Setup sniproxy and rsyslog
[cacert-puppet.git] / sitemodules / profiles / templates / sniproxy / sniproxy.conf.epp
1 <%- | Array[String] $https_forwards = [] | -%>
2 # THIS FILE IS MANAGED BY PUPPET, MANUAL CHANGES WILL BE OVERWRITTEN AT THE
3 # NEXT PUPPET RUN.
4 #
5 # sniproxy configuration file
6 # lines that start with # are comments
7 # lines with only white space are ignored
8
9 user daemon
10
11 # PID file
12 pidfile /var/run/sniproxy.pid
13
14 error_log {
15 # Log to the daemon syslog facility
16 syslog daemon
17
18 # Alternatively we could log to file
19 #filename /var/log/sniproxy/sniproxy.log
20
21 # Control the verbosity of the log
22 priority notice
23 }
24
25 # blocks are delimited with {...}
26 #listen 80 {
27 # proto http
28 # table http_hosts
29 # # Fallback backend server to use if we can not parse the client request
30 # fallback localhost:8080
31 #
32 # access_log {
33 # filename /var/log/sniproxy/http_access.log
34 # priority notice
35 # }
36 #}
37
38 listen 443 {
39 proto tls
40 table https_hosts
41
42 access_log {
43 filename /var/log/sniproxy/https_access.log
44 priority notice
45 }
46 }
47
48 # named tables are defined with the table directive
49 #table http_hosts {
50 # example.com 192.0.2.10:8001
51 # example.net 192.0.2.10:8002
52 # example.org 192.0.2.10:8003
53
54 # pattern:
55 # valid Perl-compatible Regular Expression that matches the
56 # hostname
57 #
58 # target:
59 # - a DNS name
60 # - an IP address (with optional port)
61 # - '*' to use the hostname that the client requested
62 #
63 # pattern target
64 #.*\.itunes\.apple\.com$ *:443
65 #.* 127.0.0.1:4443
66 #}
67
68 # named tables are defined with the table directive
69 table https_hosts {
70 # When proxying to local sockets you should use different tables since the
71 # local socket server most likely will not autodetect which protocol is
72 # being used
73 <%- $https_forwards.each |$forward| { %>
74 <%= $forward -%>
75 <% } %>
76 }
77
78 # if no table specified the default 'default' table is defined
79 #table {
80 # # if no port is specified default HTTP (80) and HTTPS (443) ports are
81 # # assumed based on the protocol of the listen block using this table
82 # example.com 192.0.2.10
83 # example.net 192.0.2.20
84 #}