search for: setenvif

...ne off DocumentRoot /etc/puppet/rack/puppetmaster_8141/public/ RackBaseURI / <Directory /etc/puppet/rack/puppetmaster_8141/> PassengerEnabled on Options None AllowOverride None Order allow,deny allow from all </Directory> SetEnvIf X-SSL-Subject "(.*)" SSL_CLIENT_S_DN=$1 SetEnvIf X-Client-Verify "(.*)" SSL_CLIENT_VERIFY=$1 SetEnvIf X-Forwarded-For "(.*)" REMOTE_ADDR=$1 SetEnvIf X-Forwarded-Proto "https" HTTPS=1 SSLProxyEngine On # Proxy all requests that start with things like /produc...

How can I configure F5 load balancer to be infront of multiple puppet masters? The SSL will break as the server name if different, hostname of the VIP on the LB vs hostnames of each masters, right? Can you shed some light? Thanks. -- Hai Tao -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to

..._geoip from the Epel repository. It rejects all unwanted HTTP connections using 403 responses. Here's an example geoip.conf file, which is what I'm using: ---- <IfModule mod_geoip.c> GeoIPEnable On GeoIPDBFile /usr/share/GeoIP/GeoIP.dat MemoryCache GeoIPOutput Env # Proxies SetEnvIf GEOIP_COUNTRY_CODE A1 BlockCountry #Country blocks SetEnvIf GEOIP_COUNTRY_CODE TR BlockCountry SetEnvIf GEOIP_COUNTRY_CODE IR BlockCountry #... more countries using the two char country code </IfModule> ---- On C7 this file goes here /etc/httpd/conf.d/geoip.conf Make sure that /etc/httpd...

Hello, My home system on a DSL line is getting worn out by bad behavior robots. Awhile back, I created a .htaccess file that block countries by IP blocks. Its 2MB in size. I have been running Linux since Slackware 1.0 and moved to Redhat around 2.0. I started after running a BBS using a doorway for newsgroups. Been hooked ever since. So, today, I tried following the directions for

...den request: puppetclient.example(192.168.1.201) access to / catalog/puppetclient.example [find] at line 93 Here is the backend configuration: Listen 18140 <VirtualHost 192.168.1.100:18140> SSLEngine off # Obtain Authentication Information from Client Request Headers SetEnvIf X-Client-Verify "(.*)" SSL_CLIENT_VERIFY=$1 SetEnvIf X-SSL-Client-DN "(.*)" SSL_CLIENT_S_DN=$1 RackAutoDetect On DocumentRoot /usr/share/puppet/rack/puppetmaster_18140/public/ <Directory /usr/share/puppet/rack/puppetmaster_18140/>...

Hi, I would like to set up an additional puppet master but have the CA server handled by only 1 puppet master. I have set this up as per the documentation here: http://docs.puppetlabs.com/guides/scaling_multiple_masters.html I have configured my second puppet master as follows: [main] ... ca = false ca_server = puppet-master1.test.net I am using passenger so I am a bit confused how the

...cer://puppetmaster/ ProxyPassReverse / balancer://puppetmaster/ ProxyPreserveHost On </VirtualHost> Ant the back-end Puppet master: Listen 8140 <VirtualHost *:8140> SSLEngine off # Obtain Authentication Information from Client Request Headers SetEnvIf X-Client-Verify "(.*)" SSL_CLIENT_VERIFY=$1 SetEnvIf X-SSL-Client-DN "(.*)" SSL_CLIENT_S_DN=$1 RackAutoDetect On DocumentRoot /etc/puppet/rack/puppetmaster/public/ <Directory /etc/puppet/rack/puppetmaster/> Options None...

Puppet version: 2.7.14 Puppet master behind apache with mod_proxy load balancer. I am able to authenticate with the cert as per these headers: Accept: s X-SSL-Subject: /CN=puppetagent1.example.com X-Client-DN: /CN=puppetagent1.example.com X-Client-Verify: SUCCESS Any idea what this error means ? I share my ssl dir on the load balancer and the puppet master. -- You received this message

I am wondering how to manually (using openssl instead of puppet cert command) create CA that would be usable by Puppet? The goal would be to script creation of such CA''s to deploy them on multiple puppetmasters, instead of certificates being created on them via puppet cert command. Any ideas on how to do it? I was only able to find something like that:

...n_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="nvidia&quo...

....pid servers: 3 Then, I compiled Apache2.2. Here are my configure options: ./configure --prefix=/usr/local/apache2 --enable-modules=''alias asis auth_basic auth_digest authn_file authz_user autoindex access cgi cgid charset_lite dir env http imagemap include log_config mime negotiation setenvif status deflate info proxy proxy_balancer rewrite so headers'' Not too much, and static only... I don''t see how I could improve this... Now, here is my vhost config: <VirtualHost *> ServerName dedibox DocumentRoot /home/noe/cukv3/public <Directory "/home/no...

...n_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="sv_SE.UTF-8" USERLAND="GNU&quo...

Anyone have any idea how soon RHEL and CentOS will be releasing the patch package? Excerpt: Computerworld - Developers of the Apache open-source project today warned users of the popular Web server software that a denial-of-service (DoS) tool is circulating that exploits a bug in the program. The tool, called "Apache Killer," showed up last Friday in a post to the "Full

Hi. I''m using Apache2.2 built from source + mod-proxy + ssl + svn. Everything works fine but I''m sure you I could disable a ton of modules during the build process and in httpd.conf to speed things up and run a tighter memory footprint. Has anyone bothered building Apache2.2 from source disabling all the unneeded modules. I am planning on going through the Apache docs but I

I''ve seen a lot of issue regarding the stability of Rails apps. I''m charged with investigation of Rails for my company and I''ve looked at numerous fourms, groups, etc. (Textdrive, here, etc.) and it *seems* like there is a stability problem with Rails (ie: crashes, etc.) Is this as common as it looks, or is this tied to things like Lighttpd (web server) or Typo

Hi, We''re trying to follow the instructions at http://reductivelabs.com/trac/puppet/wiki/UsingMongrel (Just using a single puppetmaster/mongrel instance and plain mod_proxy for now, instead of balancer one) We got past the "Server is not a class" error by modifying mongrel.rb We also kind-of got past the: /opt/bin/puppetmasterd:293: undefined method `daemonize'' for

On Sun, Nov 07 2010 at 6:05pm -0500, Andi Kleen <andi@firstfloor.org> wrote: > On Sun, Nov 07, 2010 at 10:39:23PM +0100, Milan Broz wrote: > > On 11/07/2010 08:45 PM, Andi Kleen wrote: > > >> I read about barrier-problems and data getting to the partition when > > >> using dm-crypt and several layers so I don''t know if that could be > >