API tools faq
paste
Guest User

elementai

a guest
Apr 9th, 2009
56
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.17 KB | None | 0 0
raw download clone embed print report
  1. user nginx nginx;
  2. worker_processes 1;
  3.  
  4. error_log /var/log/nginx/error_log info;
  5.  
  6. events {
  7. worker_connections 8192;
  8. use epoll;
  9. }
  10.  
  11. http {
  12. include /etc/nginx/mime.types;
  13. default_type application/octet-stream;
  14.  
  15. log_format main
  16. '$remote_addr - $remote_user [$time_local] '
  17. '"$request" $status $bytes_sent '
  18. '"$http_referer" "$http_user_agent" '
  19. '"$gzip_ratio"';
  20.  
  21. client_header_timeout 10m;
  22. client_body_timeout 10m;
  23. send_timeout 10m;
  24. keepalive_timeout 65;
  25.  
  26.  
  27. connection_pool_size 256;
  28. client_header_buffer_size 1k;
  29. large_client_header_buffers 4 2k;
  30. request_pool_size 4k;
  31.  
  32. gzip on;
  33. gzip_min_length 1100;
  34. gzip_buffers 4 8k;
  35. gzip_types text/plain;
  36.  
  37. output_buffers 1 32k;
  38. postpone_output 1460;
  39.  
  40. sendfile on;
  41. tcp_nopush on;
  42. tcp_nodelay on;
  43.  
  44. ssl on;
  45. ssl_certificate /var/lib/puppet/ssl/certs/puppet.corbina.net.pem;
  46. ssl_certificate_key /var/lib/puppet/ssl/private_keys/puppet.corbina.net.pem;
  47. ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem;
  48. ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
  49. ssl_session_cache shared:SSL:8m;
  50. ssl_session_timeout 5m;
  51.  
  52.  
  53. upstream mongrel {
  54. server 85.21.78.126:3000;
  55. server 85.21.78.126:3001;
  56. server 85.21.78.126:3002;
  57. }
  58.  
  59. upstream puppet-production {
  60. server 127.0.0.1:18140;
  61. }
  62.  
  63.  
  64. ignore_invalid_headers on;
  65.  
  66. index index.html;
  67.  
  68. server {
  69. listen 80;
  70. ssl off;
  71. server_name puppet.corbina.net;
  72.  
  73. access_log /var/log/nginx/puppet.access_log main;
  74. error_log /var/log/nginx/puppet.error_log info;
  75.  
  76. root /var/www/localhost/htdocs;
  77.  
  78. location / {
  79. proxy_pass http://mongrel;
  80. }
  81. }
  82.  
  83.  
  84. server {
  85. listen 8140;
  86. ssl on;
  87. ssl_verify_client on;
  88. root /var/empty;
  89.  
  90. access_log /var/log/nginx/puppetmaster-production.ssl_access_log main;
  91. error_log /var/log/nginx/puppetmaster-production.ssl_error_log info;
  92.  
  93. location / {
  94. proxy_pass http://puppet-production;
  95.  
  96. proxy_redirect off;
  97. proxy_set_header Host $host;
  98. proxy_set_header X-Real-IP $remote_addr;
  99. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  100.  
  101. proxy_set_header X-Client-Verify SUCCESS;
  102. proxy_set_header X-SSL-Subject $ssl_client_s_dn;
  103. proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
  104.  
  105. proxy_read_timeout 65;
  106. }
  107.  
  108. }
  109.  
  110. server {
  111. listen 8141;
  112. ssl on;
  113. ssl_verify_client off;
  114. root /var/empty;
  115. access_log on;
  116. rewrite_log on;
  117.  
  118. location / {
  119. proxy_pass http://puppet-production;
  120.  
  121. proxy_redirect off;
  122. proxy_set_header Host $host;
  123. proxy_set_header X-Real-IP $remote_addr;
  124. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  125.  
  126.  
  127. proxy_set_header X-Client-Verify FAILURE;
  128. proxy_set_header X-SSL-Subject $ssl_client_s_dn;
  129. proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
  130. proxy_read_timeout 65;
  131. }
  132. }
  133.  
  134. }
  135.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!