File: apache2.conf

package info (click to toggle)
puppet 2.6.2-5%2Bsqueeze9
  • links: PTS, VCS
  • area: main
  • in suites: squeeze
  • size: 13,728 kB
  • ctags: 8,726
  • sloc: ruby: 110,196; sh: 934; lisp: 263; xml: 122; sql: 103; makefile: 90; python: 84
file content (59 lines) | stat: -rw-r--r-- 2,318 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# performance settings, from http://reductivelabs.com/trac/puppet/wiki/UsingPassenger

# Set to 5 min (300 seconds) or less. The shorting this option allows for
# puppetmasterd to get refreshed at some interval. This option is also
# somewhat dependent upon the amount of puppetd nodes connecting and at what
# interval.
PassengerPoolIdleTime 300

# to 15% more instances than what's needed. This will allow idle
# puppetmasterd to get recycled. The net effect is less memory will be used,
# not more.
PassengerMaxPoolSize 15

# Since communication with the puppetmaster from puppetd is a long process
# (more than 20 seconds in most cases) and will allow for processes to get
# recycled better
PassengerUseGlobalQueue on

# The additional Passenger features for apache compatibility are not needed
# with Puppet.
PassengerHighPerformance on

# Whether Passenger should automatically detect whether a virtual host’s
# document root is a Rack application. The default is on. Because
# RackBaseURI is set, this does not need to be on
RackAutoDetect Off

# Whether Phusion Passenger should automatically detect whether a virtual
# host’s document root is a Ruby on Rails application. The default is on.
RailsAutoDetect Off

Listen 8140

<VirtualHost *:8140>
        SSLEngine on
        SSLProtocol -ALL +SSLv3 +TLSv1
        SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

	SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppetmaster.example.com.pem
    	SSLCertificateFile /var/lib/puppet/ssl/certs/puppetmaster.example.com.pem
    	SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
        SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
        # If Apache complains about invalid signatures on the CRL, you can try disabling
        # CRL checking by commenting the next line, but this is not recommended.
        SSLCARevocationFile     /var/lib/puppet/ssl/ca/ca_crl.pem
        SSLVerifyClient optional
        SSLVerifyDepth  1
        SSLOptions +StdEnvVars

        DocumentRoot /usr/share/puppet/rack/puppetmasterd/public
        RackBaseURI /
        <Directory /usr/share/puppet/rack/puppetmasterd/>
                Options None
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
</VirtualHost>