Project

General

Profile

settings.yml

Aaron Reed, 04/15/2015 03:35 PM

 
1
---
2
# SSL Setup
3
# If enabled, all communication would be verified via SSL
4
# NOTE that both certificates need to be signed by the same CA in order for this to work
5
# see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information
6
:https_port: 8443
7
:ssl_certificate: c:/foreman/config/ourcerts.crt
8
:ssl_ca_file: c:/foreman/config/ca.pem
9
:ssl_private_key: c:/foreman/config/ourcerts.key
10

    
11

    
12
# Hosts which the proxy accepts connections from
13
# commenting the following lines would mean every verified SSL connection allowed
14
# HTTPS: test the certificate CN
15
# HTTP: test the reverse DNS entry of the remote IP
16
#:trusted_hosts:
17
#- foreman.prod.domain
18
#- foreman.dev.domain
19
#to deny access to all hosts use:
20
:trusted_hosts: [ ourforemantserver.ourdomain.com]
21

    
22
# verify a DNS reverse lookup against it's forward lookup
23
# 1.1.1.1 -> foreman.mycompany.com -> 1.1.1.1
24
# (default: true)
25
#:forward_verify: true
26

    
27
#:foreman_url: http://127.0.0.1:3000
28

    
29
# SSL settings for client authentication against Foreman. If undefined, the values
30
# from general SSL options are used instead. Mainly useful when Foreman uses
31
# different certificates for its web UI and for smart-proxy requests.
32
#:foreman_ssl_ca: c:/ca.pem
33
#:foreman_ssl_cert: c:/xxxx.crt
34
#:foreman_ssl_key: c:/xxxx.key
35

    
36
# by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting
37
:daemon: false
38
# Only used when 'daemon' is set to true.
39
# Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid'
40
#:daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid
41

    
42
# host and ports configuration
43
# host to bind ports to (possible values: *, localhost, 0.0.0.0)
44
#:bind_host: '*'
45
# http is disabled by default. To enable, uncomment 'http_port' setting
46
#:http_port: 8000
47
# https is enabled if certificate, CA certificate, and private key are present in locations specifed by
48
# ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly
49
# default values for https_port is 8443
50
#:https_port: 8443
51

    
52
# Shared options for virsh DNS/DHCP provider
53
# :virsh_network: default
54

    
55
# Log configuration
56
# Uncomment and modify if you want to change the location of the log file or use STDOUT
57
:log_file: c:/foreman/tmp/proxy.log
58
# Uncomment and modify if you want to change the log level
59
# WARN, DEBUG, ERROR, FATAL, INFO, UNKNOWN
60
:log_level: DEBUG