Displaying 20 results from an estimated 1000 matches similar to: "slight security problem"
2009 Jul 21
2
Toward a simple Nginx configuration for Puppet Mongrel
Hi,
I''ve created two Nginx patches (see at the end of this message) to allow
a simpler Nginx configuration for your Mongrel puppetmasters.
The two main issues with Nginx in front of puppet were:
* no CRL support
* no optional certificate verification (and thus we''re forced to have
two separate configs on two different ports, and to use --ca_port).
Now, it is as simple as
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
Hi All,
I am setting up puppetmaster with nginx and passenger and separating
the Puppetmaster primary CA server. I have 3 host
loadbalancer01 - Nginx doing LB on IP address and also running
puppetmaster with passenger under 127.0.0.1 (port 8140).
primaryca - Puppetmaster Primary CA
pclient - Puppet Client
The did the following steps:
On Primary CA server:
----------------------------
cd
2016 Jul 27
2
Proxy
Thank you all.
Except from the buffering it was the fact that I used "localhost" instead of
127.0.0.1 in the proxy_pass.
Now my configuration is:
location /stream1/ {
proxy_buffering off;
proxy_ignore_client_abort off;
proxy_intercept_errors on;
proxy_next_upstream error timeout invalid_header;
2010 Jun 08
4
Nginx/Mongrel Could not retrieve catalog from remote server: Error 403 on SERVER
It works well when I use webrick. The config of nginx is from puppet
wiki, some logs is below, what''s wrong?
puppet version:0.25.4
client:
...
...
debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/
var/lib/puppet/ssl/certs]
debug: /File[/var/lib/puppet/state/state.yaml]: Changing mode
debug: /File[/var/lib/puppet/state/state.yaml]: 1 change(s)
debug:
2012 Feb 06
1
Puppet / Passenger SSL Problems with DRBD
I am working on setting up a Puppet configuration where some of the
data is stored on a DRBD volume. The modules and vardir are stored on
the drbd volume. The puppet.conf files point to the drbd volume for
vardir. I created a cert for a VIP puppet-master using the puppetca --
create command
I had everything working on the primary drbd node, but when I fail
over, everything starts up fine, but I
2016 Jul 27
0
Proxy
We've tested this as working relatively well, disable buffering is the major
key if I recall. Otherwise the NGINX server loads up data before handing off
to the client.
server {
listen 80;
server_name my_dns_name.tldn;
location / {
proxy_buffering off;
proxy_ignore_client_abort off;
proxy_intercept_errors on;
2013 Feb 13
2
SSL config in puppet.conf in v3.0x
Hi,
Does this still apply in puppet 3.0.2 in the puppet.conf file on the puppet
master?
[puppetmasterd]
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
If yes, is puppetmasterd correct or should it be something else, like
[main] or [master]?
Cheers,
Oli
--
You received this message because you are subscribed to the Google Groups "Puppet
2014 Aug 29
0
Using puppet with Apache mod_disk_cache and passenger over SSL
I have tried to setup Apache with passenger to host the puppetmaster but I
also want to cache. I have no problems running puppet within Passenger with
httpd. I also enabled mod_disk_cache within Apache. However, I still see my
puppet client htting the puppetmaster and the puppetmaster compiles the
manifest every time. In /var/cache/mod_cache, I can see that the data was
properly cached.
2013 Sep 23
0
400 bad request
Hi,
Im using nginx and rails for my site which contains url with georgian
letters ie განცხადებები so something like
http://gancxadebebi.ge/ka/%E1%83%92%E1%83%90%E1%83%9C%E1%83%AA%E1%83%AE%E1%83%90%E1%83%93%E1%83%94%E1%83%91%E1%83%94%E1%83%91%E1%83%98
It is mainly working perfectly but sometimes I receive request with
truncated url ie
1 -
2007 Dec 16
2
mongrel and reverse proxy security
Hi,
It seems that webrick cannot handle too much client and that luke is
making mongrel the ''default'' server to use so i wanted to switch to
mongrel. Then i read that i cannot use directly mongrel like webrick
because it does not speak SSL.
So my issue is : how to be sure things stay secure in the way that the
proxy should be the one speaking ssl and making client ssl
2006 Nov 01
8
Nginx, Mongrel, Proxy and REMOTE_ADDR
I''m using a cluster of mongrels behind an apache 1.3 proxy pass. I''ve
been passing the request to pen, which in turn balances the cluster of
mongrels. Now, I''d like to be able to use a different server to send
the static files created by the rails application, so I tried to
replace pen with nginx. Everything seems to work fine except the
environment variable REMOTE_ADDR.
2009 Sep 07
2
passenger-status error messages
I am getting all these messages when run `passenger-status''. Do I need
to worry about this?
I am using passenger 2.2.2 with puppet 0.24.8 and apache2 on ubuntu
9.04. I installed it using
the wiki http://reductivelabs.com/trac/puppet/wiki/UsingPassenger
Thread ''Main thread'':
in ''int Server::start()'' (ApplicationPoolServerExecutable.cpp:553)
2012 Dec 06
2
pasenger does not start puppet master under nginx
On the server
[root@bangvmpllDA02 logs]# ruby -v
ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux]
[root@bangvmpllDA02 logs]# puppet --version
3.0.1
and
[root@bangvmpllDA02 logs]# service nginx configtest
nginx: the configuration file /apps/nginx/nginx.conf syntax is ok
nginx: configuration file /apps/nginx/nginx.conf test is successful
[root@bangvmpllDA02 logs]# service nginx status
2013 Jul 23
3
Debugging Puppetmaster with Apache/Rack/Passenger
Hi,
I''m currently trying to debug a performance issue I''m having. Therefore I
would need "DEBUG" output. When using one puppetmaster process, this is
fairly easy by starting it like this:
> puppet master --no-daemonize --debug
Now I need to see this debug output when running puppetmaster the way I
ususally do - using Apache/Rack/Passenger. After looking
2007 Nov 21
6
mod_proxy_balancer under heavy load.
So I''m still working on a ''perfect'' setup so I can document it on the wiki,
and will submit some puppet patches against 0.23.2 next week, but here''s
what I''ve done that has made a big difference to stability here.
in puppetmasterd at line 261, I''ve modified the Mongrel instantiation from:
server = Mongrel::HttpServer.new(addr,
2009 Sep 21
1
redirect
Hi,
I have an Nginx http proxy server with SSL. What I want to do is:
If a client that has a certificate is trying to access the server's
address, he is to be redirected to our production server, to certain URL.
If a client doesn't have a certificate, he is to be redirected to the
same production server, but a different URL.
The problem is that if the client doesn't have a
2009 Feb 10
3
something wrong with mongrel?
Hi all,
I''ve followed http://reductivelabs.com/trac/puppet/wiki/UsingMongrel
for configuring my puppet with mongrel.
Al seems to work fine, except that, after a reinstall of 40 nodes atone
time, I got many kind of errors like:
-------------------------------------------------------------------------
err: Could not request certificate: Certificate retrieval failed: .tmp
file already
2008 Jul 06
1
ActionView::Base.field_error_proc not getting an error field
In my User form I have standard field to get user record attributes
(first_name, last_name and email)
I also have a select drop_down to choose a role from an array
first_name, last_name and email are user record attributes, but I
defined the role name as a virtual attribute
validates_presence_of :email, :last_name
attr_accessor :role_name
validates_presence_of :role_name, :if
=>
2011 Jun 29
0
Setting up puppetmaster-passenger on Debian
I am at the end of my rope here so I pray to the gods that
puppet-users can help.
Using Debian apt-get install puppetmaster-passenger you get a fairly
complete puppetmaster setup. I have the Pro Puppet book next to me and
following Chapter 4 on setting up Puppet with Passenger I can see that
apt has already done most of the ground work.
For example the config.ru script is owned by puppet,
2008 Feb 01
0
find_with_ferret and HABTM assocs
Could you be more specific about what is not working?
-- Are your association methods between Role and User being set up
correctly? (If not, make sure your statement is
"has_and_belongs_to_many", and not "hasandbelongstomany".)
-- Are you storing the data for role_name in the index? If so, can
you see it there?
I''m not familiar with the find_with_ferret