Dzahn has submitted this change and it was merged.
Change subject: Gerrit: make auth_type configurable for labs
......................................................................
Gerrit: make auth_type configurable for labs
In labs we can't just use the same LDAP auth we use in production.
Make the auth type configurable.
Change-Id: I3bd532685c59063d06479b17801f5075b0f7cd97
---
M modules/gerrit/manifests/jetty.pp
M modules/gerrit/templates/gerrit.config.erb
M modules/gerrit/templates/secure.config.erb
3 files changed, 7 insertions(+), 1 deletion(-)
Approvals:
Dzahn: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/gerrit/manifests/jetty.pp
b/modules/gerrit/manifests/jetty.pp
index 0c79fdc..e0658c5 100644
--- a/modules/gerrit/manifests/jetty.pp
+++ b/modules/gerrit/manifests/jetty.pp
@@ -7,6 +7,7 @@
$git_dir = 'git',
$ssh_host_key = undef,
$heap_limit = '28g',
+ $auth_type = 'LDAP',
) {
include nrpe
diff --git a/modules/gerrit/templates/gerrit.config.erb
b/modules/gerrit/templates/gerrit.config.erb
index bf865b4..0341212 100644
--- a/modules/gerrit/templates/gerrit.config.erb
+++ b/modules/gerrit/templates/gerrit.config.erb
@@ -15,9 +15,11 @@
username = <%= @db_user %>
url = jdbc:mysql://<%= @db_host %>/<%= @db_name
%>?characterSetResults=utf8&characterEncoding=utf8&connectionCollation=utf8_unicode_ci
[auth]
- type = LDAP
+ type = <%= @auth_type %>
cookieSecure = true
+<%- if @auth_type == 'LDAP' -%>
registerUrl =
https://wikitech.wikimedia.org/w/index.php?title=Special:UserLogin&returnto=Help%3AGetting+Started&type=signup
+
[ldap]
server = <% @ldap_hosts.each do |ldap_host| %>ldaps://<%= ldap_host %> <%
end %>
accountBase = ou=people,<%= @ldap_base_dn %>
@@ -26,6 +28,7 @@
groupBase = ou=groups,<%= @ldap_base_dn %>
groupMemberPattern = (&(objectClass=groupOfNames)(member=${dn}))
groupScope = one
+<%- end -%>
[sendemail]
includeDiff = true
smtpServerPort = 25
diff --git a/modules/gerrit/templates/secure.config.erb
b/modules/gerrit/templates/secure.config.erb
index c28632b..d46cc50 100644
--- a/modules/gerrit/templates/secure.config.erb
+++ b/modules/gerrit/templates/secure.config.erb
@@ -1,8 +1,10 @@
[database]
password = <%= @db_pass %>
+<%- if @auth_type == 'LDAP' -%>
[ldap]
username = <%= @ldap_proxyagent %>
password = <%= @ldap_proxyagent_pass %>
+<%- end -%>
[auth]
registerEmailPrivateKey = <%= @email_key %>
[its-phabricator]
--
To view, visit https://gerrit.wikimedia.org/r/303355
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I3bd532685c59063d06479b17801f5075b0f7cd97
Gerrit-PatchSet: 10
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Paladox <[email protected]>
Gerrit-Reviewer: Chad <[email protected]>
Gerrit-Reviewer: Dzahn <[email protected]>
Gerrit-Reviewer: Paladox <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
