1 |
ProxyRequests Off |
2 |
|
3 |
<Proxy balancer://puppet> |
4 |
# TODO dynamically ajust that with a variable |
5 |
BalancerMember http://127.0.0.1:18140 |
6 |
BalancerMember http://127.0.0.1:18141 |
7 |
BalancerMember http://127.0.0.1:18142 |
8 |
</Proxy> |
9 |
|
10 |
<VirtualHost *:8140> |
11 |
SSLEngine on |
12 |
ServerName puppet.<%= domain %> |
13 |
|
14 |
ErrorLog /var/log/httpd/puppet_proxy.<%= domain %>.error.log |
15 |
CustomLog /var/log/httpd/puppet_proxy.<%= domain %>.access.log |
16 |
|
17 |
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA |
18 |
|
19 |
SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.<%= domain %>.pem |
20 |
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.<%= domain %>.pem |
21 |
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem |
22 |
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem |
23 |
|
24 |
SSLVerifyClient require |
25 |
SSLVerifyDepth 1 |
26 |
|
27 |
SSLOptions +StdEnvVars |
28 |
|
29 |
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e |
30 |
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e |
31 |
|
32 |
<Location /> |
33 |
SetHandler balancer-manager |
34 |
Order allow,deny |
35 |
Allow from all |
36 |
</Location> |
37 |
|
38 |
ProxyPass / balancer://puppet/ |
39 |
ProxyPassReverse / balancer://puppet/ |
40 |
ProxyPreserveHost on |
41 |
|
42 |
</VirtualHost> |
43 |
|