Setup known_hosts file on gerrit servers
Setup known_hosts file on review.o.o and review-dev.o.o so that known services connecting to it won't be blocked. Change-Id: If0b082867df73322a9115b94ea5be18d0631acc0 depends-on: I0bb6638f5362696cd9a9a7401cb2e96ab69eea06
This commit is contained in:
parent
8b7c572f02
commit
956372cd39
@ -36,6 +36,7 @@ node 'review.openstack.org' {
|
||||
mysql_password => hiera('gerrit_mysql_password'),
|
||||
email_private_key => hiera('gerrit_email_private_key'),
|
||||
token_private_key => hiera('gerrit_rest_token_private_key'),
|
||||
gerrit_ssh_known_hosts => hiera('gerrit_ssh_known_hosts'),
|
||||
gerritbot_password => hiera('gerrit_gerritbot_password'),
|
||||
gerritbot_ssh_rsa_key_contents => hiera('gerritbot_ssh_rsa_key_contents'),
|
||||
gerritbot_ssh_rsa_pubkey_contents => hiera('gerritbot_ssh_rsa_pubkey_contents'),
|
||||
@ -81,6 +82,7 @@ node 'review-dev.openstack.org' {
|
||||
email_private_key => hiera('gerrit_dev_email_private_key'),
|
||||
contactstore_appsec => hiera('gerrit_dev_contactstore_appsec'),
|
||||
contactstore_pubkey => hiera('gerrit_dev_contactstore_pubkey'),
|
||||
gerrit_ssh_known_hosts => hiera('gerrit_ssh_known_hosts'),
|
||||
ssh_dsa_key_contents => hiera('gerrit_dev_ssh_dsa_key_contents'),
|
||||
ssh_dsa_pubkey_contents => hiera('gerrit_dev_ssh_dsa_pubkey_contents'),
|
||||
ssh_rsa_key_contents => hiera('gerrit_dev_ssh_rsa_key_contents'),
|
||||
|
@ -10,6 +10,7 @@ class openstack_project::gerrit (
|
||||
$canonicalweburl = "https://${::fqdn}/",
|
||||
$git_http_url = '',
|
||||
$canonical_git_url = '',
|
||||
$gerrit_ssh_known_hosts = '',
|
||||
$serveradmin = 'webmaster@openstack.org',
|
||||
$ssh_host_key = '/home/gerrit2/review_site/etc/ssh_host_rsa_key',
|
||||
$ssh_project_key = '/home/gerrit2/review_site/etc/ssh_project_rsa_key',
|
||||
@ -122,6 +123,7 @@ class openstack_project::gerrit (
|
||||
enable_javamelody_top_menu => false,
|
||||
# passthrough
|
||||
java_home => $java_home,
|
||||
known_hosts_content => $gerrit_ssh_known_hosts,
|
||||
ssl_cert_file => $ssl_cert_file,
|
||||
ssl_key_file => $ssl_key_file,
|
||||
ssl_chain_file => $ssl_chain_file,
|
||||
|
@ -85,6 +85,7 @@ class openstack_project::review (
|
||||
$storyboard_password = '',
|
||||
$project_config_repo = '',
|
||||
$projects_config = 'openstack_project/review.projects.ini.erb',
|
||||
$gerrit_ssh_known_hosts = '',
|
||||
) {
|
||||
|
||||
$java_home = $::lsbdistcodename ? {
|
||||
@ -116,6 +117,7 @@ class openstack_project::review (
|
||||
ssh_replication_rsa_pubkey_contents => $ssh_replication_rsa_pubkey_contents,
|
||||
ssh_welcome_rsa_key_contents => $ssh_welcome_rsa_key_contents,
|
||||
ssh_welcome_rsa_pubkey_contents => $ssh_welcome_rsa_pubkey_contents,
|
||||
gerrit_ssh_known_hosts => "${gerrit_ssh_known_hosts} ${gerrit_ssh_host_key}",
|
||||
email => 'review@openstack.org',
|
||||
# 1 + 100 + 9 + 2 + 2 + 25 => 139(rounded up)
|
||||
database_poollimit => '225',
|
||||
|
@ -29,6 +29,7 @@ class openstack_project::review_dev (
|
||||
$storyboard_ssl_cert = '',
|
||||
$project_config_repo = '',
|
||||
$projects_config = 'openstack_project/review-dev.projects.ini.erb',
|
||||
$gerrit_ssh_known_hosts = '',
|
||||
) {
|
||||
|
||||
$java_home = $::lsbdistcodename ? {
|
||||
@ -59,6 +60,7 @@ class openstack_project::review_dev (
|
||||
ssh_project_rsa_pubkey_contents => $ssh_project_rsa_pubkey_contents,
|
||||
ssh_replication_rsa_key_contents => $ssh_replication_rsa_key_contents,
|
||||
ssh_replication_rsa_pubkey_contents => $ssh_replication_rsa_pubkey_contents,
|
||||
gerrit_ssh_known_hosts => "${gerrit_ssh_known_hosts} ${gerrit_ssh_host_key}",
|
||||
email => 'review-dev@openstack.org',
|
||||
war =>
|
||||
'http://tarballs.openstack.org/ci/gerrit/gerrit-v2.11.4.22.e0c0f29.war',
|
||||
|
Loading…
Reference in New Issue
Block a user