aboutsummaryrefslogtreecommitdiffstats
path: root/modules/puppet/templates/apache_proxy_vhost.conf
blob: 607998c426f26261b93def8d60a9d32f131a4d4e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

ProxyRequests Off

<Proxy balancer://puppet>
# TODO dynamically ajust that with a variable
    BalancerMember http://127.0.0.1:18140
    BalancerMember http://127.0.0.1:18141
    BalancerMember http://127.0.0.1:18142
</Proxy>

<VirtualHost *:8140>
    SSLEngine on
    ServerName puppet.<%= domain %>

    ErrorLog /var/log/httpd/puppet_proxy.<%= domain %>.error.log
    CustomLog /var/log/httpd/puppet_proxy.<%= domain %>.access.log

    SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA

    SSLCertificateFile    /var/lib/puppet/ssl/certs/puppet.<%= domain %>.pem
    SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.<%= domain %>.pem
    SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
    SSLCACertificateFile    /var/lib/puppet/ssl/ca/ca_crt.pem

    SSLVerifyClient require
    SSLVerifyDepth  1

    SSLOptions +StdEnvVars

    RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
    RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

    <Location />
       SetHandler balancer-manager
       Order allow,deny
       Allow from all
    </Location>

    ProxyPass / balancer://puppet/
    ProxyPassReverse / balancer://puppet/
    ProxyPreserveHost on

</VirtualHost>
generated by cgit v1.2.1 (git 2.21.0) at 2024-06-27 23:47:24 +0000