blob: 607998c426f26261b93def8d60a9d32f131a4d4e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
ProxyRequests Off
<Proxy balancer://puppet>
# TODO dynamically ajust that with a variable
BalancerMember http://127.0.0.1:18140
BalancerMember http://127.0.0.1:18141
BalancerMember http://127.0.0.1:18142
</Proxy>
<VirtualHost *:8140>
SSLEngine on
ServerName puppet.<%= domain %>
ErrorLog /var/log/httpd/puppet_proxy.<%= domain %>.error.log
CustomLog /var/log/httpd/puppet_proxy.<%= domain %>.access.log
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.<%= domain %>.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.<%= domain %>.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StdEnvVars
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
<Location />
SetHandler balancer-manager
Order allow,deny
Allow from all
</Location>
ProxyPass / balancer://puppet/
ProxyPassReverse / balancer://puppet/
ProxyPreserveHost on
</VirtualHost>
|