From 28166a9755ce412fc910de4ae411039924366460 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Wed, 6 Jul 2022 09:28:47 +1000 Subject: [PATCH] gitea: fix loadbalancer forwarding in testing We have moved to a situation where we proxy requests to gitea (3000) via Apache listening on 3081 -- this is useful for layer 7 filtering like matching on user-agents. It seems like we missed some of this configuration in our load-balancer testing. Update the https forward on the load-balancer to port 3081 on the gitea test host. Also, remove the explicit port opening in the testing group_vars; for some reason this was not opening port 3080 (http). This will just use the production settings when we don't override it. Change-Id: Ic5690ed893b909a7e6b4074a1e5cd71ab0683ab4 --- playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 | 2 +- playbooks/zuul/templates/group_vars/gitea.yaml.j2 | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 b/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 index fc68fdfd03..ba08fccaae 100644 --- a/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 +++ b/playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2 @@ -11,5 +11,5 @@ gitea_lb_listeners: - ":::443" servers: - name: "gitea99.opendev.org" - address: "{{ (hostvars['gitea99.opendev.org'] | default({})).get('nodepool', {}).get('public_ipv4', '') }}:3000" + address: "{{ (hostvars['gitea99.opendev.org'] | default({})).get('nodepool', {}).get('public_ipv4', '') }}:3081" check_method: "check check-ssl verify none" diff --git a/playbooks/zuul/templates/group_vars/gitea.yaml.j2 b/playbooks/zuul/templates/group_vars/gitea.yaml.j2 index 925e322496..63d9b59402 100644 --- a/playbooks/zuul/templates/group_vars/gitea.yaml.j2 +++ b/playbooks/zuul/templates/group_vars/gitea.yaml.j2 @@ -8,5 +8,3 @@ gitea_root_password: BUbBcpToMwR05ZCB gitea_no_log: false gitea_gerrit_password: yVpMWIUIvT7f6NwA gitea_reverse_proxy_hostname: localhost -iptables_extra_public_tcp_ports: - - 3081