Displaying 6 results from an estimated 6 matches for "proxypassmatch".
2012 Dec 17
1
multiple puppet masters
...ine:
LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18
PassengerRuby /usr/bin/ruby
<Proxy balancer://puppet_ca>
BalancerMember http://puppet-master1.test.net:8140
</Proxy>
ProxyPassMatch ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppet_ca/
ProxyPassReverse ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppet_ca/
Listen 8140
<VirtualHost *:8140>
SSLEngine on
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLCertific...
2013 Aug 22
1
ssl ofloading on amazon ELB for puppetmasters
...ot; SSL_CLIENT_S_DN=$1
SetEnvIf X-Client-Verify "(.*)" SSL_CLIENT_VERIFY=$1
SetEnvIf X-Forwarded-For "(.*)" REMOTE_ADDR=$1
SetEnvIf X-Forwarded-Proto "https" HTTPS=1
SSLProxyEngine On
# Proxy all requests that start with things like /production/certificate to
the CA
ProxyPassMatch ^/([^/]+/certificate.*)$ https://puppetlb.aws.*.co.nz:8141/$1
Errorlog /var/log/httpd/puppetmaster.error.log
CustomLog /var/log/httpd/puppetmaster.access.log combined
</VirtualHost>
puppetca
Listen 8140
<VirtualHost *:8140>
SSLEngine off
# Obtain Authentica...
2011 Mar 26
2
Verify tomcat config
...To implement the correct behaviour, I came up with this
conf.d fragment:
<LocationMatch ".*WEB-INF.*">
AllowOverride None
deny from all
</LocationMatch>
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost on
ProxyPassMatch ^(.*\.jsp)$ ajp://localhost:8009/$1
The second bit was much harder to figure out - point tomcat to httpd's
DocumentRoot. I came up with the following snippet: use the included
/etc/tomcat/server-minimal.xml as server.xml and make the following change:
--- server-minimal.xml 2010-10-11 00:1...
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
...imaryCA server and
the non CA requests to the puppetmaster running on the localhost.
I had read in the Pro puppet book that this can be done in Apache with
the following directives.
# Ordering of ProxyPass directives is important
# Direct all Puppet agent CA requests to a specific set of workers.
ProxyPassMatch ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppetmasterca
ProxyPassReverse ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppetmasterca
# Direct all other Puppet agent requests to the default set of
workers.
ProxyPass / balancer://puppetmaster/
ProxyPassReverse / balancer://puppetmaster/
ProxyPreserveHo...
2018 Apr 02
4
multi-site SSL certificates
I'm handling mail for several domains, let's call them a.com, b.com,
and c.com. I have certificates for each of these domains individually
via certbot (letsencrypt) and nginx is happy with all of that.
Since I initially configured the site to handle mail only for a.com,
my /etc/postfix/main.cf file currently has these two lines:
smtpd_tls_cert_file =
2011 Dec 16
12
Seperate CA's/Master behind load balancer
...lt;/Location>
# Optional status
ProxyStatus On
# Don''t load balance requests to the status page
ProxyPass /balancer-manager !
ProxyPass /server-status !
# Ordering of ProxyPass directives is important
# Direct all Puppet Agent CA requests to a specific set of workers.
ProxyPassMatch ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppet_ca/
ProxyPassReverse ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppet_ca/
# Direct all other Puppet Agent requests to the default set of
workers.
ProxyPass / balancer://puppetmaster/
ProxyPassReverse / balancer://puppetmaster/
ProxyPreserv...