Puppet - passenger

From ICO wiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Sissejuhatus

Seadistame puppetmasteri teenuse kasutamaks passenger moodulit ja apache2 veebiserverit. Näidetes on kasutatud puppetmasteri nime puppet.planet.zz


Tarkvara paigaldamine

sudo apt-get install apache2 ruby1.8-dev rubygems
sudo a2enmod ssl
sudo a2enmod headers
sudo service apache2 restart
sudo gem install rack passenger
sudo apt-get install libcurl4-openssl-dev
sudo apt-get install apache2-threaded-dev
sudo apt-get install zlib1g-dev
sudo apt-get install libapr1-dev
sudo apt-get install libaprutil1-dev
sudo apt-get install apache2-threaded-dev
sudo passenger-install-apache2-module
sudo mkdir -p /usr/share/puppet/rack/puppetmasterd
sudo mkdir /usr/share/puppet/rack/puppetmasterd/public /usr/share/puppet/rack/puppetmasterd/tmp
sudo cp /usr/share/puppet/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/
sudo chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru

Peatame puppet teenuse ja keelame automaatse käivituse alglaadimisel 


sudo service puppetmaster stop
sudo update-rc.d -f puppetmaster remove
service apache2 restart

Apache konfigureerimine

Loome uue SSL konfi /etc/apache2/sites-available/puppet.planet.zz alljärgneva sisuga:

Faili sisu 

<IfModule mod_ssl.c>

LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-4.0.37/buildout/apache2/mod_passenger.so
<IfModule mod_passenger.c>
 PassengerRoot /var/lib/gems/1.8/gems/passenger-4.0.37
 PassengerDefaultRuby /usr/bin/ruby1.8
</IfModule>


# you probably want to tune these settings
PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
# PassengerMaxRequests 1000
PassengerStatThrottleRate 120
#RackAutoDetect Off
#RailsAutoDetect Off

NameVirtualhost *:8140
Listen 8140

<VirtualHost *:8140>
	ServerAdmin webmaster@localhost
        DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
        RackBaseURI /
        <Directory /usr/share/puppet/rack/puppetmasterd/>
                Options None
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

	ErrorLog ${APACHE_LOG_DIR}/ssl_error.log
	LogLevel warn
	CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

	SSLEngine on
	SSLProtocol -ALL +SSLv3 +TLSv1
        SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
        SSLCertificateFile      /var/lib/puppet/ssl/certs/puppet.planet.zz.pem
        SSLCertificateKeyFile   /var/lib/puppet/ssl/private_keys/puppet.planet.zz.pem

	SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem
	SSLCACertificateFile    /var/lib/puppet/ssl/certs/ca.pem
	SSLCARevocationFile     /var/lib/puppet/ssl/crl.pem

	SSLOptions +StdEnvVars +ExportCertData

        SSLVerifyClient optional

        SSLVerifyDepth  1

        RequestHeader unset X-Forwarded-For

        RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
        RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
        RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

</VirtualHost>
</IfModule>

Lubame virtualhosti puppet.planet.zz 

a2ensite puppet.planet.zz

Taaskäivitage veebiserver 

service apache2 restart


Testimiseks mine lehele: https://puppet.planet.zz:8140/

Kui kuvatakse: 

The environment must be purely alphanumeric, not ''

Siis on keskkond seadistatud.

Retrieved from "https://wiki.itcollege.ee/index.php?title=Puppet_-_passenger&oldid=74957"