Puppet - passenger: Difference between revisions
From ICO wiki
Jump to navigationJump to search
(13 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=Sissejuhatus= | |||
Seadistame puppetmasteri teenuse kasutamaks passenger moodulit ja apache2 veebiserverit. Näidetes on kasutatud puppetmasteri nime puppet.planet.zz | |||
=Tarkvara paigaldamine= | =Tarkvara paigaldamine= | ||
Line 16: | Line 20: | ||
sudo mkdir -p /usr/share/puppet/rack/puppetmasterd | sudo mkdir -p /usr/share/puppet/rack/puppetmasterd | ||
sudo mkdir /usr/share/puppet/rack/puppetmasterd/public /usr/share/puppet/rack/puppetmasterd/tmp | sudo mkdir /usr/share/puppet/rack/puppetmasterd/public /usr/share/puppet/rack/puppetmasterd/tmp | ||
sudo cp /usr/share/puppet/ext/rack | sudo cp /usr/share/puppet/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/ | ||
sudo chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru | |||
</source> | |||
Peatame puppet teenuse ja keelame automaatse käivituse alglaadimisel | |||
<source lang="bash"> | |||
sudo service puppetmaster stop | |||
sudo update-rc.d -f puppetmaster remove | |||
service apache2 restart | service apache2 restart | ||
Line 23: | Line 36: | ||
=Apache konfigureerimine= | =Apache konfigureerimine= | ||
Loome uue SSL konfi /etc/apache2/sites-available/puppet.planet.zz alljärgneva sisuga: | |||
Faili sisu | |||
<source lang="apache"> | <source lang="apache"> | ||
LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-4.0. | <IfModule mod_ssl.c> | ||
PassengerRoot /var/lib/gems/1.8/gems/passenger-4.0. | |||
PassengerDefaultRuby /usr/bin/ruby1.8 | LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-4.0.37/buildout/apache2/mod_passenger.so | ||
<IfModule mod_passenger.c> | |||
PassengerRoot /var/lib/gems/1.8/gems/passenger-4.0.37 | |||
PassengerDefaultRuby /usr/bin/ruby1.8 | |||
</IfModule> | |||
# you probably want to tune these settings | |||
PassengerHighPerformance on | |||
PassengerMaxPoolSize 12 | |||
PassengerPoolIdleTime 1500 | |||
# PassengerMaxRequests 1000 | |||
PassengerStatThrottleRate 120 | |||
#RackAutoDetect Off | |||
#RailsAutoDetect Off | |||
NameVirtualhost *:8140 | |||
Listen 8140 | |||
<VirtualHost *:8140> | |||
ServerAdmin webmaster@localhost | |||
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ | |||
RackBaseURI / | |||
<Directory /usr/share/puppet/rack/puppetmasterd/> | |||
Options None | |||
AllowOverride None | |||
Order allow,deny | |||
allow from all | |||
</Directory> | |||
ErrorLog ${APACHE_LOG_DIR}/ssl_error.log | |||
LogLevel warn | |||
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined | |||
SSLEngine on | |||
SSLProtocol -ALL +SSLv3 +TLSv1 | |||
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP | |||
SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.planet.zz.pem | |||
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.planet.zz.pem | |||
SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem | |||
SSLCACertificateFile /var/lib/puppet/ssl/certs/ca.pem | |||
SSLCARevocationFile /var/lib/puppet/ssl/crl.pem | |||
SSLOptions +StdEnvVars +ExportCertData | |||
SSLVerifyClient optional | |||
SSLVerifyDepth 1 | |||
RequestHeader unset X-Forwarded-For | |||
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e | |||
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e | |||
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e | |||
</VirtualHost> | |||
</IfModule> | |||
</source> | </source> | ||
Lubame virtualhosti puppet.planet.zz | |||
<source lang="bash"> | <source lang="bash"> | ||
a2ensite puppet.planet.zz | |||
</source> | </source> | ||
Taaskäivitage veebiserver | |||
<source lang="bash"> | <source lang="bash"> | ||
service apache2 restart | |||
</source> | </source> | ||
Testimiseks mine lehele: https://puppet.planet.zz:8140/ | |||
Kui kuvatakse: | |||
<pre> | |||
The environment must be purely alphanumeric, not '' | |||
</pre> | |||
Siis on keskkond seadistatud. |
Latest revision as of 13:01, 30 January 2014
Sissejuhatus
Seadistame puppetmasteri teenuse kasutamaks passenger moodulit ja apache2 veebiserverit. Näidetes on kasutatud puppetmasteri nime puppet.planet.zz
Tarkvara paigaldamine
sudo apt-get install apache2 ruby1.8-dev rubygems
sudo a2enmod ssl
sudo a2enmod headers
sudo service apache2 restart
sudo gem install rack passenger
sudo apt-get install libcurl4-openssl-dev
sudo apt-get install apache2-threaded-dev
sudo apt-get install zlib1g-dev
sudo apt-get install libapr1-dev
sudo apt-get install libaprutil1-dev
sudo apt-get install apache2-threaded-dev
sudo passenger-install-apache2-module
sudo mkdir -p /usr/share/puppet/rack/puppetmasterd
sudo mkdir /usr/share/puppet/rack/puppetmasterd/public /usr/share/puppet/rack/puppetmasterd/tmp
sudo cp /usr/share/puppet/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/
sudo chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru
Peatame puppet teenuse ja keelame automaatse käivituse alglaadimisel
sudo service puppetmaster stop
sudo update-rc.d -f puppetmaster remove
service apache2 restart
Apache konfigureerimine
Loome uue SSL konfi /etc/apache2/sites-available/puppet.planet.zz alljärgneva sisuga:
Faili sisu
<IfModule mod_ssl.c>
LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-4.0.37/buildout/apache2/mod_passenger.so
<IfModule mod_passenger.c>
PassengerRoot /var/lib/gems/1.8/gems/passenger-4.0.37
PassengerDefaultRuby /usr/bin/ruby1.8
</IfModule>
# you probably want to tune these settings
PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
# PassengerMaxRequests 1000
PassengerStatThrottleRate 120
#RackAutoDetect Off
#RailsAutoDetect Off
NameVirtualhost *:8140
Listen 8140
<VirtualHost *:8140>
ServerAdmin webmaster@localhost
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
RackBaseURI /
<Directory /usr/share/puppet/rack/puppetmasterd/>
Options None
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/ssl_error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
SSLEngine on
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.planet.zz.pem
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.planet.zz.pem
SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem
SSLCACertificateFile /var/lib/puppet/ssl/certs/ca.pem
SSLCARevocationFile /var/lib/puppet/ssl/crl.pem
SSLOptions +StdEnvVars +ExportCertData
SSLVerifyClient optional
SSLVerifyDepth 1
RequestHeader unset X-Forwarded-For
RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
</VirtualHost>
</IfModule>
Lubame virtualhosti puppet.planet.zz
a2ensite puppet.planet.zz
Taaskäivitage veebiserver
service apache2 restart
Testimiseks mine lehele: https://puppet.planet.zz:8140/
Kui kuvatakse:
The environment must be purely alphanumeric, not ''
Siis on keskkond seadistatud.