From 22208370f429ba1cdfe5067b48dc54b76f62aad8 Mon Sep 17 00:00:00 2001 From: Andrew Bonney Date: Thu, 22 Jul 2021 13:59:39 +0100 Subject: [PATCH] Fix shibboleth compatibility for ubuntu 18.04 Package and module names were accidentally updated to equivalents used for Debian and Ubuntu Focal+. This patch adds a temporary vars file for Ubuntu 18.04 to maintain compatibility. Change-Id: I50c649fda50b9e6a984abccdf61717a2294caaee --- vars/ubuntu-18.04.yml | 108 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) create mode 100644 vars/ubuntu-18.04.yml diff --git a/vars/ubuntu-18.04.yml b/vars/ubuntu-18.04.yml new file mode 100644 index 00000000..b8887cf8 --- /dev/null +++ b/vars/ubuntu-18.04.yml @@ -0,0 +1,108 @@ +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +cache_timeout: 600 + +keystone_distro_packages: + - git + - openssh-server + - rsync + - cron + - libpython3-dev + +keystone_devel_distro_packages: + - docutils-common + - libffi-dev + - libjs-sphinxdoc + - libjs-underscore + - libldap2-dev + - libsasl2-dev + - libsystemd-dev + - libssl-dev + - libxslt1.1 + - libxslt1-dev + - libxml2-dev + - pkg-config + - python3-dev + +keystone_service_distro_packages: + - python3-keystone + - python3-systemd + - uwsgi + - uwsgi-plugin-python3 + +keystone_apache_distro_packages: + - apache2 + - apache2-utils + - libapache2-mod-proxy-uwsgi + +keystone_nginx_distro_packages: + - nginx-extras + +keystone_idp_distro_packages: + - ssl-cert + - xmlsec1 + +keystone_sp_apache_mod_packages: + - name: libapache2-mod-shib2 + state: "{{ keystone_sp_apache_mod_shib | ternary('present', 'absent') }}" + - name: libapache2-mod-auth-openidc + state: "{{ keystone_sp_apache_mod_auth_openidc | ternary('present', 'absent') }}" + +keystone_developer_mode_distro_packages: + - build-essential + +keystone_oslomsg_amqp1_distro_packages: + - libsasl2-modules + - sasl2-bin + +keystone_apache_default_sites: + - "/etc/apache2/sites-enabled/000-default.conf" + +keystone_apache_site_available: "/etc/apache2/sites-available/keystone-httpd.conf" +keystone_apache_site_enabled: "/etc/apache2/sites-enabled/keystone-httpd.conf" +keystone_apache_conf: "/etc/apache2/apache2.conf" +keystone_apache_default_log_folder: "/var/log/apache2" +keystone_apache_default_log_owner: "root" +keystone_apache_default_log_grp: "adm" +keystone_apache_security_conf: "/etc/apache2/conf-available/security.conf" + +keystone_apache_configs: + - { src: "keystone-ports.conf.j2", dest: "/etc/apache2/ports.conf" } + - { src: "keystone-httpd.conf.j2", dest: "/etc/apache2/sites-available/keystone-httpd.conf" } + - { src: "keystone-httpd-mpm.conf.j2", dest: "/etc/apache2/mods-available/mpm_{{ keystone_httpd_mpm_backend }}.conf" } + +keystone_apache_modules: + - name: "ssl" + state: "{{ (keystone_ssl | bool) | ternary('present', 'absent') }}" + - name: "shib2" + state: "{{ keystone_sp_apache_mod_shib | ternary('present', 'absent') }}" + - name: "auth_openidc" + state: "{{ keystone_sp_apache_mod_auth_openidc | ternary('present', 'absent') }}" + - name: "proxy_uwsgi" + state: "present" + - name: "headers" + state: "present" +# This can be enabled when Apache2.5+ is available +# - name: "mod_journald" +# state: "present + +keystone_nginx_conf_path: "sites-available" + +keystone_system_service_name: apache2 + +keystone_uwsgi_bin: '/usr/bin' + +keystone_sshd: ssh