Skip to content
Snippets Groups Projects
  1. Jan 08, 2018
    • James Page's avatar
      Remove deploy from source support · b4019e45
      James Page authored
      Drop support for deployment from Git repositories, as deprecated
      in the 17.02 charm release.  This feature is unmaintained and has
      no known users.
      
      Change-Id: I19732b50483ab7284723f847f182fd1cfa67e425
      b4019e45
  2. Jan 06, 2018
  3. Dec 11, 2017
    • David Ames's avatar
      Update HAProxy default timeout values · cad0fa0d
      David Ames authored
      The default HAProxy timeout values are fairly strict. On a busy cloud
      it is common to exceed one or more of these timeouts. The only
      indication that HAProxy has exceeded a timeout and dropped the
      connection is errors such as "BadStatusLine" or "EOF." These can be
      very difficult to diagnose when intermittent.
      
      This charm-helpers sync pulls in the change to update the default
      timeout values to more real world settings. These values have been
      extensively tested in ServerStack. Configured values will not be
      overridden.
      
      Partial Bug: #1736171
      
      Change-Id: Ida7949113594b9b859ab7b4ba8b2bb440bab6e7d
      cad0fa0d
  4. Dec 10, 2017
  5. Dec 05, 2017
    • Ryan Beisner's avatar
      Add Bionic and remove Zesty series and tests · 225f1c3e
      Ryan Beisner authored
      Bionic, being the next LTS, is important to enable for dev
      and test as early as possible ahead of 18.02.
      
      Zesty goes EOL in Jan 2018. The next stable charms release (18.02)
      will not provide Zesty series support, as it was an interim
      (non-LTS) release.
      
      Change-Id: If96d593120b3b334819fca892042ec17c7403dd6
      225f1c3e
  6. Nov 22, 2017
  7. Nov 21, 2017
  8. Nov 19, 2017
  9. Nov 15, 2017
    • Nobuto Murata's avatar
      Allow to override the default volume creation behavior · 55b96671
      Nobuto Murata authored
      Now that Horizon upstream added the ability to configure the default
      "create volume" value when launching an instance (See. LP: #1678109),
      expose it as a new charm config.
      
      Change-Id: I68a6f199a72c11ad4eff2b587cb4279c91da52ae
      Closes-Bug: #1711342
      55b96671
  10. Oct 27, 2017
    • Corey Bryant's avatar
      Fix theme rendering for kilo · 5e0f9e50
      Corey Bryant authored
      Set WEBROOT in openstack-dashboard's local_settings.py to the value
      of webroot from the charm's config (see config.yaml).
      
      Add /horizon/static alias to apache2 config in addition to /static
      to cover both paths to static resources.
      
      Change-Id: I29a156d322bac91ca02fb0f08f291fc805e59110
      Closes-Bug: #1728086
      5e0f9e50
  11. Oct 23, 2017
    • Nobuto Murata's avatar
      Allow to enable password autocompletion by browser · a0551816
      Nobuto Murata authored
      Horizon tries to inhibit browsers' password autocompletion by default.
      Offer a configurable option in the charm so that admin can allow
      password autocompletion if necessary.
      
      Change-Id: I461752d1d1175f777de5bff26953b200efb17137
      Closes-Bug: 1714676
      a0551816
  12. Oct 22, 2017
  13. Oct 18, 2017
  14. Oct 17, 2017
  15. Oct 11, 2017
    • Nobuto Murata's avatar
      Enable security related headers when SSL is enabled · 47396b52
      Nobuto Murata authored
      Horizon can be setup in a more secure way. Enable more headers:
       - X-XSS-Protection "1; mode=block"
       - X-Content-Type-Options "nosniff"
       - CSRF_COOKIE_SECURE, SESSION_COOKIE_SECURE in Django
      
      Change-Id: I84605bd7e00df64da522b805b4e9a88521d1e0f6
      Partial-Bug: #1713202
      47396b52
  16. Oct 09, 2017
    • Edward Hope-Morley's avatar
      Remove obsolete templates · f68514cb
      Edward Hope-Morley authored
      Removes essex, folsom, grizzly, havana and juno
      templates since those versions are
      out-of-support.
      
      Change-Id: If4a256793060a0935b40397fb50c201eeee9fe68
      f68514cb
  17. Oct 04, 2017
    • Michael Skalka's avatar
      Add default_domain config option. · 780381e6
      Michael Skalka authored
      This commit adds the default-domain config option to limit
      the login page to only the specifed domain. For use with a single
      domain environment where users are only given a login.
      
      When considering a single domain usecase for users (admin_domain for
      administration, then example_domain for all other users), it would
      be handy for users not to input their domain name, but only username
      and password to login.
      
      By setting two lines below, we can create a separate dashboard instance
      for non-admin users only.
      
      OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT=False
      OPENSTACK_KEYSTONE_DEFAULT_DOMAIN=example_domain
      
      However, the current local_settings.py template does not allow that.
      
      This change adds the 'default-domain' configuration option which modifies
      local_policy.py to set the two configuration flags outlined in the bug.
      If the config option is not set the charm will behave as before, enabling
      the user to specify the domain at login.
      
      This does no validation to ensure the domain exists, so it is up to the user
      to supply a valid domain name.
      
      Closes-Bug: 1712999
      Change-Id: I316372ae305a4ba10e4d8ba047f23a317836b960
      780381e6
  18. Sep 27, 2017
    • James Page's avatar
      Fix use-syslog support >= Newton · 83705125
      James Page authored
      Update local_settings.py template to correctly configure syslog
      handler for OpenStack Newton or later.
      
      Change-Id: If3d6f4d7b550ef253a03146de518ec8f23eda170
      Closes-Bug: 1678014
      83705125
    • Nobuto Murata's avatar
      Rely on HTTP_HOST sent by clients for redirection · 289d5bb6
      Nobuto Murata authored
      The dashboard may have multiple networks and IP addresses. We never be
      able to determine where to redirect reliably. Also, redirecting an
      access from internal network to a public IP address may not be what
      users want. Instead, use HTTP_HOST sent by the client and let the
      client's browser reveal SSL related errors if any.
      
      Change-Id: I9f4c734a61d3ab07f3f7c9a1a073eede73ae4651
      Closes-Bug: #1710930
      Closes-Bug: #1713198
      289d5bb6
  19. Sep 26, 2017
  20. Sep 17, 2017
  21. Sep 15, 2017
    • Shane Peters's avatar
      Disable apache mod_status when hardening apache · 4cf33836
      Shane Peters authored
      Automatically disable apache status module when
      apache hardening is turned on.
      
      sync charm-helpers for apache hardening fixes.
      
      Change-Id: Idb114f4c37d5a570b352dbd43035cd737a658a1d
      Closes-Bug: #1710917
      4cf33836
  22. Sep 13, 2017
  23. Sep 07, 2017
    • James Page's avatar
      Fix minor openstack upgrade issues · efda3b9d
      James Page authored
      Ensure that any new package requirements are installed for the
      new OpenStack release version.
      
      Reset os_release cache during the upgrade process to pickup the
      new release.
      
      Change-Id: Ied85f83ad4fabf1fb946df7db94aa4c847b4c075
      Closes-Bug: 1715624
      efda3b9d
  24. Aug 24, 2017
    • Ryan Beisner's avatar
      Sync charm-helpers · 99108164
      Ryan Beisner authored
      Change-Id: Ieb434ea3859518c7594bb877e695339aaba99d2d
      99108164
    • Dmitrii Shcherbakov's avatar
      add local_settings template for Ocata · d5072e40
      Dmitrii Shcherbakov authored
      ceilometer_policy.json file was removed as a part of
      20ea82b9efe78516286c4b35c5dc644b296b4313 horizon commit made before the
      Ocata release due to ceilometer API deprecation.
      
      Having this in a template for Ocata results in an error on first login
      via a given http server.
      
      Therefore, this change adds another template for Ocata+ which does not
      contain a reference to that file in POLICY_FILES.
      
      Change-Id: I3320622684c3185db45094563f277d4c7ce0694d
      Closes-Bug: 1712617
      d5072e40
  25. Aug 23, 2017
  26. Aug 15, 2017
    • David Ames's avatar
      Dual Stack VIPs · ecd32c96
      David Ames authored
      Enable dual stack IPv4 and IPv6 VIPs on the same interface.
      HAProxy always listens on both IPv4 and IPv6 allowing connectivity
      on either protocol.
      
      charm-helpers sync for HAProxy template changes.
      
      Change-Id: Ie91b86cd02b90f0439f0fcb1657e211284716a37
      ecd32c96
  27. Aug 09, 2017
  28. Aug 02, 2017
  29. Jul 05, 2017
  30. May 25, 2017
  31. May 24, 2017
    • David Ames's avatar
      Enable LBaaS2 in Horizon · 65d50039
      David Ames authored
      Install the python-neutron-lbaas-dashboard package if Ocata or greater
      to enable LBaas2 in Horizon.
      
      Change-Id: I89260ed4edf2b200be462ab05946ff88f21e429c
      Closes-Bug: #1658105
      65d50039
  32. May 22, 2017
    • Daniel Axtens's avatar
      Rework enforce_ssl to use host name, not address · 51b099c7
      Daniel Axtens authored
      
      If enforce_ssl is set to true in openstack-dashboard, a user is
      redirected to the IP address of the server, not its hostname.
      
      This boils down to the template used to construct the site, which
      is always fed an IP address by horizon_context.py.
      
      Instead of using an IP address, use the result of resolve_address.
      
      (This is part of an odd quirk whereby the charm doesn't use the
      standard https tooling but does its own. A conversion to standard
      tooling would be required for a full fix to #1664954.)
      
      Closes-Bug: #1689882
      Related-Bug: #1664954
      Change-Id: I93365b75211e3c48d64ba8510898750dbc7b73cd
      Signed-off-by: default avatarDaniel Axtens <dja@axtens.net>
      51b099c7
  33. May 12, 2017
    • James Page's avatar
      Updates to support xenial-pike · 3b31754a
      James Page authored
      Add apache2 configuration template to switch to using the horizon
      user for wsgi processes.
      
      Resync charmhelpers for pike support.
      
      Change-Id: I0bc4753ac1b228e695eedb14840d7d1901d5ddc8
      3b31754a
  34. May 05, 2017
  35. Apr 28, 2017
    • David Ames's avatar
      Enable Zesty-Ocata Amulet Tests · 1cdefcb5
      David Ames authored
      - Turn on Zesty-Ocata Amulet test definitions.
      - Standardize test-requirements.txt
      - Sync charm helpers for various fixes
      
      Change-Id: Ie3906e813dd4533ab270a1d4edc5602c58eb2cb5
      1cdefcb5
  36. Apr 26, 2017
    • David Ames's avatar
      Avoid shared-db change when using access-network · 19097f6a
      David Ames authored
      When the percona-cluster charm sets an access-network but the default
      unit-get address is not on that network extra shared-db relations get
      executed. This is specifically a problem when running upgrades and
      trying to avoid API downtime.
      
      The root cause is that the access-network is not checked until the
      SharedDBContext is consulted. But then db_joined function will
      change it back to the wrong ip on subsequent runs.
      
      This change adds a check for access-network on the relation during
      the db_joined function and pushes IP selection off to
      get_relation_ip.
      
      Charm helpers sync to pull in changes to get_relation_ip.
      
      Change-Id: I05d4c472e2135740f964a4621f1f755f900a10f8
      Partial-bug: #1677647
      19097f6a
  37. Mar 29, 2017
Loading