Revision 06bc94b2
Added by Greg Sutcliffe about 12 years ago
| templates/server/post-receive.erb | ||
|---|---|---|
|
require 'fileutils'
|
||
|
|
||
|
# Set this to where you want to keep your environments
|
||
|
ENVIRONMENT_BASEDIR = "<%= scope.lookupvar("puppet::params::envs_dir") %>"
|
||
|
ENVIRONMENT_BASEDIR = "<%= scope.lookupvar("puppet::server::envs_dir") %>"
|
||
|
|
||
|
# post-receive hooks set GIT_DIR to the current repository. If you want to
|
||
|
# clone from a non-local repository, set this to the URL of the repository,
|
||
| templates/server/puppet-vhost.conf.erb | ||
|---|---|---|
|
|
||
|
SSLEngine on
|
||
|
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
|
||
|
SSLCertificateFile <%= scope.lookupvar("puppet::params::ssl_dir") %>/certs/<%= fqdn %>.pem
|
||
|
SSLCertificateKeyFile <%= scope.lookupvar("puppet::params::ssl_dir") %>/private_keys/<%= fqdn %>.pem
|
||
|
<% unless scope.lookupvar("puppet::params::ca") %> -%>
|
||
|
SSLCACertificateFile <%= scope.lookupvar("puppet::params::ssl_dir") %>/certs/ca.pem
|
||
|
SSLCertificateFile <%= scope.lookupvar("puppet::server::ssl_dir") %>/certs/<%= fqdn %>.pem
|
||
|
SSLCertificateKeyFile <%= scope.lookupvar("puppet::server::ssl_dir") %>/private_keys/<%= fqdn %>.pem
|
||
|
<% unless scope.lookupvar("puppet::server::ca") %> -%>
|
||
|
SSLCACertificateFile <%= scope.lookupvar("puppet::server::ssl_dir") %>/certs/ca.pem
|
||
|
<% else -%>
|
||
|
SSLCertificateChainFile <%= scope.lookupvar("puppet::params::ssl_dir") %>/ca/ca_crt.pem
|
||
|
SSLCACertificateFile <%= scope.lookupvar("puppet::params::ssl_dir") %>/ca/ca_crt.pem
|
||
|
SSLCertificateChainFile <%= scope.lookupvar("puppet::server::ssl_dir") %>/ca/ca_crt.pem
|
||
|
SSLCACertificateFile <%= scope.lookupvar("puppet::server::ssl_dir") %>/ca/ca_crt.pem
|
||
|
# CRL checking should be enabled; if you have problems with Apache complaining about the CRL, disable the next line
|
||
|
# SSLCARevocationFile <%= scope.lookupvar("puppet::params::ssl_dir") %>/ca/ca_crl.pem
|
||
|
# SSLCARevocationFile <%= scope.lookupvar("puppet::server::ssl_dir") %>/ca/ca_crl.pem
|
||
|
<% end -%>
|
||
|
SSLVerifyClient optional
|
||
|
SSLVerifyDepth 1
|
||
| ... | ... | |
|
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
|
||
|
|
||
|
RackAutoDetect On
|
||
|
DocumentRoot <%= scope.lookupvar("puppet::params::app_root") %>/public/
|
||
|
<Directory <%= scope.lookupvar("puppet::params::app_root") %>>
|
||
|
DocumentRoot <%= scope.lookupvar("puppet::server::app_root") %>/public/
|
||
|
<Directory <%= scope.lookupvar("puppet::server::app_root") %>>
|
||
|
Options None
|
||
|
AllowOverride None
|
||
|
Order allow,deny
|
||
| templates/server/puppet.conf.erb | ||
|---|---|---|
|
reports = foreman
|
||
|
external_nodes = /etc/puppet/node.rb
|
||
|
node_terminus = exec
|
||
|
<% if scope.lookupvar("puppet::params::git_repo") -%>
|
||
|
manifest = <%= scope.lookupvar("puppet::params::envs_dir") %>/$environment/manifests/site.pp
|
||
|
modulepath = <%= scope.lookupvar("puppet::params::envs_dir") %>/$environment/modules
|
||
|
<% if scope.lookupvar("puppet::server::git_repo") -%>
|
||
|
manifest = <%= scope.lookupvar("puppet::server::envs_dir") %>/$environment/manifests/site.pp
|
||
|
modulepath = <%= scope.lookupvar("puppet::server::envs_dir") %>/$environment/modules
|
||
|
<% else -%>
|
||
|
<% scope.lookupvar("puppet::params::environments").each do |env| -%>
|
||
|
<% scope.lookupvar("puppet::server::environments").each do |env| -%>
|
||
|
[<%= env %>]
|
||
|
modulepath = <%= scope.lookupvar("puppet::params::modules_path") %>/<%= env %>:<%= scope.lookupvar("puppet::params::common_modules_path") %>
|
||
|
modulepath = <%= scope.lookupvar("puppet::server::modules_path") %>/<%= env %>:<%= scope.lookupvar("puppet::server::common_modules_path") %>
|
||
|
<% end -%>
|
||
|
<% end -%>
|
||
Also available in: Unified diff
Fix parameter names for new parameterized server class