9315d1465e
This patch addresses: LDAP not requiring username or password (anonymous bind) This is required to support configurations where LDAP is on a secure network, and anonymous bind is enabled. LDAP using a self signed SSL cert (verify ssl on or off) This is required to support configurations where LDAP requires SSL, but ssl is using an internal or self signed certificate, and therefore fails cert checks. This also covers testing conditions where a consumer might use OS with LDAP+ssl unsigned. LDAP using a nonstandard cn naming convention (ie email address). This is required to deal with an edge case where 'cn' in ldap might be something other than a bare username. Gerrit pulls the ssh username from that value and will not accept a non-alphanumeric address. By setting 'accountSshUserName' in puppet, that is setable. LDAP prepopulating account Full name. Gerrit has a configuration option to pull Full Name from LDAP, this change exposes that option. Change-Id: Ibd41d59ff98e406b42e1e14cc17e23b3d6211d58
119 lines
3.2 KiB
Plaintext
119 lines
3.2 KiB
Plaintext
# This file is managed by puppet.
|
|
# https://git.openstack.org/cgit/openstack-infra/config
|
|
|
|
[gerrit]
|
|
basePath = git
|
|
canonicalWebUrl = <%= canonicalweburl %>
|
|
[database]
|
|
type = MYSQL
|
|
hostname = localhost
|
|
database = reviewdb
|
|
username = gerrit2
|
|
<% if database_poollimit != "" -%>
|
|
poolLimit = <%= database_poollimit %>
|
|
<% end -%>
|
|
connectionpool = true
|
|
[auth]
|
|
<% if gerrit_contributor_agreement -%>
|
|
contributorAgreements = true
|
|
<% end -%>
|
|
type = <%= gerrit_auth_type %>
|
|
cookieSecure = true
|
|
<% if gerrit_auth_type == 'OPENID_SSO' -%>
|
|
openIdSsoUrl = <%= openidssourl %>
|
|
<% end -%>
|
|
<% if gerrit_auth_type == 'LDAP' -%>
|
|
[ldap]
|
|
server = <%= ldap_server %>
|
|
accountBase = <%= ldap_account_base %>
|
|
<% if ldap_username -%>username = <%= ldap_username %><%end%>
|
|
<% if ldap_password -%>password = <%= ldap_password %><%end%>
|
|
<% if ldap_accountfullname -%>accountFullName = <%= ldap_accountfullname %><%end%>
|
|
accountPattern = <%= ldap_account_pattern %>
|
|
accountEmailAddress = <%= ldap_account_email_address %>
|
|
sslVerify = <%= ldap_sslverify %>
|
|
<% if @ldap_ssh_account_name -%>accountSshUserName = <%= ldap_ssh_account_name %><%end%>
|
|
<% end %>
|
|
[sendemail]
|
|
smtpServer = <%= smtpserver %>
|
|
from = <%= sendemail_from %>
|
|
[container]
|
|
user = gerrit2
|
|
javaHome = <%= java_home %>
|
|
<% if container_heaplimit != "" -%>
|
|
heapLimit = <%= container_heaplimit %>
|
|
<% end -%>
|
|
[core]
|
|
<% if core_packedgitopenfiles != "" -%>
|
|
packedGitOpenFiles = <%= core_packedgitopenfiles %>
|
|
<% end -%>
|
|
<% if core_packedgitlimit != "" -%>
|
|
packedGitLimit = <%= core_packedgitlimit %>
|
|
<% end -%>
|
|
<% if core_packedgitwindowsize != "" -%>
|
|
packedGitWindowSize = <%= core_packedgitwindowsize %>
|
|
<% end -%>
|
|
[sshd]
|
|
listenAddress = <%= sshd_listen_address %>
|
|
<% if sshd_threads != "" -%>
|
|
threads = <%= sshd_threads %>
|
|
<% end -%>
|
|
[httpd]
|
|
listenUrl = proxy-https://*:8081/
|
|
<% if httpd_maxwait != "" -%>
|
|
maxWait = <%= httpd_maxwait %>
|
|
<% end -%>
|
|
<% if httpd_acceptorthreads != "" -%>
|
|
acceptorThreads = <%= httpd_acceptorthreads %>
|
|
<% end -%>
|
|
<% if httpd_minthreads != "" -%>
|
|
minThreads = <%= httpd_minthreads %>
|
|
<% end -%>
|
|
<% if httpd_maxthreads != "" -%>
|
|
maxThreads = <%= httpd_maxthreads %>
|
|
<% end -%>
|
|
[cache]
|
|
directory = cache
|
|
[cache "web_sessions"]
|
|
maxAge = 1d
|
|
[user]
|
|
email = <%= email %>
|
|
<% commentlinks.each do |commentlink| -%>
|
|
[commentlink "<%= commentlink['name'] %>"]
|
|
match = "<%= commentlink['match'] %>"
|
|
<% if commentlink['link'] != "" -%>
|
|
link = "<%= commentlink['link'] %>"
|
|
<% end -%>
|
|
<% if commentlink['html'] != "" -%>
|
|
html = "<%= commentlink['html'] %>"
|
|
<% end -%>
|
|
<% end -%>
|
|
[theme]
|
|
backgroundColor = ffffff
|
|
topMenuColor = ffffff
|
|
textColor = 264d69
|
|
trimColor = eef3f5
|
|
selectionColor = d1e6ea
|
|
changeTableOutdatedColor = f5cccc
|
|
tableOddRowColor = ffffff
|
|
tableEvenRowColor = f5f5ff
|
|
[melody]
|
|
monitoring = <%= enable_melody %>
|
|
session = <%= melody_session %>
|
|
<% if gitweb or cgit -%>
|
|
[gitweb]
|
|
<% if gitweb -%>
|
|
revision = "?p=${project}.git;a=commitdiff;h=${commit}"
|
|
<% else -%>
|
|
type = cgit
|
|
<% end -%>
|
|
<% if scope.lookupvar("gerrit::web_repo_url") -%>
|
|
url = "<%= scope.lookupvar('gerrit::web_repo_url') %>"
|
|
<% end -%>
|
|
<% end -%>
|
|
<% if contactstore == true -%>
|
|
[contactstore]
|
|
appsec = <%= contactstore_appsec %>
|
|
url = <%= contactstore_url %>
|
|
<% end -%>
|