|
---
|
|
# SSL Setup
|
|
# If enabled, all communication would be verified via SSL
|
|
# NOTE that both certificates need to be signed by the same CA in order for this to work
|
|
# see http://theforeman.org/projects/smart-proxy/wiki/SSL for more information
|
|
:https_port: 8443
|
|
:ssl_certificate: c:/foreman/config/ourcerts.crt
|
|
:ssl_ca_file: c:/foreman/config/ca.pem
|
|
:ssl_private_key: c:/foreman/config/ourcerts.key
|
|
|
|
|
|
# Hosts which the proxy accepts connections from
|
|
# commenting the following lines would mean every verified SSL connection allowed
|
|
# HTTPS: test the certificate CN
|
|
# HTTP: test the reverse DNS entry of the remote IP
|
|
#:trusted_hosts:
|
|
#- foreman.prod.domain
|
|
#- foreman.dev.domain
|
|
#to deny access to all hosts use:
|
|
:trusted_hosts: [ ourforemantserver.ourdomain.com]
|
|
|
|
# verify a DNS reverse lookup against it's forward lookup
|
|
# 1.1.1.1 -> foreman.mycompany.com -> 1.1.1.1
|
|
# (default: true)
|
|
#:forward_verify: true
|
|
|
|
#:foreman_url: http://127.0.0.1:3000
|
|
|
|
# SSL settings for client authentication against Foreman. If undefined, the values
|
|
# from general SSL options are used instead. Mainly useful when Foreman uses
|
|
# different certificates for its web UI and for smart-proxy requests.
|
|
#:foreman_ssl_ca: c:/ca.pem
|
|
#:foreman_ssl_cert: c:/xxxx.crt
|
|
#:foreman_ssl_key: c:/xxxx.key
|
|
|
|
# by default smart_proxy runs in the foreground. To enable running as a daemon, uncomment 'daemon' setting
|
|
:daemon: false
|
|
# Only used when 'daemon' is set to true.
|
|
# Uncomment and modify if you want to change the default pid file '/var/run/foreman-proxy/foreman-proxy.pid'
|
|
#:daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid
|
|
|
|
# host and ports configuration
|
|
# host to bind ports to (possible values: *, localhost, 0.0.0.0)
|
|
#:bind_host: '*'
|
|
# http is disabled by default. To enable, uncomment 'http_port' setting
|
|
#:http_port: 8000
|
|
# https is enabled if certificate, CA certificate, and private key are present in locations specifed by
|
|
# ssl_certificate, ssl_ca_file, and ssl_private_key correspondingly
|
|
# default values for https_port is 8443
|
|
#:https_port: 8443
|
|
|
|
# Shared options for virsh DNS/DHCP provider
|
|
# :virsh_network: default
|
|
|
|
# Log configuration
|
|
# Uncomment and modify if you want to change the location of the log file or use STDOUT
|
|
:log_file: c:/foreman/tmp/proxy.log
|
|
# Uncomment and modify if you want to change the log level
|
|
# WARN, DEBUG, ERROR, FATAL, INFO, UNKNOWN
|
|
:log_level: DEBUG
|
