Revision 1c9ad023
Added by Ivan Necas about 10 years ago
| manifests/params.pp | ||
|---|---|---|
|
# comes from and can find the rigth secret. This way only one key-secret pair
|
||
|
# is needed to be mainained for duplex communication.
|
||
|
$foreman_oauth_key = 'foreman'
|
||
|
$oauth_token_file = 'oauth_token-file'
|
||
|
$oauth_token_file = 'katello_oauth_secret'
|
||
|
$oauth_secret = cache_data($oauth_token_file, random_password(32))
|
||
|
|
||
|
$post_sync_token_file = '/etc/katello/post_sync_token'
|
||
| templates/etc/httpd/conf.d/05-foreman-ssl.d/katello.conf.erb | ||
|---|---|---|
|
Options +FollowSymLinks +Indexes
|
||
|
</Location>
|
||
|
|
||
|
<Location /subscription>
|
||
|
RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
|
||
|
SSLVerifyClient optional
|
||
|
SSLRenegBufferSize 16777216
|
||
|
SSLVerifyDepth 2
|
||
|
</Location>
|
||
|
|
||
|
<Location /katello/api>
|
||
|
# client certs support (old rhsm clients)
|
||
|
<LocationMatch /subscription|/katello/api>
|
||
|
RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"
|
||
|
SSLVerifyClient optional
|
||
|
SSLRenegBufferSize 16777216
|
||
| ... | ... | |
|
# report to CLI and RHSM nicely when Katello is down
|
||
|
ErrorDocument 500 '{"displayMessage": "Internal error, contact administrator", "errors": ["Internal error, contact administrator"], "status": "500" }'
|
||
|
ErrorDocument 503 '{"displayMessage": "Service unavailable or restarting, try later", "errors": ["Service unavailable or restarting, try later"], "status": "503" }'
|
||
|
</Location>
|
||
|
</LocationMatch>
|
||
Also available in: Unified diff
Refs #5423 - minor changes to support capsule installer
Did some refactoring of apache configuration as part of the updates