def create_vncproxy_manifest(config, messages): if config["CONFIG_HORIZON_SSL"] == 'y': if config["CONFIG_VNC_SSL_CERT"]: ssl_cert_file = config["CONFIG_VNC_SSL_CERT"] ssl_key_file = config["CONFIG_VNC_SSL_KEY"] if not os.path.exists(ssl_cert_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_cert_file) if not os.path.exists(ssl_key_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_key_file) final_cert = open(ssl_cert_file, 'rt').read() final_key = open(ssl_key_file, 'rt').read() deliver_ssl_file(final_cert, ssl_cert_file, config['CONFIG_CONTROLLER_HOST']) deliver_ssl_file(final_key, ssl_key_file, config['CONFIG_CONTROLLER_HOST']) else: config["CONFIG_VNC_SSL_CERT"] = '/etc/pki/tls/certs/ssl_vnc.crt' config["CONFIG_VNC_SSL_KEY"] = '/etc/pki/tls/private/ssl_vnc.key' ssl_key_file = config["CONFIG_VNC_SSL_KEY"] ssl_cert_file = config["CONFIG_VNC_SSL_CERT"] ssl_host = config['CONFIG_CONTROLLER_HOST'] service = 'vnc' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file)
def create_manifest(config, messages): horizon_host = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_horizon.pp" % horizon_host proto = "http" config["CONFIG_HORIZON_PORT"] = 80 sslmanifestdata = '' if config["CONFIG_HORIZON_SSL"] == 'y': config["CONFIG_HORIZON_PORT"] = 443 proto = "https" # Are we using the users cert/key files if config["CONFIG_HORIZON_SSL_CERT"]: ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"] ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"] ssl_chain_file = config["CONFIG_HORIZON_SSL_CACERT"] if not os.path.exists(ssl_cert_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_cert_file) if not os.path.exists(ssl_key_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_key_file) if not os.path.exists(ssl_chain_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_chain_file) final_cert = open(ssl_cert_file, 'rt').read() final_key = open(ssl_key_file, 'rt').read() final_cacert = open(ssl_chain_file, 'rt').read() host = config['CONFIG_CONTROLLER_HOST'] deliver_ssl_file(final_cacert, ssl_chain_file, host) deliver_ssl_file(final_cert, ssl_cert_file, host) deliver_ssl_file(final_key, ssl_key_file, host) else: ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"] = ( '/etc/pki/tls/certs/ssl_dashboard.crt') ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"] = ( '/etc/pki/tls/private/ssl_dashboard.key') cacert = config['CONFIG_SSL_CACERT'] config["CONFIG_HORIZON_SSL_CACERT"] = cacert ssl_host = config['CONFIG_CONTROLLER_HOST'] service = 'dashboard' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) messages.append( "%sNOTE%s : A certificate was generated to be used for ssl, " "You should change the ssl certificate configured in " "/etc/httpd/conf.d/ssl.conf on %s to use a CA signed cert." % (utils.COLORS['red'], utils.COLORS['nocolor'], horizon_host)) config["CONFIG_HORIZON_NEUTRON_LB"] = False config["CONFIG_HORIZON_NEUTRON_FW"] = False config["CONFIG_HORIZON_NEUTRON_VPN"] = False if config['CONFIG_NEUTRON_INSTALL'] == 'y': if config["CONFIG_LBAAS_INSTALL"] == 'y': config["CONFIG_HORIZON_NEUTRON_LB"] = True if config["CONFIG_NEUTRON_FWAAS"] == 'y': config["CONFIG_HORIZON_NEUTRON_FW"] = True if config["CONFIG_NEUTRON_VPNAAS"] == 'y': config["CONFIG_HORIZON_NEUTRON_VPN"] = True manifestdata = getManifestTemplate("horizon") appendManifestFile(manifestfile, manifestdata) msg = ("To access the OpenStack Dashboard browse to %s://%s/dashboard .\n" "Please, find your login credentials stored in the keystonerc_admin" " in your home directory." % (proto, config['CONFIG_CONTROLLER_HOST'])) messages.append(msg)
def create_manifest(config, messages): horizon_host = config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_horizon.pp" % horizon_host proto = "http" config["CONFIG_HORIZON_PORT"] = 80 sslmanifestdata = '' if config["CONFIG_HORIZON_SSL"] == 'y': config["CONFIG_HORIZON_PORT"] = 443 proto = "https" # Are we using the users cert/key files if config["CONFIG_HORIZON_SSL_CERT"]: ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"] ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"] ssl_chain_file = config["CONFIG_HORIZON_SSL_CACERT"] if not os.path.exists(ssl_cert_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_cert_file) if not os.path.exists(ssl_key_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_key_file) if not os.path.exists(ssl_chain_file): raise exceptions.ParamValidationError( "The file %s doesn't exist" % ssl_chain_file) final_cert = open(ssl_cert_file, 'rt').read() final_key = open(ssl_key_file, 'rt').read() final_cacert = open(ssl_chain_file, 'rt').read() host = config['CONFIG_CONTROLLER_HOST'] deliver_ssl_file(final_cacert, ssl_chain_file, host) deliver_ssl_file(final_cert, ssl_cert_file, host) deliver_ssl_file(final_key, ssl_key_file, host) else: ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"] = ( '/etc/pki/tls/certs/ssl_dashboard.crt' ) ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"] = ( '/etc/pki/tls/private/ssl_dashboard.key' ) cacert = config['CONFIG_SSL_CACERT'] config["CONFIG_HORIZON_SSL_CACERT"] = cacert ssl_host = config['CONFIG_CONTROLLER_HOST'] service = 'dashboard' generate_ssl_cert(config, ssl_host, service, ssl_key_file, ssl_cert_file) messages.append( "%sNOTE%s : A certificate was generated to be used for ssl, " "You should change the ssl certificate configured in " "/etc/httpd/conf.d/ssl.conf on %s to use a CA signed cert." % (utils.COLORS['red'], utils.COLORS['nocolor'], horizon_host)) config["CONFIG_HORIZON_NEUTRON_LB"] = False config["CONFIG_HORIZON_NEUTRON_FW"] = False config["CONFIG_HORIZON_NEUTRON_VPN"] = False if config['CONFIG_NEUTRON_INSTALL'] == 'y': if config["CONFIG_LBAAS_INSTALL"] == 'y': config["CONFIG_HORIZON_NEUTRON_LB"] = True if config["CONFIG_NEUTRON_FWAAS"] == 'y': config["CONFIG_HORIZON_NEUTRON_FW"] = True if config["CONFIG_NEUTRON_VPNAAS"] == 'y': config["CONFIG_HORIZON_NEUTRON_VPN"] = True manifestdata = getManifestTemplate("horizon") manifestdata += getManifestTemplate("apache_ports") appendManifestFile(manifestfile, manifestdata) msg = ("To access the OpenStack Dashboard browse to %s://%s/dashboard .\n" "Please, find your login credentials stored in the keystonerc_admin" " in your home directory." % (proto, config['CONFIG_CONTROLLER_HOST'])) messages.append(msg)