Mark Bergsma has submitted this change and it was merged.
Change subject: Setup NGINX for HTTPS on the Varnish servers
......................................................................
Setup NGINX for HTTPS on the Varnish servers
Change-Id: Ia9fafa19250510f1a4681571e175595931a1cf62
---
M manifests/role/cache.pp
1 file changed, 20 insertions(+), 0 deletions(-)
Approvals:
Mark Bergsma: Looks good to me, approved
jenkins-bot: Verified
diff --git a/manifests/role/cache.pp b/manifests/role/cache.pp
index 24c5c35..46de642 100644
--- a/manifests/role/cache.pp
+++ b/manifests/role/cache.pp
@@ -772,6 +772,26 @@
include misc::monitoring::htcp-loss
}
}
+
+ class ssl::text {
+ include certificates::wmf_ca, role::protoproxy::ssl::common,
protoproxy::ganglia
+
+ # Assumes that LVS service IPs are setup elsewhere
+
+ # Nagios monitoring
+ monitor_service { "https":
+ description => "HTTPS",
+ check_command => "check_ssl_cert!*.wikimedia.org",
+ }
+
+ install_certificate { 'unified.wikimedia.org': }
+
+ protoproxy::localssl { 'text':
+ proxy_server_cert_name => 'unified.wikimedia.org',
+ upstream_port => '80',
+ enabled => true
+ }
+ }
class text {
--
To view, visit https://gerrit.wikimedia.org/r/75601
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Ia9fafa19250510f1a4681571e175595931a1cf62
Gerrit-PatchSet: 8
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Mark Bergsma <[email protected]>
Gerrit-Reviewer: Mark Bergsma <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
