From 95641cbd26b35ed59e0614bac4cfdf1e6b13a07a Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
Date: Thu, 25 Jul 2024 16:56:09 +0200
Subject: [PATCH] Remove excessive bindings for uWSGI

For scenario where keystone_use_uwsgi is False and Apache is being used
as a proxy, it does not make sense to have a binding on HTTP port as
only socket binding is being used by Apache. And vice-versa, when
keystone_use_uwsgi is enabled only socket binding is being used

Change-Id: I07d22c35b0952a42cbb72657fabfa8490a50b896
---
 defaults/main.yml | 13 +++++++++----
 handlers/main.yml |  5 ++---
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 89cf9ccb..eeaa224e 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -251,7 +251,6 @@ keystone_uwsgi_bind_address: "{{ openstack_service_bind_address | default('0.0.0
 
 keystone_uwsgi_ports:
   keystone-wsgi-public:
-    http: 37358
     socket: 35358
 
 keystone_uwsgi_ini_overrides: {}
@@ -639,9 +638,15 @@ keystone_services:
     group: keystone_all
     wsgi_app: True
     wsgi_path: "{{ keystone_bin }}/keystone-wsgi-public"
-    uwsgi_overrides: "{{ keystone_default_uwsgi_overrides | combine(keystone_uwsgi_ini_overrides, recursive=True) }}"
-    uwsgi_bind_address: "{{ keystone_uwsgi_bind_address }}"
-    uwsgi_port: "{{ (keystone_use_uwsgi | bool) | ternary(keystone_service_port, keystone_uwsgi_ports['keystone-wsgi-public']['http']) }}"
+    uwsgi_overrides: >-
+      {{
+        (keystone_use_uwsgi | bool) | ternary(
+          keystone_default_uwsgi_overrides,
+          keystone_default_uwsgi_overrides | combine(keystone_uwsgi_ini_overrides, recursive=True)
+        )
+      }}
+    uwsgi_bind_address: "{{ (keystone_use_uwsgi | bool) | ternary(keystone_uwsgi_bind_address, []) }}"
+    uwsgi_port: "{{ (keystone_use_uwsgi | bool) | ternary(keystone_service_port, '') }}"
 
 ## Extra HTTP headers for Keystone
 # Add any additional headers here that Keystone should return.
diff --git a/handlers/main.yml b/handlers/main.yml
index 7e828a42..3cd5aed8 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -72,11 +72,10 @@
 
 - name: Wait for uWSGI socket to be ready
   wait_for:
-    port: "{{ item }}"
+    host: "{{ (keystone_use_uwsgi | bool) | ternary(keystone_uwsgi_bind_address, '127.0.0.1') }}"
+    port: "{{ (keystone_use_uwsgi | bool) | ternary(keystone_service_port, keystone_uwsgi_ports['keystone-wsgi-public']['socket']) }}"
     timeout: 25
     delay: 10
-  with_items:
-    - "{{ keystone_uwsgi_ports['keystone-wsgi-public']['socket'] }}"
   register: _wait_check
   until: _wait_check is success
   retries: 5