· 8 years ago · Jul 19, 2017, 03:08 PM
1###
2# LDAPAuthentication
3###
4require_once( "$IP/extensions/LdapAuthentication/LdapAuthentication.php" );
5$wgAuth = new LdapAuthenticationPlugin();
6
7$wgLDAPDomainNames = array( "colo" );
8$wgLDAPServerNames = array( "colo" => "kumquat.colo.example.de" );
9$wgLDAPSearchStrings = array( "colo" => "uid=USER-NAME,ou=people,dc=colo,dc=example,dc=de");
10$wgLDAPSearchAttributes = array( "colo" => "uid" );
11$wgLDAPBaseDNs = array( "colo" => "dc=colo,dc=example.de,dc=de" );
12$wgLDAPProxyAgent = array( "colo" => "cn=proxyagent,dc=colo,dc=example,dc=de" );
13$wgLDAPProxyAgentPassword = array( "colo" => "lololo" );
14$wgLDAPEncryptionType = array( "colo" => "clear" );
15$wgLDAPWriterDN = array( "colo" => 'cn=admin,dc=colo,dc=example,dc=de' );
16$wgLDAPWriterPassword = array( 'colo' => 'idontknowanything' );
17$wgLDAPWriteLocation = array( 'colo' => 'ou=people,dc=colo,dc=example,dc=de' );
18$wgLDAPAddLDAPUsers = array( 'colo' => true );
19$wgLDAPUpdateLDAP = array( 'colo' => true );
20$wgLDAPMailPassword = array( 'colo' => true, 'invaliddomain' => true );
21$wgLDAPPreferences = array( 'colo' => array( "email"=>"mail","realname"=>"cn","nickname"=>"uid") );
22$wgMinimalPasswordLength = 1;
23$wgLDAPDebug = 3;
24$wgDebugLogFile = "/tmp/wiki_log";
25$wgDebugLogGroups["ldap"] = "/tmp/debug.log";
26$wgLogQueries = true;
27
28###
29# OpenstackManager
30###
31require_once( "$IP/extensions/OpenStackManager/OpenStackManager.php" );
32
33# Server name of your Nova API server
34# Default: 'localhost'
35$wgOpenStackManagerNovaServerName = 'kumquat';
36
37# Port used by your Nova API server
38# Default: 8773
39$wgOpenStackManagerNovaPort = 8773;
40
41# Resource Prefix used by your Nova API server
42# Default: '/services/Cloud/'
43$wgOpenStackManagerNovaResourcePrefix = '/services/Cloud/';
44
45# Whether or not SSL is disabled on your Nova API server
46# Default: true
47$wgOpenStackManagerNovaDisableSSL = true;
48
49# Credentials for an admin on your Nova server; needed for reading
50# all instance, image, etc. information.
51# Default: array( 'accessKey' => '', 'secretKey' => '' )
52$wgOpenStackManagerNovaAdminKeys = array( 'accessKey' => 'putsomethinghere', 'secretKey' => 'andheretoo' );
53
54# Location to store ssh keys, 'nova', or 'ldap'
55# Default: ldap
56$wgOpenStackManagerNovaKeypairStorage = 'ldap';
57
58# LDAP domain to use
59# This must be the same domain name as what you have configured for the LDAP Authentication extension
60# Default: none
61$wgOpenStackManagerLDAPDomain = 'colo';
62
63# Use to use for writing to the directory server
64# This should (and likely will) get replaced by the writer DN of the LDAP Authentication extension
65# Default: none
66$wgOpenStackManagerLDAPUser = 'cn=admin,dc=colo,dc=example,dc=de';
67
68# Password to use with the above LDAP user
69$wgOpenStackManagerLDAPUserPassword = 'dontknowanything,Ithink';
70
71# Location in the directory server that Nova projects should be stored
72# This must be the same location used in your nova configuration
73# Default: none
74$wgOpenStackManagerLDAPProjectBaseDN = 'ou=groups,dc=colo,dc=example,dc=de';
75
76# DNs for global role groups
77# This must be the same DNs used in your nova configuration
78# Default: none
79$wgOpenStackManagerLDAPGlobalRoles = array(
80 'sysadmin' => 'cn=sysadmins,ou=groups,dc=colo,dc=example,dc=de',
81 'netadmin' => 'cn=netadmins,ou=groups,dc=colo,dc=example,dc=de',
82 'cloudadmin' => 'cn=cloudadmins,ou=groups,dc=colo,dc=example,dc=de',
83 );
84
85# Whether or not users must be in both the global role and the project role for
86# project specific role checks to success.
87# Default: false
88$wgOpenStackManagerLDAPRolesIntersect = false;
89
90# Location in the directory server where instances should be stored
91# This is used for DNS entries, and puppet configuration information
92# Puppet and PowerDNS should be configured to use this baseDN.
93# Default: none
94$wgOpenStackManagerLDAPInstanceBaseDN = 'ou=hosts,dc=colo,dc=example,dc=de';
95
96# Posix GID number to use when creating user accounts
97# All users get a shared group when they are created, and this is what will be used
98# Default: 500
99$wgOpenStackManagerLDAPDefaultGid = '500';
100
101# Options for DNS, used to populate SOA records
102# Default: none
103$wgOpenStackManagerDNSOptions = array(
104 'enabled' => true,
105 'servers' => array( 'primary' => 'kumquat.colo.example.de' ),
106 'soa' => array( 'hostmaster' => 'novaman@colo.example.de', 'refresh' => '1800', 'retry' => '3600', 'expiry' => '86400', 'minimum' => '7200' ),
107 );
108
109# Options for puppet
110# defaultclasses is an array of puppet classes that will always be applied to nodes
111# defaultvariables is an array of puppet variables that will always be applied to nodes
112# availableclasses is an array of puppet classes users will be allowed to select when creating or configuring instances
113# availablevariables is an array of puppet variables users will be allowed to select when creating or configuring instances
114# Default: none
115$wgOpenStackManagerPuppetOptions = array(
116 'enabled' => false,
117 'defaultclasses' => array( 'base' ),
118 'defaultvariables' => array( 'myvar' => 'myvarvalue' ),
119 'availableclasses' => array( 'ganglia', 'nagios::monitor', 'lvs::realserver', 'cache::bits' ),
120 'availablevariables' => array( 'lvs_realserver_ips', 'cluster' )
121 );
122
123# User data values. 'cloud-config' is an array that will be parsed to YAML. 'scripts' and 'upstarts' will be loaded into the
124# user data from the files provided. Ensure the files are readable by the web server user.
125# Default: none
126//$wgOpenStackManagerInstanceUserData = array(
127// 'cloud-config' => array(
128// 'puppet' => array( 'conf' => array( 'puppetd' => array( 'server' => 'nova-controller.example.org', 'certname' => '%f' ) ) ),
129// 'apt-upgrade' => 'true'
130// 'scripts' => array(
131// '/opt/scripts/script1.sh',
132// '/usr/local/bin/script2.py',
133// ),
134// 'upstarts' => array(
135// '/opt/upstarts/upstart1.conf',
136// '/opt/upstarts/upstart2.conf'
137// )
138// );
139
140
141# A configuration function to create namespaces for Nova projects in LDAP
142# This is optional, and fairly expensive for now, until caching is enabled for the lookup.
143OpenStackNovaProject::addNamespaces();