Конфигурационный файл для nginx + passenger 5 + puppetmaster
Пример конфигурационного файла для nginx + passenger 5 для работы puppet master сервера.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
server { listen 8140 ssl; server_name puppet; passenger_enabled on; passenger_env_var PATH /usr/local/sbin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin; passenger_set_header X-Client-DN $ssl_client_s_dn; passenger_set_header X-Client-Verify $ssl_client_verify; passenger_set_header X-SSL-SUBJECT $ssl_client_s_dn; passenger_set_header X-SSL-CLIENT-CERT $ssl_client_cert; root /etc/puppet/rack/public; access_log /var/log/nginx/puppet_access.log; error_log /var/log/nginx/puppet_error.log; ssl_certificate /var/lib/puppet/ssl/certs/puppet.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/puppet.pem; ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem; ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_verify_client optional; ssl_verify_depth 1; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; } |