1
# performance settings, from http://reductivelabs.com/trac/puppet/wiki/UsingPassenger
3
# Set to 5 min (300 seconds) or less. The shorting this option allows for
4
# puppetmasterd to get refreshed at some interval. This option is also
5
# somewhat dependent upon the amount of puppetd nodes connecting and at what
7
PassengerPoolIdleTime 300
9
# to 15% more instances than what's needed. This will allow idle
10
# puppetmasterd to get recycled. The net effect is less memory will be used,
12
PassengerMaxPoolSize 15
14
# Since communication with the puppetmaster from puppetd is a long process
15
# (more than 20 seconds in most cases) and will allow for processes to get
17
PassengerUseGlobalQueue on
19
# The additional Passenger features for apache compatibility are not needed
21
PassengerHighPerformance on
23
# Whether Passenger should automatically detect whether a virtual host’s
24
# document root is a Rack application. The default is on. Because
25
# RackBaseURI is set, this does not need to be on
28
# Whether Phusion Passenger should automatically detect whether a virtual
29
# host’s document root is a Ruby on Rails application. The default is on.
36
SSLProtocol -ALL +SSLv3 +TLSv1
37
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
39
SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppetmaster.example.com.pem
40
SSLCertificateFile /var/lib/puppet/ssl/certs/puppetmaster.example.com.pem
41
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
42
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
43
# If Apache complains about invalid signatures on the CRL, you can try disabling
44
# CRL checking by commenting the next line, but this is not recommended.
45
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
46
SSLVerifyClient optional
48
SSLOptions +StdEnvVars
50
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public
52
<Directory /usr/share/puppet/rack/puppetmasterd/>