similar to: slight security problem

Hi, I''ve created two Nginx patches (see at the end of this message) to allow a simpler Nginx configuration for your Mongrel puppetmasters. The two main issues with Nginx in front of puppet were: * no CRL support * no optional certificate verification (and thus we''re forced to have two separate configs on two different ports, and to use --ca_port). Now, it is as simple as

Hi All, I am setting up puppetmaster with nginx and passenger and separating the Puppetmaster primary CA server. I have 3 host loadbalancer01 - Nginx doing LB on IP address and also running puppetmaster with passenger under 127.0.0.1 (port 8140). primaryca - Puppetmaster Primary CA pclient - Puppet Client The did the following steps: On Primary CA server: ---------------------------- cd

Thank you all. Except from the buffering it was the fact that I used "localhost" instead of 127.0.0.1 in the proxy_pass. Now my configuration is: location /stream1/ { proxy_buffering off; proxy_ignore_client_abort off; proxy_intercept_errors on; proxy_next_upstream error timeout invalid_header;

It works well when I use webrick. The config of nginx is from puppet wiki, some logs is below, what''s wrong? puppet version:0.25.4 client: ... ... debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/ var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/state/state.yaml]: Changing mode debug: /File[/var/lib/puppet/state/state.yaml]: 1 change(s) debug:

I am working on setting up a Puppet configuration where some of the data is stored on a DRBD volume. The modules and vardir are stored on the drbd volume. The puppet.conf files point to the drbd volume for vardir. I created a cert for a VIP puppet-master using the puppetca -- create command I had everything working on the primary drbd node, but when I fail over, everything starts up fine, but I

We've tested this as working relatively well, disable buffering is the major key if I recall. Otherwise the NGINX server loads up data before handing off to the client. server { listen 80; server_name my_dns_name.tldn; location / { proxy_buffering off; proxy_ignore_client_abort off; proxy_intercept_errors on;

Hi, Does this still apply in puppet 3.0.2 in the puppet.conf file on the puppet master? [puppetmasterd] ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY If yes, is puppetmasterd correct or should it be something else, like [main] or [master]? Cheers, Oli -- You received this message because you are subscribed to the Google Groups "Puppet

I have tried to setup Apache with passenger to host the puppetmaster but I also want to cache. I have no problems running puppet within Passenger with httpd. I also enabled mod_disk_cache within Apache. However, I still see my puppet client htting the puppetmaster and the puppetmaster compiles the manifest every time. In /var/cache/mod_cache, I can see that the data was properly cached.

Hi, Im using nginx and rails for my site which contains url with georgian letters ie განცხადებები so something like http://gancxadebebi.ge/ka/%E1%83%92%E1%83%90%E1%83%9C%E1%83%AA%E1%83%AE%E1%83%90%E1%83%93%E1%83%94%E1%83%91%E1%83%94%E1%83%91%E1%83%98 It is mainly working perfectly but sometimes I receive request with truncated url ie 1 -

Hi, It seems that webrick cannot handle too much client and that luke is making mongrel the ''default'' server to use so i wanted to switch to mongrel. Then i read that i cannot use directly mongrel like webrick because it does not speak SSL. So my issue is : how to be sure things stay secure in the way that the proxy should be the one speaking ssl and making client ssl

I''m using a cluster of mongrels behind an apache 1.3 proxy pass. I''ve been passing the request to pen, which in turn balances the cluster of mongrels. Now, I''d like to be able to use a different server to send the static files created by the rails application, so I tried to replace pen with nginx. Everything seems to work fine except the environment variable REMOTE_ADDR.

I am getting all these messages when run `passenger-status''. Do I need to worry about this? I am using passenger 2.2.2 with puppet 0.24.8 and apache2 on ubuntu 9.04. I installed it using the wiki http://reductivelabs.com/trac/puppet/wiki/UsingPassenger Thread ''Main thread'': in ''int Server::start()'' (ApplicationPoolServerExecutable.cpp:553)

On the server [root@bangvmpllDA02 logs]# ruby -v ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux] [root@bangvmpllDA02 logs]# puppet --version 3.0.1 and [root@bangvmpllDA02 logs]# service nginx configtest nginx: the configuration file /apps/nginx/nginx.conf syntax is ok nginx: configuration file /apps/nginx/nginx.conf test is successful [root@bangvmpllDA02 logs]# service nginx status

Hi, I''m currently trying to debug a performance issue I''m having. Therefore I would need "DEBUG" output. When using one puppetmaster process, this is fairly easy by starting it like this: > puppet master --no-daemonize --debug Now I need to see this debug output when running puppetmaster the way I ususally do - using Apache/Rack/Passenger. After looking

So I''m still working on a ''perfect'' setup so I can document it on the wiki, and will submit some puppet patches against 0.23.2 next week, but here''s what I''ve done that has made a big difference to stability here. in puppetmasterd at line 261, I''ve modified the Mongrel instantiation from: server = Mongrel::HttpServer.new(addr,

Hi, I have an Nginx http proxy server with SSL. What I want to do is: If a client that has a certificate is trying to access the server's address, he is to be redirected to our production server, to certain URL. If a client doesn't have a certificate, he is to be redirected to the same production server, but a different URL. The problem is that if the client doesn't have a

Hi all, I''ve followed http://reductivelabs.com/trac/puppet/wiki/UsingMongrel for configuring my puppet with mongrel. Al seems to work fine, except that, after a reinstall of 40 nodes atone time, I got many kind of errors like: ------------------------------------------------------------------------- err: Could not request certificate: Certificate retrieval failed: .tmp file already

In my User form I have standard field to get user record attributes (first_name, last_name and email) I also have a select drop_down to choose a role from an array first_name, last_name and email are user record attributes, but I defined the role name as a virtual attribute validates_presence_of :email, :last_name attr_accessor :role_name validates_presence_of :role_name, :if =>

I am at the end of my rope here so I pray to the gods that puppet-users can help. Using Debian apt-get install puppetmaster-passenger you get a fairly complete puppetmaster setup. I have the Pro Puppet book next to me and following Chapter 4 on setting up Puppet with Passenger I can see that apt has already done most of the ground work. For example the config.ru script is owned by puppet,

Could you be more specific about what is not working? -- Are your association methods between Role and User being set up correctly? (If not, make sure your statement is "has_and_belongs_to_many", and not "hasandbelongstomany".) -- Are you storing the data for role_name in the index? If so, can you see it there? I''m not familiar with the find_with_ferret