I know when I was setting this up (http://z0mbix.github.com/blog/2012/03/01/use-nginx-and-passenger-to-power-your-puppet-master/), the main gotcha I came up against was the permissions of the config.ru file have to be the same as your puppet user. I can't remember what error this caused though.
Cheers David On Thursday, 12 July 2012 15:34:06 UTC+1, Jon Jaroker wrote: > > Hello, I have been stumped by an authentication / certificate problem > and would like to know if anyone has resolved a similar issue. > > My fresh install of Puppet Master 2.7.18 on Debian 6 works normally > when run standalone, using 'puppet master --verbose --no-daemonize'. > > When using nginx-passenger in front of the same puppet master, puppet > fails with the authentication error: '… Forbidden request … access > to /file_metadata/plugins [find] at line 57' > > This failure occurs on the same node that had successfully connected > to Puppet Master when it was run standalone. > > The full log errors are here: http://pastebin.com/KH8Pyyw3 > > I can work-around this authentication error by appending 'allow *' for > 'path /' in the puppet master's auth.conf file. > > Here is the Puppet Master auth.conf file I am using: > http://pastebin.com/Ju0ke3rP > > I don't think this workaround is correct: the default authentication > policy should not allow access to un-authenticated nodes. > > Here is my nginx.conf file: http://pastebin.com/q7HMuAZ0 > > Here is the config.ru configuration file: http://pastebin.com/1aCdsTJE > > Does anyone see what I am doing wrong? I have already tried deleting > and recreating certificates for the agent and master. > > Thank you, > Jon > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/2MBuu8evOokJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
