# ************************************ # Vhost template in module puppetlabs-apache # Managed by Puppet # ************************************ ServerName wellcapsuleext.niwa.co.nz ## Vhost docroot DocumentRoot "/usr/share/pulp/wsgi" ProxyPass /katello/api/repositories/ https://wellkatello.niwa.local/katello/api/repositories/ ProxyPassReverse https://wellkatello.niwa.local/ SSLProxyEngine On ## Alias declarations for resources outside the DocumentRoot Alias /pulp/static "/var/lib/pulp/static" ## Directories, there should at least be a declaration for /usr/share/pulp/wsgi Require all granted AllowOverride None Require all granted Require all granted ## Logging ErrorLog "/var/log/httpd/pulp-https_error_ssl.log" ServerSignature Off CustomLog "/var/log/httpd/pulp-https_access_ssl.log" combined ## Server aliases ServerAlias wellcapsuleext ## SSL directives SSLEngine on SSLCertificateFile "/etc/pki/katello/certs/katello-apache.crt" SSLCertificateKeyFile "/etc/pki/katello/private/katello-apache.key" SSLCACertificatePath "/etc/pki/tls/certs" SSLCACertificateFile "/etc/pki/katello/certs/katello-default-ca.crt" SSLProtocol all -SSLv2 SSLVerifyClient optional SSLVerifyDepth 3 SSLOptions +StdEnvVars +ExportCertData WSGIApplicationGroup pulp WSGIDaemonProcess pulp user=apache group=apache processes=3 display-name=%{GROUP} WSGIImportScript /usr/share/pulp/wsgi/webservices.wsgi application-group=pulp process-group=pulp WSGIProcessGroup pulp WSGIScriptAlias /pulp/api "/usr/share/pulp/wsgi/webservices.wsgi" WSGIPassAuthorization On ## Custom fragment # allow older yum clients to connect, see bz 647828 SSLInsecureRenegotiation On KeepAlive On MaxKeepAliveRequests 10000 SSLUsername SSL_CLIENT_S_DN_CN AddDefaultCharset UTF-8