Dzahn has submitted this change and it was merged. Change subject: Gerrit: make auth_type configurable for labs ......................................................................
Gerrit: make auth_type configurable for labs In labs we can't just use the same LDAP auth we use in production. Make the auth type configurable. Change-Id: I3bd532685c59063d06479b17801f5075b0f7cd97 --- M modules/gerrit/manifests/jetty.pp M modules/gerrit/templates/gerrit.config.erb M modules/gerrit/templates/secure.config.erb 3 files changed, 7 insertions(+), 1 deletion(-) Approvals: Dzahn: Looks good to me, approved jenkins-bot: Verified diff --git a/modules/gerrit/manifests/jetty.pp b/modules/gerrit/manifests/jetty.pp index 0c79fdc..e0658c5 100644 --- a/modules/gerrit/manifests/jetty.pp +++ b/modules/gerrit/manifests/jetty.pp @@ -7,6 +7,7 @@ $git_dir = 'git', $ssh_host_key = undef, $heap_limit = '28g', + $auth_type = 'LDAP', ) { include nrpe diff --git a/modules/gerrit/templates/gerrit.config.erb b/modules/gerrit/templates/gerrit.config.erb index bf865b4..0341212 100644 --- a/modules/gerrit/templates/gerrit.config.erb +++ b/modules/gerrit/templates/gerrit.config.erb @@ -15,9 +15,11 @@ username = <%= @db_user %> url = jdbc:mysql://<%= @db_host %>/<%= @db_name %>?characterSetResults=utf8&characterEncoding=utf8&connectionCollation=utf8_unicode_ci [auth] - type = LDAP + type = <%= @auth_type %> cookieSecure = true +<%- if @auth_type == 'LDAP' -%> registerUrl = https://wikitech.wikimedia.org/w/index.php?title=Special:UserLogin&returnto=Help%3AGetting+Started&type=signup + [ldap] server = <% @ldap_hosts.each do |ldap_host| %>ldaps://<%= ldap_host %> <% end %> accountBase = ou=people,<%= @ldap_base_dn %> @@ -26,6 +28,7 @@ groupBase = ou=groups,<%= @ldap_base_dn %> groupMemberPattern = (&(objectClass=groupOfNames)(member=${dn})) groupScope = one +<%- end -%> [sendemail] includeDiff = true smtpServerPort = 25 diff --git a/modules/gerrit/templates/secure.config.erb b/modules/gerrit/templates/secure.config.erb index c28632b..d46cc50 100644 --- a/modules/gerrit/templates/secure.config.erb +++ b/modules/gerrit/templates/secure.config.erb @@ -1,8 +1,10 @@ [database] password = <%= @db_pass %> +<%- if @auth_type == 'LDAP' -%> [ldap] username = <%= @ldap_proxyagent %> password = <%= @ldap_proxyagent_pass %> +<%- end -%> [auth] registerEmailPrivateKey = <%= @email_key %> [its-phabricator] -- To view, visit https://gerrit.wikimedia.org/r/303355 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I3bd532685c59063d06479b17801f5075b0f7cd97 Gerrit-PatchSet: 10 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Paladox <thomasmulhall...@yahoo.com> Gerrit-Reviewer: Chad <ch...@wikimedia.org> Gerrit-Reviewer: Dzahn <dz...@wikimedia.org> Gerrit-Reviewer: Paladox <thomasmulhall...@yahoo.com> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits