3
from django.utils.translation import ugettext_lazy as _
5
from logging.handlers import SysLogHandler
8
from openstack_dashboard import exceptions
11
TEMPLATE_DEBUG = DEBUG
13
# Required for Django 1.5.
14
# If horizon is running in production (DEBUG is False), set this
15
# with the list of host/domain names that the application can serve.
16
# For more information see:
17
# https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
18
#ALLOWED_HOSTS = ['horizon.example.com', ]
20
# Set SSL proxy settings:
21
# For Django 1.4+ pass this header from the proxy after terminating the SSL,
22
# and don't forget to strip it from the client's request.
23
# For more information see:
24
# https://docs.djangoproject.com/en/1.4/ref/settings/#secure-proxy-ssl-header
25
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
27
# If Horizon is being served through SSL, then uncomment the following two
28
# settings to better secure the cookies from security exploits
29
#CSRF_COOKIE_SECURE = True
30
#SESSION_COOKIE_SECURE = True
32
# Overrides for OpenStack API versions. Use this setting to force the
33
# OpenStack dashboard to use a specific API version for a given service API.
34
# NOTE: The version should be formatted as it appears in the URL for the
35
# service API. For example, The identity service APIs have inconsistent
36
# use of the decimal point, so valid options would be "2.0" or "3".
37
# OPENSTACK_API_VERSIONS = {
38
# "data_processing": 1.1,
43
# Set this to True if running on multi-domain model. When this is enabled, it
44
# will require user to enter the Domain name in addition to username for login.
45
# OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False
47
# Overrides the default domain used when running on single-domain model
48
# with Keystone V3. All entities will be created in the default domain.
49
# OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
52
# valid options would be "AUTO"(default), "VNC", "SPICE", "RDP" or None
53
# Set to None explicitly if you want to deactivate the console.
54
# CONSOLE_TYPE = "AUTO"
56
# Default OpenStack Dashboard configuration.
58
'dashboards': ('project', 'admin', 'settings',),
59
'default_dashboard': 'project',
60
'user_home': 'openstack_dashboard.views.get_user_home',
61
'ajax_queue_limit': 10,
64
'fade_duration': 1500,
65
'types': ['alert-success', 'alert-info']
67
'help_url': "http://docs.openstack.org",
68
'exceptions': {'recoverable': exceptions.RECOVERABLE,
69
'not_found': exceptions.NOT_FOUND,
70
'unauthorized': exceptions.UNAUTHORIZED},
71
'angular_modules': [],
75
# Specify a regular expression to validate user passwords.
76
# HORIZON_CONFIG["password_validator"] = {
78
# "help_text": _("Your password does not meet the requirements.")
81
# Disable simplified floating IP address management for deployments with
82
# multiple floating IP pools or complex network requirements.
83
# HORIZON_CONFIG["simple_ip_management"] = False
85
# Turn off browser autocompletion for forms including the login form and
86
# the database creation workflow if so desired.
87
# HORIZON_CONFIG["password_autocomplete"] = "off"
89
LOCAL_PATH = os.path.dirname(os.path.abspath(__file__))
91
# Set custom secret key:
92
# You can either set it to a specific value or you can let horizon generate a
93
# default secret key that is unique on this machine, e.i. regardless of the
94
# amount of Python WSGI workers (if used behind Apache+mod_wsgi): However, there
95
# may be situations where you would want to set this explicitly, e.g. when
96
# multiple dashboard instances are distributed on different machines (usually
97
# behind a load-balancer). Either you have to make sure that a session gets all
98
# requests routed to the same dashboard instance or you set the same SECRET_KEY
101
SECRET_KEY = "{{ secret }}"
103
# We recommend you use memcached for development; otherwise after every reload
104
# of the django development server, you will have to login again. To use
105
# memcached set CACHES to something like
108
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
109
'LOCATION': '127.0.0.1:11211',
115
# 'BACKEND': 'django.core.cache.backends.locmem.LocMemCache'
119
# Send email to the console by default
120
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
121
# Or send them to /dev/null
122
#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend'
124
# Configure these for your outgoing email host
125
# EMAIL_HOST = 'smtp.my-company.com'
127
# EMAIL_HOST_USER = 'djangomail'
128
# EMAIL_HOST_PASSWORD = 'top-secret!'
130
# For multiple regions uncomment this configuration, and add (endpoint, title).
131
# AVAILABLE_REGIONS = [
132
# ('http://cluster1.example.com:5000/v2.0', 'cluster1'),
133
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
136
OPENSTACK_HOST = "{{ service_host }}"
137
OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v2.0" % OPENSTACK_HOST
138
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}"
140
# Disable SSL certificate checks (useful for self-signed certificates):
141
# OPENSTACK_SSL_NO_VERIFY = True
143
# The CA certificate to use to verify SSL connections
144
# OPENSTACK_SSL_CACERT = '/path/to/cacert.pem'
146
# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the
147
# capabilities of the auth backend for Keystone.
148
# If Keystone has been configured to use LDAP as the auth backend then set
149
# can_edit_user to False and name to 'ldap'.
151
# TODO(tres): Remove these once Keystone has an API to identify auth backend.
152
OPENSTACK_KEYSTONE_BACKEND = {
154
'can_edit_user': True,
155
'can_edit_group': True,
156
'can_edit_project': True,
157
'can_edit_domain': True,
158
'can_edit_role': True
161
#Setting this to True, will add a new "Retrieve Password" action on instance,
162
#allowing Admin session password retrieval/decryption.
163
#OPENSTACK_ENABLE_PASSWORD_RETRIEVE = False
165
# The Xen Hypervisor has the ability to set the mount point for volumes
166
# attached to instances (other Hypervisors currently do not). Setting
167
# can_set_mount_point to True will add the option to set the mount point
169
OPENSTACK_HYPERVISOR_FEATURES = {
170
'can_set_mount_point': False,
171
'can_set_password': False,
174
# The OPENSTACK_CINDER_FEATURES settings can be used to enable optional
175
# services provided by cinder that is not exposed by its extension API.
176
OPENSTACK_CINDER_FEATURES = {
177
'enable_backup': False,
180
# The OPENSTACK_NEUTRON_NETWORK settings can be used to enable optional
181
# services provided by neutron. Options currently available are load
182
# balancer service, security groups, quotas, VPN service.
183
OPENSTACK_NEUTRON_NETWORK = {
184
'enable_router': True,
185
'enable_quotas': True,
187
'enable_distributed_router': False,
188
'enable_ha_router': False,
189
'enable_lb': {{ neutron_network_lb }},
190
'enable_firewall': {{ neutron_network_firewall }},
191
'enable_vpn': {{ neutron_network_vpn }},
192
# The profile_support option is used to detect if an external router can be
193
# configured via the dashboard. When using specific plugins the
194
# profile_support can be turned on if needed.
195
'profile_support': None,
196
#'profile_support': 'cisco',
197
# Set which provider network types are supported. Only the network types
198
# in this list will be available to choose from when creating a network.
199
# Network types include local, flat, vlan, gre, and vxlan.
200
'supported_provider_types': ['*'],
203
# The OPENSTACK_IMAGE_BACKEND settings can be used to customize features
204
# in the OpenStack Dashboard related to the Image service, such as the list
205
# of supported image formats.
206
# OPENSTACK_IMAGE_BACKEND = {
208
# ('', _('Select format')),
209
# ('aki', _('AKI - Amazon Kernel Image')),
210
# ('ami', _('AMI - Amazon Machine Image')),
211
# ('ari', _('ARI - Amazon Ramdisk Image')),
212
# ('iso', _('ISO - Optical Disk Image')),
213
# ('qcow2', _('QCOW2 - QEMU Emulator')),
217
# ('vmdk', _('VMDK'))
221
# The IMAGE_CUSTOM_PROPERTY_TITLES settings is used to customize the titles for
222
# image custom property attributes that appear on image detail pages.
223
IMAGE_CUSTOM_PROPERTY_TITLES = {
224
"architecture": _("Architecture"),
225
"kernel_id": _("Kernel ID"),
226
"ramdisk_id": _("Ramdisk ID"),
227
"image_state": _("Euca2ools state"),
228
"project_id": _("Project ID"),
229
"image_type": _("Image Type")
232
# The IMAGE_RESERVED_CUSTOM_PROPERTIES setting is used to specify which image
233
# custom properties should not be displayed in the Image Custom Properties
235
IMAGE_RESERVED_CUSTOM_PROPERTIES = []
237
# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints
238
# in the Keystone service catalog. Use this setting when Horizon is running
239
# external to the OpenStack environment. The default is 'publicURL'.
240
#OPENSTACK_ENDPOINT_TYPE = "publicURL"
242
# SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the
243
# case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints
244
# in the Keystone service catalog. Use this setting when Horizon is running
245
# external to the OpenStack environment. The default is None. This
246
# value should differ from OPENSTACK_ENDPOINT_TYPE if used.
247
#SECONDARY_ENDPOINT_TYPE = "publicURL"
249
# The number of objects (Swift containers/objects or images) to display
250
# on a single page before providing a paging element (a "more" link)
251
# to paginate results.
252
API_RESULT_LIMIT = 1000
253
API_RESULT_PAGE_SIZE = 20
255
# The timezone of the server. This should correspond with the timezone
256
# of your entire OpenStack installation, and hopefully be in UTC.
259
# When launching an instance, the menu of available flavors is
260
# sorted by RAM usage, ascending. If you would like a different sort order,
261
# you can provide another flavor attribute as sorting key. Alternatively, you
262
# can provide a custom callback method to use for sorting. You can also provide
263
# a flag for reverse sort. For more info, see
264
# http://docs.python.org/2/library/functions.html#sorted
265
# CREATE_INSTANCE_FLAVOR_SORT = {
268
# 'key': my_awesome_callback_method,
272
# The Horizon Policy Enforcement engine uses these values to load per service
273
# policy rule files. The content of these files should match the files the
274
# OpenStack services are using to determine role based access control in the
275
# target installation.
277
# Path to directory containing policy.json files
278
#POLICY_FILES_PATH = os.path.join(ROOT_PATH, "conf")
279
# Map of local copy of service policy files
281
# 'identity': 'keystone_policy.json',
282
# 'compute': 'nova_policy.json',
283
# 'volume': 'cinder_policy.json',
284
# 'image': 'glance_policy.json',
285
# 'orchestration': 'heat_policy.json',
286
# 'network': 'neutron_policy.json',
289
# Trove user and database extension support. By default support for
290
# creating users and databases on database instances is turned on.
291
# To disable these extensions set the permission here to something
292
# unusable such as ["!"].
293
# TROVE_ADD_USER_PERMS = []
294
# TROVE_ADD_DATABASE_PERMS = []
298
# When set to True this will disable all logging except
299
# for loggers specified in this configuration dictionary. Note that
300
# if nothing is specified here and disable_existing_loggers is True,
301
# django.db.backends will still log unless it is disabled explicitly.
302
'disable_existing_loggers': False,
306
'class': 'django.utils.log.NullHandler',
309
# Set the level to "DEBUG" for verbose output logging.
311
'class': 'logging.StreamHandler',
316
'class': 'logging.handlers.SysLogHandler',
321
# Logging from django.db.backends is VERY verbose, send to null
323
'django.db.backends': {
324
'handlers': ['null'],
328
'handlers': ['null'],
333
'handlers': ['syslog'],
335
'handlers': ['console'],
339
'openstack_dashboard': {
341
'handlers': ['syslog'],
343
'handlers': ['console'],
349
'handlers': ['syslog'],
351
'handlers': ['console'],
357
'handlers': ['syslog'],
359
'handlers': ['console'],
365
'handlers': ['syslog'],
367
'handlers': ['console'],
373
'handlers': ['syslog'],
375
'handlers': ['console'],
381
'handlers': ['syslog'],
383
'handlers': ['console'],
389
'handlers': ['syslog'],
391
'handlers': ['console'],
395
'ceilometerclient': {
397
'handlers': ['syslog'],
399
'handlers': ['console'],
405
'handlers': ['syslog'],
407
'handlers': ['console'],
413
'handlers': ['syslog'],
415
'handlers': ['console'],
421
'handlers': ['syslog'],
423
'handlers': ['console'],
427
'nose.plugins.manager': {
429
'handlers': ['syslog'],
431
'handlers': ['console'],
437
'handlers': ['syslog'],
439
'handlers': ['console'],
444
'handlers': ['null'],
448
'handlers': ['null'],
454
# 'direction' should not be specified for all_tcp/udp/icmp.
455
# It is specified in the form.
456
SECURITY_GROUP_RULES = {
458
'name': _('All TCP'),
459
'ip_protocol': 'tcp',
464
'name': _('All UDP'),
465
'ip_protocol': 'udp',
470
'name': _('All ICMP'),
471
'ip_protocol': 'icmp',
477
'ip_protocol': 'tcp',
483
'ip_protocol': 'tcp',
489
'ip_protocol': 'tcp',
495
'ip_protocol': 'tcp',
501
'ip_protocol': 'tcp',
507
'ip_protocol': 'tcp',
513
'ip_protocol': 'tcp',
519
'ip_protocol': 'tcp',
525
'ip_protocol': 'tcp',
531
'ip_protocol': 'tcp',
537
'ip_protocol': 'tcp',
543
'ip_protocol': 'tcp',
549
'ip_protocol': 'tcp',
555
'ip_protocol': 'tcp',
561
# Deprecation Notice:
563
# The setting FLAVOR_EXTRA_KEYS has been deprecated.
564
# Please load extra spec metadata into the Glance Metadata Definition Catalog.
566
# The sample quota definitions can be found in:
567
# <glance_source>/etc/metadefs/compute-quota.json
569
# The metadata definition catalog supports CLI and API:
570
# $glance --os-image-api-version 2 help md-namespace-import
571
# $glance-manage db_load_metadefs <directory_with_definition_files>
573
# See Metadata Definitions on: http://docs.openstack.org/developer/glance/
575
# Indicate to the Sahara data processing service whether or not
576
# automatic floating IP allocation is in effect. If it is not
577
# in effect, the user will be prompted to choose a floating IP
578
# pool for use in their cluster. False by default. You would want
579
# to set this to True if you were running Nova Networking with
580
# auto_assign_floating_ip = True.
581
# SAHARA_AUTO_IP_ALLOCATION_ENABLED = False
583
###############################################################################
585
###############################################################################
587
{% if ubuntu_theme %}
588
# Enable the Ubuntu theme if it is present.
590
from ubuntu_theme import *
595
# Default Ubuntu apache configuration uses /horizon as the application root.
596
# Configure auth redirects here accordingly.
597
{% if webroot == "/" %}
598
LOGIN_URL='/auth/login/'
599
LOGOUT_URL='/auth/logout/'
601
LOGIN_URL='{{ webroot }}/auth/login/'
602
LOGOUT_URL='{{ webroot }}/auth/logout/'
604
LOGIN_REDIRECT_URL='{{ webroot }}'
606
# By default, validation of the HTTP Host header is disabled. Production
607
# installations should have this set accordingly. For more information
608
# see https://docs.djangoproject.com/en/dev/ref/settings/.