Admin webapp for OpenStack Keystone and OpenStack Swift.
Manage users and projects on your Keystone service.
Manage containers and objects on Swift. (A customized version of django-swiftbrowser)
Vault has users and teams. Users have the permission to add other users to their teams. This gives them more autonomy.
Users can create projects that will belong to their teams. A Keystone project corresponds to a Swift account.
Users can create, modify or delete any container or object from accounts owned by one of their teams.
An admin can create users and teams, as well as add and remove users from those teams. Admins can also manage Keystone projects and users.
This section describes how to use Docker Compose to locally setup Vault, running all the necessary services in containers.
$ make docker-start
After a while, Vault will be accessible at localhost:8000. The initial admin user's credentials are:
There will also be a non-admin user available. That user's credentials are:
For more information on the docker implementation see Docker.
This section describes how to setup Vault in your own infrastructure, to facilitate administration of your existing Keystone and Swift services. In this case, Vault will run in your own environment, such as in a Virtual Machine.
$ pip install -r requirements.txt
$ export VAULT_MYSQL_DB=vault
$ export VAULT_MYSQL_USER=mysql_user
$ export VAULT_MYSQL_PASSWORD=mysql_pass
$ export VAULT_MYSQL_HOST=mysql.endpoint
$ export VAULT_MYSQL_PORT=3306
$ export VAULT_KEYSTONE_USERNAME=keystone_user
$ export VAULT_KEYSTONE_PASSWORD=keystone_password
$ export VAULT_KEYSTONE_PROJECT=Vault
$ export VAULT_KEYSTONE_URL=http://keystone.endpoint:5000/v3
For optional variables and more information on each of the environment variables, see Environment Variables.
mysql> create database vault;
mysql> CREATE USER 'mysql_user'@'localhost' IDENTIFIED BY 'mysql_pass';
mysql> GRANT ALL PRIVILEGES ON vault.* TO 'mysql_user'@'localhost';
Then
$ python manage.py migrate
$ python manage.py create_user -s
You will be asked for a username, e-mail, team and password. A superuser with the provided information will be created. If the team does not yet exist, it will be created. The superuser will be added to the provided team.
Optionally, you can pass the --username, --email, --teamname and --password arguments, skipping the need to interactively fill out these pieces of information.
The -s (or --superuser) option makes the new user a superuser, meaning it has admin privileges. For a normal user, don't use this option.
$ python manage.py runserver
In a production environment, it is recommended to use a WSGI HTTP server. Here's an example using Gunicorn:
gunicorn --timeout 60 -b 0.0.0.0:$PORT vault.wsgi
Vault uses the default Django authentication, but also allows for OAuth2 authentication via django-all-access. To add an OAuth2 provider, simply use the Django admin. For more information, see OAuth2 Authentication.
Only admins can create new users, unless when using OAuth2 authentication.
If you want to upload Vault's static files to your current Swift cluster, simply create a project (named here as <swift-project>) and, in that project, a container (named here as <swift-container>). Then, using the credentials of a user with permission to write to that container, do the following:
$ python manage.py collectstatic --noinput
$ swift upload --os-username=<swift-user> --os-password=<swift-pass> --os-project-name=<swift-project> --os-auth-url=<swift-auth-url> --os-storage-url=<swift-admin-url> <swift-container> vault_static/
pip install -r requirements_test.txt
make tests
While Vault already delivers an app for Swift management and another for Keystone management, it also allows you to easily implement your own apps. This helps you centralize several services in a single, standardized web interface. For more information, see How to create a Vault App.
How to edit locale files:
# In the app directory
django-admin makemessages --all
django-admin compilemessages --locale=pt_BR
FAQs
Admin webapp for OpenStack Keystone and OpenStack Swift.
We found that vault demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.