From owner-svn-ports-head@freebsd.org Tue Jul 10 09:45:09 2018 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 31A031038B9C; Tue, 10 Jul 2018 09:45:09 +0000 (UTC) (envelope-from miwi@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D2E5E8CECC; Tue, 10 Jul 2018 09:45:08 +0000 (UTC) (envelope-from miwi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 972412252B; Tue, 10 Jul 2018 09:45:08 +0000 (UTC) (envelope-from miwi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w6A9j8AZ053914; Tue, 10 Jul 2018 09:45:08 GMT (envelope-from miwi@FreeBSD.org) Received: (from miwi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w6A9j7Iv053910; Tue, 10 Jul 2018 09:45:07 GMT (envelope-from miwi@FreeBSD.org) Message-Id: <201807100945.w6A9j7Iv053910@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: miwi set sender to miwi@FreeBSD.org using -f From: Martin Wilke Date: Tue, 10 Jul 2018 09:45:07 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r474349 - in head/security/py-keystone: . files X-SVN-Group: ports-head X-SVN-Commit-Author: miwi X-SVN-Commit-Paths: in head/security/py-keystone: . files X-SVN-Commit-Revision: 474349 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jul 2018 09:45:09 -0000 Author: miwi Date: Tue Jul 10 09:45:07 2018 New Revision: 474349 URL: https://svnweb.freebsd.org/changeset/ports/474349 Log: - Update to 13.0.0 - Added LICENSE_FILE - Changed BUILD_DEPENDS + RUN_DEPENDS to reflect the new dependencies - Added DOCS option with the appropriate dependencies - Added CONFLICTS_INSTALL - Added further options (EXAMPLES, LDAP, MEMCACHED, MONGODB, MYSQL and PGSQL) - Refined post-patch target - Added pkg-message - Updated WWW PR: 228849 Submitted by: freebsd_ports@k-worx.org Approved by: maintainer Sponsored by: iXsystems Inc. Added: head/security/py-keystone/files/ head/security/py-keystone/files/pkg-message.in (contents, props changed) Modified: head/security/py-keystone/Makefile head/security/py-keystone/distinfo head/security/py-keystone/pkg-descr head/security/py-keystone/pkg-plist Modified: head/security/py-keystone/Makefile ============================================================================== --- head/security/py-keystone/Makefile Tue Jul 10 09:42:29 2018 (r474348) +++ head/security/py-keystone/Makefile Tue Jul 10 09:45:07 2018 (r474349) @@ -2,87 +2,133 @@ # $FreeBSD$ PORTNAME= keystone -PORTVERSION= 10.0.0 -PORTREVISION= 4 +PORTVERSION= 13.0.0 CATEGORIES= security python -MASTER_SITES= https://fossies.org/linux/misc/openstack/ +MASTER_SITES= https://tarballs.openstack.org/keystone/ PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} MAINTAINER= alexander.nusov@nfvexpress.com -COMMENT= OpenStack Keystone +COMMENT= OpenStack Keystone / Identity service LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pbr>=1.6:devel/py-pbr@${PY_FLAVOR} -RUN_DEPENDS:= ${BUILD_DEPENDS} -RUN_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}Babel>=2.3.4:devel/py-babel@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}webob>=1.2.3:www/py-webob@${PY_FLAVOR} \ +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pbr>=2.0.0:devel/py-pbr@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pbr>=2.0.0:devel/py-pbr@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}Babel>=2.3.4:devel/py-babel@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}webob>=1.7.1:www/py-webob@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}PasteDeploy>=1.5.0:www/py-pastedeploy@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}Paste>=0:www/py-paste@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}routes>=0:www/py-routes@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}cryptography>=0:security/py-cryptography@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}six>=1.9.0:devel/py-six@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}sqlalchemy10>=0:databases/py-sqlalchemy10@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}sqlalchemy-migrate>=0.9.6:databases/py-sqlalchemy-migrate@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}stevedore>=1.16.0:devel/py-stevedore@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}passlib>=1.6:security/py-passlib@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}python-keystoneclient>=0:net/py-python-keystoneclient@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}keystonemiddleware>=0:devel/py-keystonemiddleware@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.cache>=1.5.0:devel/py-oslo.cache@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.concurrency>=3.8.0:devel/py-oslo.concurrency@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.config>=3.14.0:devel/py-oslo.config@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.context>=2.9.0:devel/py-oslo.context@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.messaging>=5.2.0:devel/py-oslo.messaging@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.db>=0:devel/py-oslo.db@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.i18n>=2.1.0:devel/py-oslo.i18n@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.log>=1.14.0:devel/py-oslo.log@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.middleware>=3.0.0:devel/py-oslo.middleware@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.policy>=1.9.0:devel/py-oslo.policy@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.serialization>=1.10.0:devel/py-oslo.serialization@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oslo.utils>=3.16.0:devel/py-oslo.utils@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}oauthlib>=0.6:security/py-oauthlib@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}pysaml2>=0:security/py-pysaml2@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}Paste>=2.0.2:www/py-paste@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}routes>=2.3.1:www/py-routes@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}cryptography>=1.9:security/py-cryptography@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}six>=1.10.0:devel/py-six@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}sqlalchemy10>=1.0.10:databases/py-sqlalchemy10@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}sqlalchemy-migrate>=0.11.0:databases/py-sqlalchemy-migrate@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}stevedore>=1.20.0:devel/py-stevedore@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}passlib>=1.7.0:security/py-passlib@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}python-keystoneclient>=3.8.0:net/py-python-keystoneclient@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}keystonemiddleware>=4.17.0:devel/py-keystonemiddleware@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}bcrypt>=3.1.3:security/py-bcrypt@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}scrypt>=0.8.0:security/py-scrypt@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.cache>=1.26.0:devel/py-oslo.cache@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.concurrency>=3.25.0:devel/py-oslo.concurrency@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.config>=5.1.0:devel/py-oslo.config@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.context>=2.19.2:devel/py-oslo.context@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.messaging>=5.29.0:devel/py-oslo.messaging@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.db>=4.27.0:devel/py-oslo.db@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.i18n>=3.15.3:devel/py-oslo.i18n@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.log>=3.36.0:devel/py-oslo.log@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.middleware>=3.31.0:devel/py-oslo.middleware@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.policy>=1.30.0:devel/py-oslo.policy@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.serialization>=2.18.0:devel/py-oslo.serialization@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.utils>=3.33.0:devel/py-oslo.utils@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oauthlib>=0.6.0:security/py-oauthlib@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pysaml2>=4.0.2:security/py-pysaml2@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}dogpile.cache>=0.6.2:devel/py-dogpile.cache@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}jsonschema>=0:devel/py-jsonschema@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}pycadf>=0:devel/py-pycadf@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}msgpack>=0.4.0:devel/py-msgpack@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}jsonschema>=2.6.0:devel/py-jsonschema@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}pycadf>=1.1.0:devel/py-pycadf@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}osprofiler>=1.4.0:devel/py-osprofiler@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}sqlparse>=0:databases/py-sqlparse@${PY_FLAVOR} \ - ${PYTHON_PKGNAMEPREFIX}python-editor>=0:devel/py-python-editor@${PY_FLAVOR} + ${PYTHON_PKGNAMEPREFIX}pytz>=2013.6:devel/py-pytz@${PY_FLAVOR} +USES= python +USE_PYTHON= autoplist distutils NO_ARCH= yes -REINPLACE_ARGS= -i '' -USES= python -USE_PYTHON= autoplist distutils noegginfo - USERS= keystone GROUPS= keystone +PORTDOCS= * +PORTEXAMPLES= examples/* httpd/* playbooks/* + +SUB_FILES= pkg-message +SUB_LIST= EXAMPLESDIR=${EXAMPLESDIR} PREFIX=${PREFIX} + +CONFLICTS_INSTALL= py??-keystone-* + +OPTIONS_DEFINE= DOCS EXAMPLES +OPTIONS_GROUP= MISC +OPTIONS_GROUP_MISC= LDAP MEMCACHED MONGODB +OPTIONS_RADIO= DB +OPTIONS_RADIO_DB= MYSQL PGSQL + +LDAP_DESC= LDAP support +MEMCACHED_DESC= memcached support +MONGODB_DESC= MongoDB support (used for messaging services) +MYSQL_DESC= MySQL/MariaDB support +PGSQL_DESC= PostgreSQL support + +DOCS_BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}sphinx>=1.6.2:textproc/py-sphinx@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}openstackdocstheme>=1.18.1:textproc/py-openstackdocstheme@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}reno>=2.5.0:textproc/py-reno@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}ldap>=2.4.20:net/py-ldap@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}testtools>=2.2.0:devel/py-testtools@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}os-api-ref>=1.4.0:textproc/py-os-api-ref@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}WebTest>=2.0.27:www/py-WebTest@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}mock>=2.0.0:devel/py-mock@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}freezegun>=0.3.6:devel/py-freezegun@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}flake8-docstrings>=0.2.1:devel/py-flake8-docstrings@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslotest>=3.2.0:devel/py-oslotest@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}oslo.db>=4.27.0:devel/py-oslo.db@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}lxml>=3.4.1:devel/py-lxml@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}ldappool>=2.0.0:net/py-ldappool@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}osprofiler>=0:devel/py-osprofiler@${PY_FLAVOR} \ + ${RUN_DEPENDS} +DOCS_VARS= PYDISTUTILS_BUILD_TARGET+="build_sphinx -a -E" +LDAP_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}ldap>=2.4.20:net/py-ldap@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}ldappool>=2.0.0:net/py-ldappool@${PY_FLAVOR} +MEMCACHED_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}python-memcached>=1.56:databases/py-python-memcached@${PY_FLAVOR} +MONGODB_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pymongo>=3.0.2:databases/pymongo@${PY_FLAVOR} +MYSQL_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pymysql>=0:databases/py-pymysql@${PY_FLAVOR} +PGSQL_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}psycopg2>=0:databases/py-psycopg2@${PY_FLAVOR} + post-patch: - @${REINPLACE_CMD} -e 's|msgpack-python|msgpack|' ${WRKSRC}/requirements.txt ${WRKSRC}/keystone.egg-info/requires.txt - ${REINPLACE_CMD} -e "s|/etc/keystone|${PREFIX}/etc/${PORTNAME}|g" \ - ${WRKSRC}/doc/source/apache-httpd.rst \ - ${WRKSRC}/doc/source/api_curl_examples.rst \ - ${WRKSRC}/doc/source/configuration.rst \ - ${WRKSRC}/doc/source/event_notifications.rst \ - ${WRKSRC}/doc/source/federation/configure_federation.rst \ - ${WRKSRC}/doc/source/http-api.rst \ - ${WRKSRC}/doc/source/installing.rst \ - ${WRKSRC}/doc/source/upgrading.rst \ - ${WRKSRC}/etc/keystone.conf.sample \ - ${WRKSRC}/keystone/tests/unit/test_ldap_tls_livetest.py \ - ${WRKSRC}/keystone/conf/fernet_tokens.py \ - ${WRKSRC}/keystone/conf/signing.py \ - ${WRKSRC}/keystone/conf/saml.py \ - ${WRKSRC}/keystone/conf/identity.py \ - ${WRKSRC}/keystone/conf/constants.py \ - ${WRKSRC}/keystone/conf/credential.py \ - ${WRKSRC}/keystone/conf/federation.py \ - ${WRKSRC}/keystone/common/profiler.py + @${REINPLACE_CMD} -Ee 's|(pysaml2)<4.0.3,|\1|' ${WRKSRC}/requirements.txt + @${GREP} -Rl -e '/etc/keystone/' --null \ + ${WRKSRC}/etc ${WRKSRC}/doc ${WRKSRC}/keystone | \ + ${XARGS} -0 ${REINPLACE_CMD} -i '' -Ee \ + "s|/etc/keystone/|${ETCDIR}/|g" + @${GREP} -Rl -e '/var/log/apache2/' --null \ + ${WRKSRC}/doc ${WRKSRC}/httpd | \ + ${XARGS} -0 ${REINPLACE_CMD} -i '' -Ee \ + "s|(/var/log)/apache2|\1|g" + post-install: - ${MKDIR} ${STAGEDIR}${ETCDIR} - ${CP} -R ${WRKSRC}/etc/ ${STAGEDIR}${ETCDIR} + @${MKDIR} ${STAGEDIR}${ETCDIR} + (cd ${WRKSRC}/etc && for f in *; do \ + ${INSTALL_DATA} $${f} ${STAGEDIR}${ETCDIR}; done) + +post-install-DOCS-on: + @${MKDIR} ${STAGEDIR}${DOCSDIR} + (cd ${WRKSRC}/doc/build/html && \ + ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR} \ + "! -name .buildinfo -and ! -name objects.inv") + +post-install-EXAMPLES-on: + @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} +.for dir in ${PORTEXAMPLES:C/\/\*//} + @${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/${dir} + (cd ${WRKSRC}/${dir} && ${COPYTREE_SHARE} . ${STAGEDIR}${EXAMPLESDIR}/${dir}) +.endfor .include Modified: head/security/py-keystone/distinfo ============================================================================== --- head/security/py-keystone/distinfo Tue Jul 10 09:42:29 2018 (r474348) +++ head/security/py-keystone/distinfo Tue Jul 10 09:45:07 2018 (r474349) @@ -1,3 +1,3 @@ -TIMESTAMP = 1476962582 -SHA256 (keystone-10.0.0.tar.gz) = 5317c7a0c67ec5184e3efabd513ed7bd2eb3a5d537e24d781bc252035f46ae63 -SIZE (keystone-10.0.0.tar.gz) = 1355520 +TIMESTAMP = 1527285271 +SHA256 (keystone-13.0.0.tar.gz) = 34f8839c4ebd49c350ccd595eb52cd3bf711e3d51c64c3c91eb465cb650a4b56 +SIZE (keystone-13.0.0.tar.gz) = 1462543 Added: head/security/py-keystone/files/pkg-message.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-keystone/files/pkg-message.in Tue Jul 10 09:45:07 2018 (r474349) @@ -0,0 +1,126 @@ +================================================================================ + +================== + 1. Prerequisites +================== + +On the system where Keystone will run: +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- a httpd service, e.g. apache, in conjunction with mod_wsgi or + mod_proxy_uswgi is required to make Keystone available. +- Please have a look in %%EXAMPLESDIR%%/httpd + for some example configurations. + +On the system that will be used to manage the Keystone service: +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- create an normal user +- install the OpenStack client (net/py-python-openstackclient) + +=================================== + 2. Configure the Keystone service +=================================== + +Edit %%PREFIX%%/etc/keystone/keystone.conf . + +Database access: +~~~~~~~~~~~~~~~~ + +In the [database] section, set the location for the database. Please make sure, +that you use an absolute path otherwise Keystone won't work properly. + +[database] +# ... +connection = sqlite:////var/lib/keystone/keystone.db + +Token provider: +~~~~~~~~~~~~~~~ + +In the [token] section, configure the Fernet token provider: + +[token] +# ... +provider = fernet + +=========================================== + 3. Populate the Identity service database +=========================================== + +# su -m keystone -c "keystone-manage db_sync" + +======================================= + 4. Initialize Fernet key repositories +======================================= + +The key repositories will be placed by default in: + +- %%PREFIX%%/etc/keystone/credential-keys/ +- %%PREFIX%%/etc/keystone/fernet-keys/ + +# keystone-manage fernet_setup --keystone-user keystone \ + --keystone-group keystone + +# keystone-manage credential_setup --keystone-user keystone \ + --keystone-group keystone + +=================================== + 5. Bootstrap the Identity service +=================================== + +# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \ + --bootstrap-admin-url http://HOSTNAME:35357/v3/ \ + --bootstrap-internal-url http://HOSTNAME:5000/v3/ \ + --bootstrap-public-url http://HOSTNAME:5000/v3/ \ + --bootstrap-region-id RegionOne + +============================= + 6. Configure the web server +============================= + +Refer to the example configuration files in +%%EXAMPLESDIR%%/httpd + +============================= + 7. Configure the admin user +============================= + +Login with the user that should be used for the administrative tasks and set the +environment variables as listed below: + +$ export OS_USERNAME=admin +$ export OS_PASSWORD=ADMIN_PASS +$ export OS_PROJECT_NAME=admin +$ export OS_USER_DOMAIN_NAME=Default +$ export OS_PROJECT_DOMAIN_NAME=Default +$ export OS_AUTH_URL=http://HOSTNAME:35357/v3 +$ export OS_IDENTITY_API_VERSION=3 + +=============================================== + 8. Create a domain, projects, users and roles +=============================================== + +$ openstack domain create --description "An Example Domain" example + +$ openstack project create --domain default \ + --description "Service project" service + +$ openstack project create --domain default \ + --description "Demo Project" demo + +$ openstack user create --domain default \ + --password-prompt demo + +===================== + 9. Verify operation +===================== + +$ unset OS_AUTH_URL OS_PASSWORD + +$ openstack --os-auth-url http://HOSTNAME:35357/v3 \ + --os-project-domain-name Default --os-user-domain-name Default \ + --os-project-name admin --os-username admin token issue + +$ openstack --os-auth-url http://HOSTNAME:5000/v3 \ + --os-project-domain-name Default --os-user-domain-name Default \ + --os-project-name demo --os-username demo token issue + +================================================================================ Modified: head/security/py-keystone/pkg-descr ============================================================================== --- head/security/py-keystone/pkg-descr Tue Jul 10 09:42:29 2018 (r474348) +++ head/security/py-keystone/pkg-descr Tue Jul 10 09:45:07 2018 (r474349) @@ -1,6 +1,7 @@ Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. + It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP. -WWW: https://docs.openstack.org/keystone/latest/ +WWW: https://docs.openstack.org/keystone/ Modified: head/security/py-keystone/pkg-plist ============================================================================== --- head/security/py-keystone/pkg-plist Tue Jul 10 09:42:29 2018 (r474348) +++ head/security/py-keystone/pkg-plist Tue Jul 10 09:45:07 2018 (r474349) @@ -3,7 +3,4 @@ @sample %%ETCDIR%%/keystone.conf.sample @sample %%ETCDIR%%/logging.conf.sample %%ETCDIR%%/default_catalog.templates -%%ETCDIR%%/keystone-paste.ini -%%ETCDIR%%/policy.json -%%ETCDIR%%/sso_callback_template.html %%ETCDIR%%/policy.v3cloudsample.json