GateOne
server.conf
ocale = "en_GB"
pam_service = "login"
syslog_facility = "daemon"
syslog_host = None
enable_unix_socket = False
port = 8080
uid = "0"
url_prefix = "/"
user_dir = "/opt/gateone/users"
dtach = False
certificate = "certificate.pem"
log_to_stderr = False
session_logs_max_age = "30d"
gid = "0"
pid_file = "/var/run/gateone.pid"
sso_realm = None
cookie_secret = "YTY4N2YwOWExZWY3NGE0ZmJjODk2MzkwY2RkODVmOTlm9"
pam_realm = "gate.neolao.com"
sso_service = "HTTP"
https_redirect = False
syslog_session_logging = False
disable_ssl = True
debug = False
session_dir = "/tmp/gateone"
auth = "api"
address = ""
api_timestamp_window = "30s"
log_file_num_backups = 10
logging = "info"
embedded = False
origins = "http://localhost;https://localhost;https://terminal.domain.com"
session_logging = True
unix_socket_path = "/var/run/gateone.sock"
ssl_auth = "none"
log_file_max_size = 104857600
session_timeout = "5d"
command = "/opt/gateone/plugins/ssh/scripts/ssh_connect.py -S '/tmp/gateone/%SESSION%/%SHORT_SOCKET%' --sshfp -a '-oUserKnownHostsFile=%USERDIR%/%USER%/ssh/known_hosts'"
ca_certs = None
js_init = ""
keyfile = "keyfile.pem"
log_file_prefix = "/opt/gateone/logs/webserver.log"
Reverse proxy avec nginx > 1.4
server {
listen [::]:443;
listen 443;
server_name mysslhost;
ssl on;
ssl_certificate server.crt;
ssl_certificate_key server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /gateone/ {
#auth_basic "Restricted"; #One extra layer of authentication
#auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://localhost:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}