1 files changed, 30 insertions, 18 deletions

diff --git a/templates/puppetmaster.erb b/templates/puppetmaster.erb
index b2498b9..3428744 100644
--- a/templates/puppetmaster.erb
+++ b/templates/puppetmaster.erb
@@ -18,15 +18,21 @@ server {
     # $ssl_protocol returns the protocol of established SSL-connection
 
     location / {
-        proxy_pass          http://puppet-production;
-        proxy_redirect      off;
-        proxy_set_header    Host             $host;
-        proxy_set_header    X-Real-IP        $remote_addr;
-        proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
-        proxy_set_header    X-Client-Verify  SUCCESS;
-        proxy_set_header    X-SSL-Subject    $ssl_client_s_dn;
-        proxy_set_header    X-SSL-Issuer     $ssl_client_i_dn;
-        proxy_read_timeout  65;
+        proxy_pass              http://puppet-production;
+        proxy_redirect          off;
+        proxy_set_header        Host             $host;
+        proxy_set_header        X-Real-IP        $remote_addr;
+        proxy_set_header        X-Forwarded-For  $proxy_add_x_forwarded_for;
+        proxy_set_header        X-Client-Verify  SUCCESS;
+        proxy_set_header        X-SSL-Subject    $ssl_client_s_dn;
+        proxy_set_header        X-SSL-Issuer     $ssl_client_i_dn;
+        proxy_connect_timeout   90;
+        proxy_send_timeout      180;
+        proxy_read_timeout      180;
+        proxy_buffer_size       16k;
+        proxy_buffers           8 16k;
+        proxy_busy_buffers_size 32k;
+        proxy_intercept_errors  on;        
     }
 }
 
@@ -38,14 +44,20 @@ server {
     rewrite_log             on;
 
     location / {
-        proxy_pass  http://puppet-production;
-        proxy_redirect     off;
-        proxy_set_header   Host             $host;
-        proxy_set_header   X-Real-IP        $remote_addr;
-        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
-        proxy_set_header   X-Client-Verify  FAILURE;
-        proxy_set_header   X-SSL-Subject    $ssl_client_s_dn;
-        proxy_set_header   X-SSL-Issuer     $ssl_client_i_dn;
-        proxy_read_timeout  65;
+        proxy_pass              http://puppet-production;
+        proxy_redirect          off;
+        proxy_set_header        Host             $host;
+        proxy_set_header        X-Real-IP        $remote_addr;
+        proxy_set_header        X-Forwarded-For  $proxy_add_x_forwarded_for;
+        proxy_set_header        X-Client-Verify  FAILURE;
+        proxy_set_header        X-SSL-Subject    $ssl_client_s_dn;
+        proxy_set_header        X-SSL-Issuer     $ssl_client_i_dn;
+        proxy_connect_timeout   90;
+        proxy_send_timeout      180;
+        proxy_read_timeout      180;
+        proxy_buffer_size       16k;
+        proxy_buffers           8 16k;
+        proxy_busy_buffers_size 32k;
+        proxy_intercept_errors  on;        
     }
 }