bee2ec022299bc214ec3eb1634f796ece
2023-09-08 14:04:35 +00:00

283 lines
9.2 KiB
Django/Jinja
Raw Blame History

django:
secret_key: '{{ adjutant_secret_key }}'
debug: False
allowed_hosts:
- '*'
secure_proxy_ssl_header: HTTP_X_FORWARDED_PROTO
secure_proxy_ssl_header_value: https
databases:
default:
ENGINE: django.db.backends.mysql
HOST: '{{ adjutant_galera_address }}'
NAME: '{{ adjutant_galera_database }}'
PASSWORD: '{{ adjutant_galera_password }}'
USER: '{{ adjutant_galera_user }}'
PORT: '{{ adjutant_galera_port }}'
logging:
version: 1
disable_existing_loggers: False
handlers:
syslog:
class: logging.handlers.SysLogHandler
address: /dev/log
loggers:
adjutant:
handlers:
- syslog
propagate: False
django:
handlers:
- syslog
propagate: False
keystonemiddleware:
handlers:
- syslog
propagate: False
email:
email_backend: {{ adjutant_email_backend }}
host: {{ adjutant_email_host }}
port: {{ adjutant_email_port }}
host_user: {{ adjutant_email_host_user }}
host_password: {{ adjutant_email_host_password | default('') }}
use_tls: {{ adjutant_email_use_tls }}
use_ssl: {{ adjutant_email_use_ssl }}
identity:
token_cache_time: 0
can_edit_users: True
username_is_email: True
role_mapping:
{{ adjutant_role_mapping | to_nice_yaml(indent=2, width=140) | indent(4, True) }}
auth:
username: {{ adjutant_service_user_name }}
password: {{ adjutant_service_password }}
project_name: service
project_domain_id: default
user_domain_id: {{ adjutant_user_domain_id }}
auth_url: {{ keystone_service_adminurl }}
api:
active_delegate_apis:
{{ adjutant_active_delegate_apis | to_nice_yaml(indent=2, width=140) | indent(4, True) }}
delegate_apis:
CreateProjectAndUser:
default_region: {{ adjutant_service_region }}
default_domain_id: default
UserList:
blacklisted_roles:
{{ adjutant_blacklisted_roles | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
UserDetail:
blacklisted_roles:
{{ adjutant_blacklisted_roles | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
UserRoles:
blacklisted_roles:
{{ adjutant_blacklisted_roles | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
SignUp:
default_region: {{ adjutant_service_region }}
default_domain_id: default
notifications:
handler_defaults:
EmailNotification:
emails:
- {{ adjutant_email_notification_address }}
from: {{ adjutant_email_from_address }}
reply: {{ adjutant_email_reply_address }}
template: notification.txt
# html_template: <your_value>
workflow:
horizon_url: {{ adjutant_horizon_publicurl }}
default_token_expiry: 86400
task_defaults:
emails:
initial:
subject: Task Confirmation
from: {{ adjutant_email_from_address }}
reply: {{ adjutant_email_reply_address }}
template: initial.txt
# html_template: <your_value>
token:
subject: Task Token
from: {{ adjutant_email_from_address }}
reply: {{ adjutant_email_reply_address }}
template: token.txt
completed:
subject: Task Completed
from: {{ adjutant_email_from_address }}
reply: {{ adjutant_email_reply_address }}
template: completed.txt
notifications:
standard_handlers:
- EmailNotification
error_handlers:
- EmailNotification
# standard_handler_config:
# error_handler_config:
safe_errors:
- SMTPException
action_defaults:
NewProjectAction:
default_roles:
{{ adjutant_role_mapping.project_admin | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
NewProjectWithUserAction:
default_roles:
{{ adjutant_role_mapping.project_admin | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
AddDefaultUsersToProjectAction:
default_users:
{{ adjutant_default_users_to_project_action | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
default_roles:
{{ adjutant_default_roles_to_project_action | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
NewDefaultNetworkAction:
region_defaults:
network_name: default_network
subnet_name: default_subnet
router_name: default_router
public_network: 04b958fd-5edc-4210-a0ca-8d8b065f9ed6
subnet_cidr: 192.168.1.0/24
dns_nameservers:
- 8.8.8.8
- 8.8.4.4
# regions:
NewProjectDefaultNetworkAction:
region_defaults:
network_name: default_network
subnet_name: default_subnet
router_name: default_router
public_network: 04b958fd-5edc-4210-a0ca-8d8b065f9ed6
subnet_cidr: 192.168.1.0/24
dns_nameservers:
- 8.8.8.8
- 8.8.4.4
# regions:
SetProjectQuotaAction:
size_difference_threshold: {{ adjutant_quota_size_difference_threshold }}
days_between_autoapprove: {{ adjutant_quota_auto_approve_days }}
region_sizes:
{{ adjutant_service_region }}: {{ adjutant_default_quota_size }}
UpdateProjectQuotasAction:
size_difference_threshold: {{ adjutant_quota_size_difference_threshold }}
days_between_autoapprove: {{ adjutant_quota_auto_approve_days }}
ResetUserPasswordAction:
blacklisted_roles:
{{ adjutant_blacklisted_roles | to_nice_yaml(indent=2, width=140) | indent(8, True) }}
SendAdditionalEmailAction:
prepare:
subject: Openstack Email Notification
from: {{ adjutant_email_from_address }}
reply: {{ adjutant_email_reply_address }}
# template: <your_value>
# html_template: <your_value>
email_current_user: False
email_task_cache: False
# Send emails to the given roles on the project.
# email_roles:
# - project_admin
# Send emails to an arbitrary admin emails
# email_additional_addresses:
# - admin@example.org
approve:
subject: Openstack Email Notification
from: {{ adjutant_email_from_address }}
reply: {{ adjutant_email_reply_address }}
email_current_user: False
email_task_cache: False
submit:
subject: Openstack Email Notification
from: {{ adjutant_email_from_address }}
reply: {{ adjutant_email_reply_address }}
email_current_user: False
email_task_cache: False
tasks:
create_project_and_user:
allow_auto_approve: {{ adjutant_signup_allow_auto_approve }}
additional_actions:
- NewProjectDefaultNetworkAction
- AddDefaultUsersToProjectAction
- SetProjectQuotaAction
emails:
completed:
subject: signup completed
template: create_project_and_user_completed.txt
initial:
subject: signup received
template: create_project_and_user_initial.txt
token:
subject: signup approved
template: create_project_and_user_token.txt
notifications:
error_handler_config:
EmailNotification:
emails:
- {{ adjutant_email_signups_notification_address }}
reply: {{ adjutant_email_reply_address }}
error_handlers:
- EmailNotification
standard_handler_config:
EmailNotification:
emails:
- {{ adjutant_email_signups_notification_address }}
reply: {{ adjutant_email_reply_address }}
standard_handlers:
- EmailNotification
edit_user_roles:
allow_auto_approve: True
emails:
completed: null
initial: null
token: null
invite_user_to_project:
allow_auto_approve: True
emails:
completed:
subject: invite_user_to_project
template: invite_user_to_project_completed.txt
initial: null
token:
subject: invite_user_to_project
template: invite_user_to_project_token.txt
reset_user_password:
allow_auto_approve: True
emails:
completed:
subject: Password Reset for OpenStack
template: reset_user_password_completed.txt
initial: null
token:
subject: Password Reset for OpenStack
template: reset_user_password_token.txt
update_user_email:
allow_auto_approve: True
additional_actions:
- SendAdditionalEmailAction
actions:
SendAdditionalEmailAction:
initial:
email_current_user: true
subject: OpenStack Email Update Requested
template: update_user_email_started.txt
emails:
completed:
subject: Email Update Complete
template: update_user_email_completed.txt
initial: null
token:
subject: update_user_email_token
template: update_user_email_token.txt
update_quota:
allow_auto_approve: {{ adjutant_quota_allow_auto_approve | bool }}
emails:
completed:
subject: signup completed
template: create_project_and_user_completed.txt
initial: null
token: null
quota:
sizes:
{{ adjutant_quota_sizes | to_nice_yaml(indent=2, width=140) | indent(4, True) }}
sizes_ascending:
{{ adjutant_quota_sizes_asc | to_nice_yaml(indent=2, width=140) | indent(4, True) }}
services:
{{ adjutant_quota_services | to_nice_yaml(indent=2, width=140) | indent(4, True) }}
View Git Blame Copy Permalink