From 811b0de8aaa759409d5583fb656a4ebeb99f32ed Mon Sep 17 00:00:00 2001
From: Philipp Dallig <philipp.dallig@pixelpark.com>
Date: Tue, 26 Jul 2016 10:57:55 +0200
Subject: [PATCH] pixelpark - disable puppetmaster via mod passenger

---
 .../puppetmaster01.pixelpark.com.yaml         | 81 +++++++++----------
 1 file changed, 40 insertions(+), 41 deletions(-)

diff --git a/customer/pixelpark/puppetmaster01.pixelpark.com.yaml b/customer/pixelpark/puppetmaster01.pixelpark.com.yaml
index eb951860..14ab5798 100644
--- a/customer/pixelpark/puppetmaster01.pixelpark.com.yaml
+++ b/customer/pixelpark/puppetmaster01.pixelpark.com.yaml
@@ -1,12 +1,11 @@
 ---
 site::role: base
 site::additional_classes:
-#  - apache
-#  - site::profile::apache
+  - site::profile::apache
 #  - apache::mod::passenger
   - pp_mcollective
   - site::profile::mcollective::common
-  - repo::redhat::passenger
+#  - repo::redhat::passenger
 
 accounts::users:
   jenkins:
@@ -19,12 +18,12 @@ pp_mcollective::server: false
 
 
 apache::mpm_module: worker
-apache::mod::passenger::passenger_max_pool_size: 32
-apache::mod::passenger::passenger_pool_idle_time: 600
-apache::mod::passenger::passenger_max_requests: 10000
-apache::mod::passenger::passenger_high_performance: 'On'
-apache::mod::passenger::passenger_ruby: /usr/bin/ruby
-apache::mod::passenger::passenger_root: /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini
+#apache::mod::passenger::passenger_max_pool_size: 32
+#apache::mod::passenger::passenger_pool_idle_time: 600
+#apache::mod::passenger::passenger_max_requests: 10000
+#apache::mod::passenger::passenger_high_performance: 'On'
+#apache::mod::passenger::passenger_ruby: /usr/bin/ruby
+#apache::mod::passenger::passenger_root: /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini
 
 site::profile::apache::vhosts:
   rewrite:
@@ -52,35 +51,35 @@ site::profile::apache::vhosts:
         addhandlers:
           handler: cgi-script
           extensions: '.py'
-  puppetmaster:
-    servername: puppetmaster.pixelpark.com
-    serveraliases:
-      - puppetmaster01.pixelpark.com
-    docroot: /usr/share/puppet/rack/puppetmasterd/public
-    passenger_min_instances: 4
-    port: 8140
-    ssl: true
-    ssl_protocol: "ALL -SSLv2 -SSLv3"
-    ssl_cipher: "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA"
-    ssl_options: "+StdEnvVars +ExportCertData"
-    ssl_verify_client: "optional"
-    ssl_verify_depth: 1
-    ssl_crl: "/var/lib/puppet/ssl/ca/ca_crl.pem"
-    ssl_crl_check: chain
-    ssl_ca: "/var/lib/puppet/ssl/ca/ca_crt.pem"
-    ssl_chain: "/var/lib/puppet/ssl/ca/ca_crt.pem"
-    ssl_key: "/var/lib/puppet/ssl/private_keys/puppetmaster01.pixelpark.com.pem"
-    ssl_cert: "/var/lib/puppet/ssl/certs/puppetmaster01.pixelpark.com.pem"
-    request_headers:
-      - "unset X-Forwarded-For"
-      - "set X-SSL-Subject %%{ich-trickse}{SSL_CLIENT_S_DN}e"
-      - "set X-Client-DN %%{ich-trickse}{SSL_CLIENT_S_DN}e"
-      - "set X-Client-Verify %%{ich-trickse}{SSL_CLIENT_VERIFY}e"
-    directories:
-      - directory1:
-        provider: directory
-        path: '/usr/share/puppet/rack/puppetmasterd'
-        options:
-          - None
-        allow_override:
-          - None
+#  puppetmaster:
+#    servername: puppetmaster.pixelpark.com
+#    serveraliases:
+#      - puppetmaster01.pixelpark.com
+#    docroot: /usr/share/puppet/rack/puppetmasterd/public
+#    passenger_min_instances: 4
+#    port: 8140
+#    ssl: true
+#    ssl_protocol: "ALL -SSLv2 -SSLv3"
+#    ssl_cipher: "EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA"
+#    ssl_options: "+StdEnvVars +ExportCertData"
+#    ssl_verify_client: "optional"
+#    ssl_verify_depth: 1
+#    ssl_crl: "/var/lib/puppet/ssl/ca/ca_crl.pem"
+#    ssl_crl_check: chain
+#    ssl_ca: "/var/lib/puppet/ssl/ca/ca_crt.pem"
+#    ssl_chain: "/var/lib/puppet/ssl/ca/ca_crt.pem"
+#    ssl_key: "/var/lib/puppet/ssl/private_keys/puppetmaster01.pixelpark.com.pem"
+#    ssl_cert: "/var/lib/puppet/ssl/certs/puppetmaster01.pixelpark.com.pem"
+#    request_headers:
+#      - "unset X-Forwarded-For"
+#      - "set X-SSL-Subject %%{ich-trickse}{SSL_CLIENT_S_DN}e"
+#      - "set X-Client-DN %%{ich-trickse}{SSL_CLIENT_S_DN}e"
+#      - "set X-Client-Verify %%{ich-trickse}{SSL_CLIENT_VERIFY}e"
+#    directories:
+#      - directory1:
+#        provider: directory
+#        path: '/usr/share/puppet/rack/puppetmasterd'
+#        options:
+#          - None
+#        allow_override:
+#          - None
-- 
2.39.5