Puppet Class: pulp::child::apache
- Defined in:
- manifests/child/apache.pp
Overview
Define an Apache config for a Pulp node deployment
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'manifests/child/apache.pp', line 3
class pulp::child::apache (
$servername = $facts['networking']['fqdn'],
$ssl_cert = $pulp::child::ssl_cert,
$ssl_key = $pulp::child::ssl_key,
$ssl_ca = $pulp::https_ca_cert,
$max_keep_alive = $pulp::max_keep_alive,
$ssl_username = $pulp::ssl_username,
) {
include apache
if $ssl_username and !empty($ssl_username) {
$directories = {
'path' => '/pulp/api',
'provider' => 'Location',
'custom_fragment' => "SSLUsername ${ssl_username}",
}
} else {
$directories = undef
}
if $ssl_ca {
$_ssl_ca = $ssl_ca
} elsif $pulp::ca_cert {
$_ssl_ca = $pulp::ca_cert
} else {
$_ssl_ca = $pulp::child::server_ca_cert
}
apache::vhost { 'pulp-node-ssl':
servername => $servername,
docroot => '/var/www/html',
port => 443,
priority => '25',
keepalive => 'on',
max_keepalive_requests => $max_keep_alive,
directories => $directories,
ssl => true,
ssl_cert => $ssl_cert,
ssl_key => $ssl_key,
ssl_ca => $_ssl_ca,
ssl_certs_dir => '',
ssl_verify_client => 'optional',
ssl_options => '+StdEnvVars',
ssl_verify_depth => '3',
# allow older yum clients to connect, see bz 647828
custom_fragment => 'SSLInsecureRenegotiation On',
}
}
|