diff --git a/etc/default/pound b/etc/default/pound new file mode 100644 index 0000000..49f60fe --- /dev/null +++ b/etc/default/pound @@ -0,0 +1,8 @@ +# Defaults for pound initscript +# sourced by /etc/init.d/pound +# installed at /etc/default/pound by the maintainer scripts + +# prevent startup with default configuration +# set the below varible to 1 in order to allow pound to start +startup=1 + diff --git a/etc/pound/pound.cfg b/etc/pound/pound.cfg new file mode 100644 index 0000000..e02a72b --- /dev/null +++ b/etc/pound/pound.cfg @@ -0,0 +1,47 @@ +## see pound(8) for details +###################################################################### +## global options: + +User "www-data" +Group "www-data" +#RootJail "/chroot/pound" + +## Logging: (goes to syslog by default) +## 0 no logging +## 1 normal +## 2 extended +## 3 Apache-style (common log format) +LogLevel 0 +LogFacility local5 +## check backend every X secs: +Alive 30 + +## use hardware-accelleration card supported by openssl(1): +#SSLEngine "" + +# poundctl control socket +#Control "/var/run/pound/poundctl.socket" + +###################################################################### +## listen, redirect and ... to: + +ListenHTTPS + Cert "/etc/path/to/cert.pem" + Address 0.0.0.0 + Port 443 + Ciphers "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" + HeadRemove "X-Forwarded-Proto" + AddHeader "X-Forwarded-Proto: https" + + #New parameters, use with pound 2.6: + #SSLAllowClientRenegotiation 0 + #SSLHonorCipherOrder 1 +End + +Service + BackEnd + Address 127.0.0.1 + Port 80 + End +End + diff --git a/etc/varnish/default.vlc b/etc/varnish/default.vcl similarity index 100% rename from etc/varnish/default.vlc rename to etc/varnish/default.vcl