4a58212a5e
In order to unify approach for managing Apache Web server, we migrate to usage of standalone `httpd` role instead of managing apache separately inside service roles. Change-Id: I5be9be18ec0b61a4c24f4ac670cf195db0a65dc8
59 lines
1.5 KiB
YAML
59 lines
1.5 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
keystone_distro_packages:
|
|
- ca-certificates
|
|
- cronie
|
|
- cronie-anacron
|
|
- git
|
|
- openssh-server
|
|
- rsync
|
|
|
|
keystone_devel_distro_packages:
|
|
- cyrus-sasl-lib
|
|
- libffi-devel
|
|
- libxml2-devel
|
|
- libxslt-devel
|
|
- openldap-devel
|
|
- openssl-devel
|
|
- systemd-devel
|
|
- which
|
|
|
|
keystone_service_distro_packages:
|
|
- openstack-keystone
|
|
- python3-systemd
|
|
|
|
keystone_idp_distro_packages:
|
|
- xmlsec1
|
|
|
|
# From 2.4.11, mod_auth_openidc ignores X-Forwarded headers unless explicitly configured
|
|
_keystone_sp_apache_mod_auth_openidc_gte_2_4_11: true
|
|
|
|
keystone_sp_apache_mod_packages:
|
|
- name: shibboleth
|
|
state: "{{ keystone_sp_apache_mod_shib | ternary('present', 'absent') }}"
|
|
- name: mod-auth-openidc
|
|
state: "{{ keystone_sp_apache_mod_auth_openidc | ternary('present', 'absent') }}"
|
|
|
|
keystone_developer_mode_distro_packages:
|
|
- gcc
|
|
|
|
keystone_deprecated_apache_configs:
|
|
- /etc/httpd/conf.d/keystone-httpd.conf
|
|
|
|
keystone_uwsgi_bin: "/usr/sbin"
|
|
|
|
keystone_sshd: sshd
|