Settings¶

The configuration for the smart-proxy is held in the config/settings.yml file.

---
# SSL Setup

The existance of all three ssl key entries enables the use of SSL connections.
p>
NOTE that both client certificates need to be signed by the same CA, which must be in the ca_file, in order for this to work
see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information

:ssl_certificate: ssl/certs/fqdn.pem
:ssl_ca_file: ssl/certs/ca.pem
:ssl_private_key: ssl/private_keys/fqdn.key

# the hosts which the proxy accepts connections from # commenting the following lines would mean every verified SSL connection allowed
:trusted_hosts:
- foreman.prod.domain
- foreman.dev.domain

1. enable the daemon to run in the background
   :daemon: true

1. port used by the proxy
   :port: 8443

1. Enable TFTP management
   :tftp: true
   :tftproot: /tmp/tftpboot

1. Enable DNS management
   :dns: true
   :dns_key: /home/proxy/keys/Kapi.+157+47848.private

1. Enable DHCP management
   :dhcp: true
2. The vendor can be either isc or native_ms
   :dhcp_vendor: isc
3. Settings for Ubuntu ISC
   #:dhcp_config: /etc/dhcp3/dhcpd.conf
   #:dhcp_leases: /var/lib/dhcp3/dhcpd.leases
4. Settings for Redhat ISC
   :dhcp_config: etc/dhcpd.conf
   :dhcp_leases: etc/dhcpd.leases

1. enable PuppetCA management
   #:puppetca: true

1. enable Puppet management
   #:puppet: true

1. Where our proxy log files are stored
2. filename or STDOUT
   :log_file: /tmp/proxy.log
3. valid options are
4. Logger::WARN, Logger::DEBUG, Logger::Error, Logger::Fatal, Logger:INFO, LOGGER::UNKNOWN
   #:log_level: Logger::DEBUG