Welcome! Log In Create A New Profile

Advanced

nginx proxy_pass to puppetmaster

Posted by snoop 
Forum List Message List New Topic
snoop
nginx proxy_pass to puppetmaster
April 19, 2017 07:06AM
Hi,

I want to use nginx to proxy_pass puppet client requests to my puppet master.

My config:

upstream puppetmaster {
server 192.168.3.10:8140; #
}
server {
listen 192.168.3.200:8140;
server_name puppetmaster.mydom.de;
ssl on;
ssl_certificate /etc/nginx/ssl/puppet.crt;
ssl_certificate_key /etc/nginx/ssl/puppet.key;
ssl_client_certificate /etc/nginx/ssl/puppet.ca-crt;
ssl_crl /etc/nginx/ssl/puppet.ca_crl;
ssl_verify_client optional;

access_log /var/log/nginx/puppetmaster.ssl.log;
error_log /var/log/nginx/puppetmaster.ssl.err.log;

root /srv/www/htdocs;
index index.html index.htm;


location / {

proxy_pass https://puppetmaster;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Client-Verify $ssl_client_verify;
proxy_set_header X-SSL-Subject $ssl_client_s_dn;
proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
proxy_redirect off;
}
}


My clients get this error message:

Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: Error 403 on SERVER: {"message":"Not Authorized: Forbidden request: /puppet/v3/node/myhostname [find]","issue_kind":"RUNTIME_ERROR"}


Can anybody help me?

thx
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 307
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready