Skip to content

Commit

Permalink
Document SSL settings
Browse files Browse the repository at this point in the history
  • Loading branch information
ekohl committed May 21, 2017
1 parent 3d60d60 commit 173c1dd
Showing 1 changed file with 33 additions and 1 deletion.
34 changes: 33 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,38 @@ Likewise the broker is managed by default, but ```manage_broker``` is there. The

There are various types that can be used to manage providers, assuming the correct plugin is installed.

For security certificates can be used. For example on the webservice:

```puppet
class { '::pulp':
https_cert => '/path/to/public_key.pem',
https_key => '/path/to/private_key.pem',
https_chain => '/path/to/ca_chain.pem',
# Optionally you can change the accepted protocols
ssl_protocol => ['all', '-SSLv3', '-TLSv1', '-TLSv1.1'],
}
```

The connection to the MongoDB server can also be encrypted:

```puppet
class { '::pulp':
db_ssl => true,
db_ssl_keyfile => '/path/to/private_key.pem',
db_ssl_certfile => '/path/to/public_key.pem',
db_ca_path => '/path/to/ca.pem',
}
```

Similarly the connection to the message broker can be encrypted:

```puppet
class { '::pulp':
broker_url => 'qpid://user:password@broker.example.com:5671',
broker_use_ssl => true,
}
```

#### RPM provider

```puppet
Expand Down Expand Up @@ -109,7 +141,7 @@ include ::pulp::admin

Optionally several plugins can be installed.

```
```puppet
class { '::pulp::admin':
enable_docker => true,
enable_ostree => true,
Expand Down

0 comments on commit 173c1dd

Please sign in to comment.