# Build keystone. It needs to be run with
# --add-host=mariadb:<ip mariadb listens tp>
# Wen starting with an initialized db,
# run keystone-manage db_sync from this docker first:
# $ docker run hpc/keystone --add-host=mariadb:<ip mariadb> "keystone-manage db_sync"

FROM python:2.7

# Clone the offical keystone repo and checkout ocata.
RUN git clone https://git.openstack.org/openstack/keystone.git -b stable/ocata

# all furter commands are done from /keystone directory.
WORKDIR /keystone

# Install python dependencies
RUN pip install MySQL-python==1.2.5 \
                uWSGI==2.0.15 \
                requests==2.12

# Install keystone.
RUN pip install .

#Install keystone settings files
RUN mkdir /etc/keystone
RUN cp -R etc/* /etc/keystone/

# configure keystone to connect to mariadb host. 
RUN sed  "s|database]|database]\nconnection = mysql://keystone:keystone@mariadb/keystone|g" /etc/keystone/keystone.conf.sample > /etc/keystone/keystone.conf

# set admin token TODO: make this a secret
RUN sed -i 's/#admin_token = ADMIN/admin_token = SuperSecreteKeystoneToken/g' /etc/keystone/keystone.conf

RUN mkdir /etc/keystone/fernet-keys

#RUN keystone-manage db_sync
CMD keystone-manage fernet_setup --keystone-user root --keystone-group root && \
    uwsgi --http 127.0.0.1:35357 --wsgi-file /usr/local/bin/keystone-wsgi-admin