from:"Tracy Phillips"

Re: [CentOS] On-Boot Scripts

2009-11-13 Thread Tracy Phillips

On Fri, Nov 13, 2009 at 11:25 AM, Karanbir Singh mail-li...@karan.org wrote:
it to the end of /etc/rc.d/rc.local

 It looks, to me, that Victor is at a stage where he does not know what
 he is doing with the basic stuff - pointing him at good docs might be
 worth more than spoon-feeding.

 just my 2bits

Sometimes, I even wonder why there is a list all. After all pretty
much everything is documented.

To socialize with I guess

just my 2cents.

TP
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Spacewalk or Puppet?

2009-11-03 Thread Tracy Phillips

On Tue, Nov 3, 2009 at 11:23 AM, Dan Burkland dburk...@nmdp.org wrote:

  I am a little new to managing large numbers of CentOS/RHEL servers and
 was wondering what you experienced sysadmins prefer, Spacewalk or Puppet?


Chef showed up on my radar this morning. Have you seen it or used it. Looks
pretty promising.

Tracy
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SSL and virtual hosts?

2009-09-20 Thread Tracy Phillips

This is how I do it. It is a vhost file configured for http (port 80) and
https (port 443).

Hope it helps

VirtualHost 208.83.1.1:80

  ServerAdmin webmas...@domain.com

  ServerName my.domain.com

  DocumentRoot /var/www/domain.com/my/public/

  Directory /var/www/domain.com/my/public/
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
  /Directory

  # Setup error documents directory outside docroot
  Alias /error/ /var/www/error/

  # Setup our aliased /error directory for SSI
  Directory /var/www/error/
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
  /Directory

  ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
  ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
  ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
  ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
  ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
  ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
  ErrorDocument 410 /error/HTTP_GONE.html.var
  ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
  ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
  ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
  ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
  ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
  ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
  ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
  ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
  ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
  ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var

  # Set .htaccess to different name and explicitly deny access to it.
  AccessFileName .htaccess

  Files ~ ^\.ht
Order allow,deny
Deny from all
Satisfy All
  /Files

  # Possible values include: debug, info, notice, warn, error, crit, alert,
emerg.
  LogLevel warn

  ErrorLog /var/www/domain.com/my/log/error.log
  CustomLog /var/www/domain.com/my/log/access.log combined

  ServerSignature Off

/VirtualHost

VirtualHost 208.83.1.1:443

  ServerAdmin webmas...@domain.com

  ServerName my.domain.com

  DocumentRoot /var/www/domain.com/my/public/

  Directory /var/www/domain.com/my/public/
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
  /Directory

  SSLEngine on
  SSLCertificateFile /var/www/domain.com/my/ssl/domain.com.my.crt
  SSLCertificateKeyFile /var/www/domain.com/my/ssl/domain.com.my.key
  SSLCACertificateFile /var/www/domain.com/my/ssl/domain.com.my.ca-bundle
  SSLProtocol -ALL +SSLv3 +TLSv1
  # SSLProtocol -ALL +TLSv1
  SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM

  # Setup error documents
  Alias /error/ /usr/share/apache2/error/

  Directory /usr/share/apache2/error
  AllowOverride None
  Options IncludesNoExec
  AddOutputFilter Includes html
  AddHandler type-map var
  Order allow,deny
  Allow from all
  LanguagePriority en cs de es fr it nl sv pt-br ro
  ForceLanguagePriority Prefer Fallback
  /Directory

  ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
  ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
  ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
  ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
  ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
  ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
  ErrorDocument 410 /error/HTTP_GONE.html.var
  ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
  ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
  ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
  ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
  ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
  ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
  ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
  ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
  ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
  ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var

  # Set .htaccess to different name and explicitly deny access to it.
  AccessFileName .htaccess

  Files ~ ^\.ht
Order allow,deny
Deny from all
Satisfy All
  /Files

  # Possible values include: debug, info, notice, warn, error, crit, alert,
emerg.
  LogLevel warn

  ErrorLog /var/www/domain.com/my/log/ssl_error.log
  CustomLog /var/www/domain.com/my/log/ssl_access.log combined

  ServerSignature Off

/VirtualHost


Tracy Phillips


On Sun, Sep 20, 2009 at 2:36 AM, Niki Kovacs cont...@kikinovak.net wrote:

 Hi,

 I successfully managed to use SSL on a local webserver for testing
 purposes, following the section Using SSL in the Chapter Using
 Apache of the Definitive Guide to CentOS. Now I wonder: how can I use
 SSL with virtual

Re: [CentOS] SSL and virtual hosts?

2009-09-20 Thread Tracy Phillips


 1) Use a wildcard cert. You can use *.somedomain certs to serve multiple
 SSL domains on a single IP so long as they fit in the *.somedomain pattern.


This is incorrect.

apache can't read the headers since the traffic is encrypted. If it can't
read headers, it does not know which vhost to use and thus can not serve up
the correct files

If you have more than one ssl vhost, you will have to use two IP's. You can
use one SSL vhost with many non SSL vhosts on the same IP with no issues.

Tracy Phillips
Linux Systems Administrator
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] On-Boot Scripts

Re: [CentOS] Spacewalk or Puppet?

Re: [CentOS] SSL and virtual hosts?

Re: [CentOS] SSL and virtual hosts?

4 matches

Site Navigation

Mail list logo

Footer information