From 4facb9d8ceea6ffe07297f375bf05d9c72bc6125 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 3 Dec 2013 09:14:00 -0700
Subject: Implement an IPA Foreman smartproxy server

This currently server supports only host and hostgroup commands for
retrieving, adding and deleting entries.

The incoming requests are completely unauthenticated and by default
requests must be local.

Utilize GSS-Proxy to manage the TGT.

Configuration information is in the ipa-smartproxy man page.

Design: http://www.freeipa.org/page/V3/Smart_Proxy
---
 smartproxy/ipa-smartproxy.conf | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 smartproxy/ipa-smartproxy.conf

(limited to 'smartproxy/ipa-smartproxy.conf')

diff --git a/smartproxy/ipa-smartproxy.conf b/smartproxy/ipa-smartproxy.conf
new file mode 100644
index 00000000..a5f81433
--- /dev/null
+++ b/smartproxy/ipa-smartproxy.conf
@@ -0,0 +1,15 @@
+[global]
+server.socket_port: 8090
+#server.socket_host: 'server.example.com'
+
+log.access_file: '/var/log/ipa-smartproxy.access'
+log.error_file: '/var/log/ipa-smartproxy.errors'
+
+request.show_tracebacks: False
+
+# Only handle requests on 127.0.0.1 or ::1
+local_only: True
+
+use_gssproxy: True
+
+user: 'apache'
-- 
cgit