diff options
author | Florian Dold <florian@dold.me> | 2021-07-30 13:22:45 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2021-07-30 13:22:54 +0200 |
commit | 05bc00b5f226e6e6695ef00609a02549284c8f55 (patch) | |
tree | 7ca6ca6faeefc25e5eb932f96b15b806ba4ca742 /debian/etc-taler-auditor | |
parent | bd603ca7c14315d333e2dac0509f6b1226fb946e (diff) |
debian: better config split by package
Diffstat (limited to 'debian/etc-taler-auditor')
4 files changed, 33 insertions, 0 deletions
diff --git a/debian/etc-taler-auditor/apache2/sites-available/taler-auditor.conf b/debian/etc-taler-auditor/apache2/sites-available/taler-auditor.conf new file mode 100644 index 000000000..f68c59558 --- /dev/null +++ b/debian/etc-taler-auditor/apache2/sites-available/taler-auditor.conf @@ -0,0 +1,4 @@ +<Location "/taler-auditor/"> +ProxyPass "unix:/var/lib/taler-auditor/auditor.sock|http://example.com/" +RequestHeader add "X-Forwarded-Proto" "https" +</Location> diff --git a/debian/etc-taler-auditor/nginx/sites-available/taler-auditor b/debian/etc-taler-auditor/nginx/sites-available/taler-auditor new file mode 100644 index 000000000..3fdffdad3 --- /dev/null +++ b/debian/etc-taler-auditor/nginx/sites-available/taler-auditor @@ -0,0 +1,7 @@ +location /taler-auditor/ { + proxy_pass http://unix:/var/lib/taler-auditor/auditor.sock; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host "example.com"; + proxy_set_header X-Forwarded-Proto "https"; +}
\ No newline at end of file diff --git a/debian/etc-taler-auditor/taler/conf.d/auditor-system.conf b/debian/etc-taler-auditor/taler/conf.d/auditor-system.conf new file mode 100644 index 000000000..3d3aef33a --- /dev/null +++ b/debian/etc-taler-auditor/taler/conf.d/auditor-system.conf @@ -0,0 +1,12 @@ +# Read secret sections into configuration, but only +# if we have permission to do so. +@inline-secret@ auditordb-postgres ../secrets/auditor-db.secret.conf + +[auditor] +# Debian package is configured to use a reverse proxy with a UNIX +# domain socket. See nginx/apache configuration files. +SERVE = UNIX +UNIXPATH = /var/lib/taler-auditor/auditor.sock + +# Only supported database is Postgres right now. +DATABASE = postgres diff --git a/debian/etc-taler-auditor/taler/secrets/auditor-db.secret.conf b/debian/etc-taler-auditor/taler/secrets/auditor-db.secret.conf new file mode 100644 index 000000000..b81bb817f --- /dev/null +++ b/debian/etc-taler-auditor/taler/secrets/auditor-db.secret.conf @@ -0,0 +1,10 @@ +# Database configuration for the Taler auditor. + +[auditordb-postgres] + +# Typically, there should only be a single line here, of the form: + +CONFIG=postgres:///DATABASE + +# The details of the URI depend on where the database lives and how +# access control was configured. |