Revision 1c9ad023
Added by Ivan Necas about 10 years ago
manifests/params.pp | ||
---|---|---|
# comes from and can find the rigth secret. This way only one key-secret pair
|
||
# is needed to be mainained for duplex communication.
|
||
$foreman_oauth_key = 'foreman'
|
||
$oauth_token_file = 'oauth_token-file'
|
||
$oauth_token_file = 'katello_oauth_secret'
|
||
$oauth_secret = cache_data($oauth_token_file, random_password(32))
|
||
|
||
$post_sync_token_file = '/etc/katello/post_sync_token'
|
templates/etc/httpd/conf.d/05-foreman-ssl.d/katello.conf.erb | ||
---|---|---|
Options +FollowSymLinks +Indexes
|
||
</Location>
|
||
|
||
<Location /subscription>
|
||
RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
|
||
SSLVerifyClient optional
|
||
SSLRenegBufferSize 16777216
|
||
SSLVerifyDepth 2
|
||
</Location>
|
||
|
||
<Location /katello/api>
|
||
# client certs support (old rhsm clients)
|
||
<LocationMatch /subscription|/katello/api>
|
||
RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
|
||
SSLVerifyClient optional
|
||
SSLRenegBufferSize 16777216
|
||
... | ... | |
# report to CLI and RHSM nicely when Katello is down
|
||
ErrorDocument 500 '{"displayMessage": "Internal error, contact administrator", "errors": ["Internal error, contact administrator"], "status": "500" }'
|
||
ErrorDocument 503 '{"displayMessage": "Service unavailable or restarting, try later", "errors": ["Service unavailable or restarting, try later"], "status": "503" }'
|
||
</Location>
|
||
</LocationMatch>
|
Also available in: Unified diff
Refs #5423 - minor changes to support capsule installer
Did some refactoring of apache configuration as part of the updates