Adding extra LDAP configuration options to Keystone charm

[osm/devops.git] / installers / charm / keystone / config.yaml

diff --git a/installers/charm/keystone/config.yaml b/installers/charm/keystone/config.yaml
index b014e55..06ea060 100644 (file)
--- a/installers/charm/keystone/config.yaml
+++ b/installers/charm/keystone/config.yaml
@@ -93,6 +93,10 @@ options:
     description: |
       Project domain name (Hardcoded in the container start.sh script)
     default: default
+  token_expiration:
+    type: int
+    description: Token keys expiration in seconds
+    default: 172800
   ldap_enabled:
     type: boolean
     description: Boolean to enable/disable LDAP authentication
@@ -113,6 +117,19 @@ options:
     type: string
     description: Password to bind and search for users
     default: ""
+  ldap_chase_referrals:
+    type: string
+    description: |
+      Sets keystone’s referral chasing behavior across directory partitions.
+      If left unset, the system’s default behavior will be used.
+    default: ""
+  ldap_page_size:
+    type: int
+    description: |
+      Defines the maximum number of results per page that keystone should
+      request from the LDAP server when listing objects. A value of zero (0)
+      disables paging.
+    default: 0
   ldap_user_tree_dn:
     type: string
     description: |
@@ -199,6 +216,14 @@ options:
       setting in conjunction with user_enabled_attribute to map the lock
       status to disabled in Keystone.
     default: false
+  ldap_group_objectclass:
+    type: string
+    description: The LDAP object class to use for groups.
+    default: groupOfNames
+  ldap_group_tree_dn:
+    type: string
+    description: The search base to use for groups.
+    default: ""
   ldap_use_starttls:
     type: boolean
     description: |