Hey, I just tried to install puppet/puppetmaster/passenger on squeeze, and it worked perfectly. Since squeeze is already frozen, I consider using it as okey. :-)
Packages to install: * puppetmaster * libapache2-mod-passenger Apache modules to enable: a2enmod headers a2enmod ssl I had to change config.ru to use master instead of puppetmasterd, see the following Debian bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=593557 /usr/share/puppet/rack/puppetmasterd/config.ru: # a config.ru, for use with every rack-compatible webserver. # SSL needs to be handled outside this, though. # if puppet is not in your RUBYLIB: # $:.unshift('/opt/puppet/lib') $0 = "puppetmasterd" require 'puppet' # if you want debugging: # ARGV << "--debug" ARGV << "--rack" require 'puppet/application/master' # we're usually running inside a Rack::Builder.new {} block, # therefore we need to call run *here*. run Puppet::Application[:master].run Disabled my puppetmaster (/etc/defaults/puppetmaster): # Defaults for puppetmaster - sourced by /etc/init.d/puppetmaster # Start puppetmaster on boot? If you are using passenger, you should # have this set to "no" START=no The following represents my puppet configuration (/etc/puppet/puppet.conf) [main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter templatedir=$confdir/templates [master] certname=puppet.ono.at ssl_client_header=SSL_CLIENT_S_DN ssl_client_verify_header=SSL_CLIENT_VERIFY And below goes my Apache configuration: ## Puppetmaster Configuration ## Passenger Limits PassengerHighPerformance on PassengerMaxPoolSize 12 PassengerPoolIdleTime 1500 # PassengerMaxRequests 1000 PassengerStatThrottleRate 120 RackAutoDetect Off RailsAutoDetect Off Listen 8140 <VirtualHost *:8140> ServerName puppet.ono.at SSLEngine on SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.ono.at.pem SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.ono.at.pem SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem ## CRL checking should be enabled; if you have problems with ## Apache complaining about the CRL, disable the next line SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars ## The following client headers allow the same configuration ## to work with Pound. RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e RackAutoDetect On DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/ <Directory /usr/share/puppet/rack/puppetmasterd/> Options None AllowOverride None Order allow,deny allow from all </Directory> </VirtualHost> After everything is in place, restart apache and open up a web browser to test whether everything is working: https://puppet:8140 If everything is working you should see a line saying: "The environment must be purely alphanumeric, not ''" Regards, Stefan. On Sep 8, 2010, at 19:17 , Mathias Gug wrote: > Hi, > > Excerpts from Martin Willemsma's message of Wed Sep 08 04:43:21 -0400 2010: > >> 2010/9/8 FreddieB <[email protected]> >> >>> I'm testing Puppet 2.6 and got all the basic stuff working with the >>> default webricks. I read that it doesn't scale very well and is not >>> suited for production environments and the recommended setup is Apache/ >>> Passenger. >>> >>> Is there a step-by-step-guide on how to set it up? >>> >> >> There is detailed information regarding puppetmaster using passenger/apache >> on centos and ubuntu >> >> http://projects.reductivelabs.com/projects/puppet/wiki/Using_Passenger >> > > You may wanna give a try to the puppetmaster-passenger package available > in Ubuntu Maverick and Debian experimental. The package will > automatically setup everything for you. > > -- > Mathias Gug > Ubuntu Developer http://www.ubuntu.com > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- Stefan Schlesinger ////////////////////////////////////////// /////// [email protected] +43.676.4911123 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
