opendev/system-config
Code Issues Proposed changes
system-config/inventory/service/group_vars/gitea.yaml
Clark Boylan 91322002ff Rotate the new Gitea replication key into Gitea config 
We use a new larger rsa key so that gitea checks on key size don't fail
when we upgrade gitea to 1.21 or newer. We did consider an ed25519 key
isntead but those keys can only be generated in the new openssh key file
format and there is some question around whether or not Gerrit's
replication plugin (ultimately MINA ssh client) can read those files. To
be safe we stick with what we know works and simply increase the bit
count.

Change-Id: I51e97e8545a54202b05f32de70c0715083954119
2023-11-30 11:02:36 -08:00

12 lines
1.5 KiB
YAML
Raw Blame History

gitea_root_email: infra-root@openstack.org
# Gerrit replication key(s). When these values are identical only one key
# is created in Gitea. When they are different two different keys are added.
# This allows for key rotation.
gitea_gerrit_public_key_A: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVuhTMAz1H2Jr9AC3py9A0vlNna6Sdt4yrvZOayxukPqQ7GPZd+Mo7MVyypxLD479N2mA09JAdsbq1eTiPP8ksEkB+dNxZzw8mY1653R/IXSW6J9xPcoDa88HF2s/xHN24IWzgiDjNNe79AQ+sKleByEQZ++xXny3MRpy258hKUvAtjjOLOnM1PBs8JNOzBL+UPgWRgSX6GG0qywJZqjD1Qx5kvH9RTRLi+tcMhEi4laN7BYvn4csY0sYzTzPG4ZTu3ootIJoRlQGtQ0LmoFO1vSwyEJUags6/ZZGjgy3jl3kwcU/b8ZnFlF4MDw1OB1QqMb4r6bMHbXNIupp4zJbz gerrit-replication-2014-04-25
gitea_gerrit_public_key_B: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCIEIT8l3h/BoIzKl7iDCui+7LB5KAzSW0EPGJxzk6/LREVo6riwY5J1aj9tLvC003ejICYKH7v7x/YICuOPwAOvC1R3LLDGSPMavwfCPUCtXeDe1heYsg1ngxkvd7ipNSHVF2chapgb+FwUqqgcnxD/2jf7HWw06/fdr9ahlNhA2HrZeZlyeo7F57Mj+C2Aq6nOCpvaZXqZ7LIcREd3EleB7+gDihD8qM0VPbxZuQrHMPumxa/l0aysmMz7RPmvzpTnFy5AYR/fcbJ/NFKjITxlUHWWBgJgKI5vrodJjRdPM5uylq+7xOkhvyZNHEYqrhBeylLXQG9JPoBpGBraKHonT2IdeBlFTi4ONypaicH9/Rdm7xCppC3rfLZwEexZgOYaoMlnC2eCJAVs1CDc7Jm91XckS15zhNdBBPV1vCpWCPrPwHSjk6JkDv8bh0zNd6IaRZxc1Bsu7bpKIKlD/ZINm9pdtrGaquEFQLpdEu4obYpqIkfDnTuBUMeOZDtyNUhtvVIo+re3orwTOFiNycB/+Z2kZiH/C82atSTh1LJrsfMeME0eKUuFyEzD+Kf2WZ8XvShx6zMMYiq6GibAQ2szz0rLESIblWEJEtZ7dT9zfoV0zyykTn6rsBBCMcXvuTeXpd3h7wz1Aj3WytIDdISCwOJutxQV1onVxx7lYii6w== gerrit@gitea.opendev.org-20231130
iptables_extra_public_tcp_ports:
- 222
- 3000
- 3080
- 3081 # see above; reverse proxy
View Git Blame Copy Permalink