--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openstack/keystone/files/keystone.stencil Fri May 20 17:42:29 2016 -0400
@@ -0,0 +1,106 @@
+;
+;TLS macro for vhost blocks
+;
+$%define TLS {$%{config/use_tls:?
+ SSLEngine On
+
+ # Disable the known insecure SSLv3 protocol
+ SSLProtocol all -SSLv3
+
+ SSLCertificateFile $%{config/ssl_cert_file}
+ $%{config/ssl_ca_cert_file:^*SSLCACertificateFile }
+ SSLCertificateKeyFile $%{config/ssl_cert_key_file}
+}}
+;
+;vhost macro
+;
+$%define VHOST type port name {
+<VirtualHost *:$%port>
+$%[TLS]
+ WSGIDaemonProcess keystone-$%type processes=5 threads=1 user=keystone group=keystone display-name=%\{GROUP\}
+ WSGIScriptAlias / /usr/lib/python2.7/vendor-packages/keystone/httpd/$%name
+ WSGIProcessGroup keystone-$%type
+ WSGIApplicationGroup %\{GLOBAL\}
+ WSGIPassAuthorization On
+
+</VirtualHost>
+}
+;
+; Start of conf file stencil
+;
+# WARNING: THIS FILE GENERATED FROM SMF DATA.
+# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.
+#
+
+ServerRoot "/usr/apache2/2.4"
+
+LoadModule authn_file_module libexec/mod_authn_file.so
+LoadModule authn_core_module libexec/mod_authn_core.so
+LoadModule authz_host_module libexec/mod_authz_host.so
+LoadModule authz_groupfile_module libexec/mod_authz_groupfile.so
+LoadModule authz_user_module libexec/mod_authz_user.so
+LoadModule authz_core_module libexec/mod_authz_core.so
+LoadModule access_compat_module libexec/mod_access_compat.so
+LoadModule auth_basic_module libexec/mod_auth_basic.so
+LoadModule reqtimeout_module libexec/mod_reqtimeout.so
+LoadModule filter_module libexec/mod_filter.so
+LoadModule log_config_module libexec/mod_log_config.so
+LoadModule env_module libexec/mod_env.so
+LoadModule headers_module libexec/mod_headers.so
+LoadModule version_module libexec/mod_version.so
+LoadModule slotmem_shm_module libexec/mod_slotmem_shm.so
+<IfDefine prefork>
+ LoadModule mpm_prefork_module libexec/mod_mpm_prefork.so
+</IfDefine>
+<IfDefine worker>
+ LoadModule mpm_worker_module libexec/mod_mpm_worker.so
+</IfDefine>
+<IfDefine !prefork>
+ <IfDefine !worker>
+ LoadModule mpm_event_module libexec/mod_mpm_event.so
+ </IfDefine>
+</IfDefine>
+LoadModule unixd_module libexec/mod_unixd.so
+LoadModule status_module libexec/mod_status.so
+LoadModule alias_module libexec/mod_alias.so
+LoadModule wsgi_module libexec/mod_wsgi-2.7.so
+$%{config/use_tls:?
+LoadModule ssl_module libexec\/mod_ssl.so
+}
+
+<IfModule unixd_module>
+ User keystone
+ Group keystone
+</IfModule>
+
+PidFile /var/lib/keystone/keystone.httpd.pid
+
+ServerName 127.0.0.1
+Listen $%{config/public_port}
+Listen $%{config/admin_port}
+
+<Directory />
+ AllowOverride none
+ Require all denied
+</Directory>
+
+ErrorLogFormat "%{cu}t %M"
+ErrorLog "$%{config/error_log}"
+LogLevel warn
+
+<IfModule log_config_module>
+ LogFormat "%h %u %t \\"%r\\" %p %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\"" combined
+</IfModule>
+
+CustomLog $%{config/access_log} combined
+
+<Directory /usr/lib/python2.7/vendor-packages/keystone/httpd>
+ Options Indexes FollowSymLinks MultiViews
+ AllowOverride None
+ Require all granted
+</Directory>
+
+WSGISocketPrefix /var/run/keystone_wsgi_
+
+$%[VHOST public $%{config/public_port} main]
+$%[VHOST admin $%{config/admin_port} admin]