05-pulp-https.conf - Katello - Foreman

Bug #16215 » 05-pulp-https.conf

Dylan Baars, 08/21/2016 05:56 PM

    
    # ************************************

    # Vhost template in module puppetlabs-apache

    # Managed by Puppet

    # ************************************

    <VirtualHost *:443>

      ServerName wellcapsuleext.niwa.co.nz

      ## Vhost docroot

      DocumentRoot "/usr/share/pulp/wsgi"

      ProxyPass /katello/api/repositories/ https://wellkatello.niwa.local/katello/api/repositories/

      <Location /katello/api/repositories/>

        ProxyPassReverse https://wellkatello.niwa.local/

      </Location>

      SSLProxyEngine On

      ## Alias declarations for resources outside the DocumentRoot

      Alias /pulp/static "/var/lib/pulp/static"

      ## Directories, there should at least be a declaration for /usr/share/pulp/wsgi

      <Files "webservices.wsgi">

        Require all granted

      </Files>

      <Directory "/usr/share/pulp/wsgi">

        AllowOverride None

        Require all granted

      </Directory>

      <Location "/pulp/static">

        Require all granted

      </Location>

      ## Logging

      ErrorLog "/var/log/httpd/pulp-https_error_ssl.log"

      ServerSignature Off

      CustomLog "/var/log/httpd/pulp-https_access_ssl.log" combined 

      ## Server aliases

      ServerAlias wellcapsuleext

      ## SSL directives

      SSLEngine on

      SSLCertificateFile      "/etc/pki/katello/certs/katello-apache.crt"

      SSLCertificateKeyFile   "/etc/pki/katello/private/katello-apache.key"

      SSLCACertificatePath    "/etc/pki/tls/certs"

      SSLCACertificateFile    "/etc/pki/katello/certs/katello-default-ca.crt"

      SSLProtocol              all -SSLv2

      SSLVerifyClient         optional

      SSLVerifyDepth          3

      SSLOptions +StdEnvVars +ExportCertData

      WSGIApplicationGroup pulp

      WSGIDaemonProcess pulp user=apache group=apache processes=3 display-name=%{GROUP}

      WSGIImportScript /usr/share/pulp/wsgi/webservices.wsgi application-group=pulp process-group=pulp

      WSGIProcessGroup pulp

      WSGIScriptAlias /pulp/api "/usr/share/pulp/wsgi/webservices.wsgi"

      WSGIPassAuthorization On

      ## Custom fragment

      # allow older yum clients to connect, see bz 647828

    SSLInsecureRenegotiation On

    KeepAlive On

    MaxKeepAliveRequests 10000

    SSLUsername SSL_CLIENT_S_DN_CN

      AddDefaultCharset UTF-8

    </VirtualHost>

« Previous
1
2
Next »

(1-1/2)

Project

General

Profile

Plugins » Katello

Bug #16215 » 05-pulp-https.conf