def __call__(self):
# late import to work around circular dependency
from keystone_utils import (
determine_ports,
update_hash_from_path,
)
ssl_paths = [CA_CERT_PATH,
os.path.join('/etc/apache2/ssl/',
self.service_namespace)]
self.external_ports = determine_ports()
before = hashlib.sha256()
for path in ssl_paths:
update_hash_from_path(before, path)
ret = super(ApacheSSLContext, self).__call__()
after = hashlib.sha256()
for path in ssl_paths:
update_hash_from_path(after, path)
# Ensure that apache2 is restarted if these change
if before.hexdigest() != after.hexdigest():
service_restart('apache2')
return ret
def __call__(self):
# late import to work around circular dependency
from keystone_utils import (
determine_ports,
update_hash_from_path,
)
ssl_paths = [
CA_CERT_PATH,
os.path.join('/etc/apache2/ssl/', self.service_namespace)
]
self.external_ports = determine_ports()
before = hashlib.sha256()
for path in ssl_paths:
update_hash_from_path(before, path)
ret = super(ApacheSSLContext, self).__call__()
after = hashlib.sha256()
for path in ssl_paths:
update_hash_from_path(after, path)
# Ensure that apache2 is restarted if these change
if before.hexdigest() != after.hexdigest():
service_restart('apache2')
return ret
def __call__(self):
# late import to work around circular dependency
from keystone_utils import (determine_ports, update_hash_from_path,
APACHE_SSL_DIR)
ssl_paths = [CA_CERT_PATH, APACHE_SSL_DIR]
self.external_ports = determine_ports()
before = hashlib.sha256()
for path in ssl_paths:
update_hash_from_path(before, path)
ret = super(NginxSSLContext, self).__call__()
if not ret:
log("SSL not used", level='DEBUG')
return {}
after = hashlib.sha256()
for path in ssl_paths:
update_hash_from_path(after, path)
# Ensure that Nginx is restarted if these change
if before.hexdigest() != after.hexdigest():
service_restart('snap.keystone.nginx')
# Transform for use by Nginx
"""
{'endpoints': [(u'10.5.0.30', u'10.5.0.30', 4990, 4980),
(u'10.5.0.30', u'10.5.0.30', 35347, 35337)],
'ext_ports': [4990, 35347],
'namespace': 'keystone'}
"""
nginx_ret = {}
nginx_ret['ssl'] = https()
nginx_ret['namespace'] = self.service_namespace
endpoints = {}
for ep in ret['endpoints']:
int_address, address, ext, internal = ep
if ext <= 5000:
endpoints['public'] = {
'socket': 'public',
'address': address,
'ext': ext
}
elif ext >= 35337:
endpoints['admin'] = {
'socket': 'admin',
'address': address,
'ext': ext
}
else:
log("Unrecognized internal port", level='ERROR')
nginx_ret['endpoints'] = endpoints
return nginx_ret