diff options
author | Michael Scherer <misc@mageia.org> | 2012-02-19 17:45:07 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2012-02-19 17:45:07 +0000 |
commit | ad326895f54549250c2e345957b7a96f0c3dc538 (patch) | |
tree | cfdd6eafc78eeb67da8240c2cd0130a196ea695f /modules/puppet/templates | |
parent | dbc7a91fbc3943cb7f40c53decbc98b1a8ac2c9a (diff) | |
download | puppet-ad326895f54549250c2e345957b7a96f0c3dc538.tar puppet-ad326895f54549250c2e345957b7a96f0c3dc538.tar.gz puppet-ad326895f54549250c2e345957b7a96f0c3dc538.tar.bz2 puppet-ad326895f54549250c2e345957b7a96f0c3dc538.tar.xz puppet-ad326895f54549250c2e345957b7a96f0c3dc538.zip |
add apache configuration for the proxy ( ie, apache will serve static
file and take care of ssl negocation, and thin take care of the backend )
Diffstat (limited to 'modules/puppet/templates')
-rw-r--r-- | modules/puppet/templates/apache_proxy_vhost.conf | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/modules/puppet/templates/apache_proxy_vhost.conf b/modules/puppet/templates/apache_proxy_vhost.conf new file mode 100644 index 00000000..d1e797e2 --- /dev/null +++ b/modules/puppet/templates/apache_proxy_vhost.conf @@ -0,0 +1,43 @@ +ProxyRequests Off + +<Proxy balancer://puppet> +# TODO dynamically ajust that with a variable + BalancerMember http://127.0.0.1:18140 + BalancerMember http://127.0.0.1:18141 + BalancerMember http://127.0.0.1:18142 +</Proxy> + +<VirtualHost *:8140> + SSLEngine on + ServerName puppet.<%= domain %> + + ErrorLog /var/log/httpd/puppet_proxy.<%= domain %>.error.log + CustomLog /var/log/httpd/puppet_proxy.<%= domain %>.access.log + + SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA + + SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.<%= domain %>.pem + SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.<%= domain %>.pem + SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem + SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem + + SSLVerifyClient require + SSLVerifyDepth 1 + + SSLOptions +StdEnvVars + + RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e + RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e + + <Location /> + SetHandler balancer-manager + Order allow,deny + Allow from all + </Location> + + ProxyPass / balancer://puppet/ + ProxyPassReverse / balancer://puppet/ + ProxyPreserveHost on + +</VirtualHost> + |