chef/cookbooks/horizon/templates/default/local_settings.py.erb
import os
from django.utils.translation import ugettext_lazy as _
from horizon.utils import secret_key
from openstack_dashboard import exceptions
from openstack_dashboard.settings import HORIZON_CONFIG
DEBUG = <%= @debug ? 'True' : 'False' %>
ALLOWED_HOSTS = ['*']
<%= @use_ssl ? '' : '# ' %>SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
<%= @use_ssl ? '' : '# ' %>CSRF_COOKIE_SECURE = True
<%= @use_ssl ? '' : '# ' %>SESSION_COOKIE_SECURE = True
OPENSTACK_API_VERSIONS = {
"data_processing": 1.1,
"identity": <%= @keystone_settings['api_version'] %>,
"image": 2,
"volume": 2,
"compute": 2
}
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = <%= @multi_domain_support ? 'True' : 'False' %>
HORIZON_CONFIG["password_validator"] = {
"regex": '<%= @password_validator_regex != "" ? @password_validator_regex : ".*" %>',
<% unless @password_validator_help_text.empty? %>
"help_text": <%= @password_validator_help_text.dump %>
<% else -%>
"help_text": _("Your password does not meet the requirements.")
<% end -%>
}
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': [
<% @memcached_locations.each do |memcached_location| -%>
'<%= memcached_location %>',
<% end -%>
],
'KEY_PREFIX': '<%= node[:horizon][:config][:environment] %>'
}
}
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
OPENSTACK_HOST = "<%= @keystone_settings['internal_url_host'] %>"
OPENSTACK_KEYSTONE_URL = "<%= @keystone_settings['unversioned_internal_auth_url'] %>"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "member"
OPENSTACK_SSL_NO_VERIFY = <%= @insecure ? "True" : "False" %>
OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True
OPENSTACK_HYPERVISOR_FEATURES = {
'can_set_mount_point': <%= @can_set_mount_point ? "True" : "False" %>,
'can_set_password': <%= @can_set_password ? "True" : "False" %>,
'requires_keypair': False,
}
OPENSTACK_NEUTRON_NETWORK = {
'enable_router': True,
'enable_quotas': True,
'enable_ipv6': False,
'enable_distributed_router': <%= @neutron_use_dvr ? "True" : "False" -%>,
'enable_ha_router': <%= @neutron_use_l3_ha ? "True" : "False" -%>,
'enable_fip_topology_check': True,
# Neutron can be configured with a default Subnet Pool to be used for IPv4
# subnet-allocation. Specify the label you wish to display in the Address
# pool selector on the create subnet step if you want to use this feature.
'default_ipv4_subnet_pool_label': None,
# Neutron can be configured with a default Subnet Pool to be used for IPv6
# subnet-allocation. Specify the label you wish to display in the Address
# pool selector on the create subnet step if you want to use this feature.
# You must set this to enable IPv6 Prefix Delegation in a PD-capable
# environment.
'default_ipv6_subnet_pool_label': None,
# Set which provider network types are supported. Only the network types
# in this list will be available to choose from when creating a network.
# Network types include local, flat, vlan, gre, and vxlan.
'supported_provider_types': <%= @neutron_ml2_type_drivers %>,
# Set which VNIC types are supported for port binding. Only the VNIC
# types in this list will be available to choose from when creating a
# port.
# VNIC types include 'normal', 'macvtap' and 'direct'.
# Set to empty list or None to disable VNIC type selection.
'supported_vnic_types': ['*'],
}
OPENSTACK_ENDPOINT_TYPE = "internalURL"
TIME_ZONE = "<%= @timezone %>"
ENFORCE_PASSWORD_CHECK = True
<% if @policy_file_path.empty? -%>
<% else -%>
POLICY_FILES_PATH = '<%= @policy_file_path %>'
<% end -%>
POLICY_FILES = {
'identity': '<%= @policy_file[:identity] %>',
'compute': '<%= @policy_file[:compute] %>',
'volume': '<%= @policy_file[:volume] %>',
'image': '<%= @policy_file[:image] %>',
'network': '<%= @policy_file[:network] %>',
'neutron-fwaas': '<%= @policy_file[:neutron_fwaas] %>',
}
LOGGING = {
'version': 1,
# When set to True this will disable all logging except
# for loggers specified in this configuration dictionary. Note that
# if nothing is specified here and disable_existing_loggers is True,
# django.db.backends will still log unless it is disabled explicitly.
'disable_existing_loggers': False,
'handlers': {
'null': {
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'class': 'logging.NullHandler',
},
'console': {
# Set the level to "DEBUG" for verbose output logging.
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'class': 'logging.StreamHandler',
},
},
'loggers': {
# Logging from django.db.backends is VERY verbose, send to null
# by default.
'django.db.backends': {
'handlers': ['null'],
'propagate': False,
},
'requests': {
'handlers': ['null'],
'propagate': False,
},
'horizon': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'openstack_dashboard': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'novaclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'cinderclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'keystoneclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'glanceclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'neutronclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'heatclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'ceilometerclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'troveclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'swiftclient': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'openstack_auth': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'nose.plugins.manager': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'django': {
'handlers': ['console'],
'level': '<%= @debug ? 'DEBUG' : 'INFO' %>',
'propagate': False,
},
'iso8601': {
'handlers': ['null'],
'propagate': False,
},
'scss': {
'handlers': ['null'],
'propagate': False,
},
}
}
HORIZON_CONFIG['help_url'] = "<%= @help_url %>"
COMPRESS_CACHE_KEY_FUNCTION='compressor.cache.socket_cachekey'
SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db'
DATABASES = {
'default': {
<% @db_settings.sort_by { |key, value| key }.each do |key,value| -%>
'<%= key %>': <%= value %>,
<% end -%>
<% unless @db_ca_certs.empty? %>
'OPTIONS': {
'ssl': {
'ca': '<%= @db_ca_certs %>'
}
}
<% end %>
},
}
SITE_BRANDING = "<%= @site_branding %>"
<% unless @site_branding_link.empty? -%>
SITE_BRANDING_LINK = "<%= @site_branding_link %>"
<% end -%>
<% if node[:horizon].key?(:external_monitoring) -%>
EXTERNAL_MONITORING = [
<% node[:horizon][:external_monitoring].each do |name, url| -%>
['<%= name %>', '<%= url %>'],
<% end -%>
]
<% end -%>
SESSION_TIMEOUT = <%= @session_timeout * 60 %>
SECRET_KEY = "<%= @secret_key %>"
# FIXME(gyee): if we ever going to support multiple protocols or multiple
# IDPs, we'll need to refactor this accordingly.
<% if @openidc_enabled %>
WEBSSO_ENABLED = True
# NOTE(gyee): this need to be versioned public Keystone URL as this is used
# to redirect the browsers to Keystone.
WEBSSO_KEYSTONE_URL = "<%= @websso_keystone_url %>"
WEBSSO_CHOICES = (
("credentials", _("Keystone Credentials")),
("openid", _("OpenID Connect")),
)
<% end %>
SHOW_KEYSTONE_V2_RC = False