Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- somedude@util01.aws ~ $ cat /etc/apache2/mods-enabled/passenger3.conf
- # PUPPETHEADER: This file is owned by Puppet.
- PassengerRoot /home/deploy/.rvm/gems/ruby-1.8.7-p330/gems/passenger-2.2.15
- PassengerRuby /home/deploy/.rvm/wrappers/ruby-1.8.7-p330/ruby
- PassengerMaxPoolSize 6
- PassengerMaxRequests 10000
- PassengerStatThrottleRate 10
- somedude@util01.aws ~ $ cat /etc/apache2/mods-enabled/passenger3.load
- # PUPPETHEADER: This file is owned by Puppet.
- LoadModule passenger_module /home/deploy/.rvm/gems/ruby-1.8.7-p330/gems/passenger-2.2.15/ext/apache2/mod_passenger.so
- somedude@util01.aws ~ $ cat /etc/apache2/sites-enabled/00_puppet.mydomain.com
- Listen 8140
- <VirtualHost *:8140>
- # logging
- CustomLog /var/log/apache2/puppet.mydomain.com-access.log combined
- ErrorLog /var/log/apache2/puppet.mydomain.com-error.log
- # logging settings
- LogLevel crit
- SSLEngine on
- SSLProtocol -ALL +SSLv3 +TLSv1
- SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
- SSLCertificateFile /home/deploy/puppet/var/ssl/certs/puppet.mydomain.com.pem
- SSLCertificateKeyFile /home/deploy/puppet/var/ssl/private_keys/puppet.mydomain.com.pem
- SSLCertificateChainFile /home/deploy/puppet/var/ssl/certs/ca.pem
- SSLCACertificateFile /home/deploy/puppet/var/ssl/certs/ca.pem
- SSLCARevocationFile /home/deploy/puppet/var/ssl/ca/ca_crl.pem
- SSLVerifyClient optional
- SSLVerifyDepth 1
- SSLOptions +StdEnvVars
- DocumentRoot /home/deploy/puppet/rack/public
- RackBaseURI /
- <Directory /home/deploy/puppet/rack/public>
- Options None
- AllowOverride None
- Order allow,deny
- allow from all
- </Directory>
- </VirtualHost>
- somedude@util01.aws ~ $ cat /home/deploy/puppet/puppet.conf
- [main]
- confdir=/home/deploy/puppet/etc
- logdir=/home/deploy/puppet/logs
- vardir=/home/deploy/puppet/var
- ssldir=$vardir/ssl
- rundir=/home/deploy/puppet/run
- factpath=$vardir/lib/facter
- templatedir=$confdir/templates
- [puppetmasterd]
- # These are needed when the puppetmaster is run by passenger
- # and can safely be removed if webrick is used.
- ssl_client_header = SSL_CLIENT_S_DN
- ssl_client_verify_header = SSL_CLIENT_VERIFY
- # certnames
- certname=puppet.mydomain.com
- certdnsnames=puppet
- manifest=$confdir/manifests/site.pp
- # database config
- storeconfigs = true
- dbadapter = mysql
- dbuser = puppetry
- dbpassword = IamaPassword
- dbserver = localhost
- downcasefacts = true
- reports = store,log,foreman
- somedude@util01.aws ~ $ cat /home/deploy/puppet/rack/config.ru
- # a config.ru, for use with every rack-compatible webserver.
- # SSL needs to be handled outside this, though.
- # if puppet is not in your RUBYLIB:
- # $:.unshift('/opt/puppet/lib')
- $0 = "puppetmasterd"
- require 'puppet'
- # if you want debugging:
- # ARGV << "--debug"
- ARGV << "--rack"
- ARGV << "--config=/home/deploy/puppet/puppet.conf"
- require 'puppet/application/puppetmasterd'
- # we're usually running inside a Rack::Builder.new {} block,
- # therefore we need to call run *here*.
- run Puppet::Application[:puppetmasterd].run
Add Comment
Please, Sign In to add comment