thr3ads.net - Ovirt devel - [Ovirt-devel] [PATCH server] Change server http config to use https instead of http [Feb 2009]

If this information is useful, please help other people find it:
Share via:

Steve Linabery

2009-Feb-20 05:05 UTC

[Ovirt-devel] [PATCH server] Change server http config to use https instead of http

---
 conf/ovirt-server.conf                     |   16 ++++++++++++++--
 installer/modules/ovirt/manifests/ovirt.pp |    7 +++++++
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/conf/ovirt-server.conf b/conf/ovirt-server.conf
index 7ab77b4..0e3340c 100644
--- a/conf/ovirt-server.conf
+++ b/conf/ovirt-server.conf
@@ -1,5 +1,17 @@
-NameVirtualHost *:80
-<VirtualHost *:80>
+NameVirtualHost 192.168.50.2:443
+<VirtualHost 192.168.50.2:443>
+
+RequestHeader set X_FORWARDED_PROTO 'https'
+
+ErrorLog /etc/httpd/logs/error_log
+TransferLog /etc/httpd/logs/access_log
+LogLevel warn
+NSSEngine on
+NSSCipherSuite
+rsa_rc4_128_md5,+rsa_rc4_128_sha,+rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha
+NSSProtocol SSLv3,TLSv1
+NSSNickname Server-Cert
+NSSCertificateDatabase /etc/httpd/alias
+
 ProxyRequests Off
 
 <ProxyMatch ^.*/ovirt/login.*$>
diff --git a/installer/modules/ovirt/manifests/ovirt.pp
b/installer/modules/ovirt/manifests/ovirt.pp
index c81b6f2..793d202 100644
--- a/installer/modules/ovirt/manifests/ovirt.pp
+++ b/installer/modules/ovirt/manifests/ovirt.pp
@@ -20,6 +20,13 @@
 
 class ovirt::setup {
 
+	file_replacement{"ovirt_httpd_config_change":
+	        file => "/etc/httpd/conf.d/ovirt-server.conf",
+	        pattern => "192\.168\.50\.2",
+	        replacement => "$mgmt_ipaddr",
+		require => Package[ovirt-server]
+        }
+
         package {"ovirt-server":
 		ensure => installed,
 		require => Single_exec[set_pw_expiration]
-- 
1.6.0.6

Steve Linabery

2009-Feb-20 05:32 UTC

head link

[Ovirt-devel] Re: [PATCH server] Change server http config to use https instead of http

On Thu, Feb 19, 2009 at 11:05:28PM -0600, Steve Linabery
wrote:> ---
>  conf/ovirt-server.conf                     |   16 ++++++++++++++--
>  installer/modules/ovirt/manifests/ovirt.pp |    7 +++++++
>  2 files changed, 21 insertions(+), 2 deletions(-)
I'm particularly interested in having someone with a kerberized client test
the ipa ui. Thanks!

Steve

Ovirt devel - Feb 2009 - [PATCH server] Change server http config to use https instead of http

[Ovirt-devel] [PATCH server] Change server http config to use https instead of http

[Ovirt-devel] Re: [PATCH server] Change server http config to use https instead of http