Question
I need little help if anybody is aware of this issue.
I am trying to make gerrit slave for a master. I was able to replicate the repositories onto the slave server. But I have few doubts.
How to configure the replica server for access by authorized users?
What the limitations of replica server access control are (e.g. is it read only?) If its not read only then how to make it read only.
Here is my replication.config file.
https://stackoverflow.com/questions/21464014
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian[remote "pubmirror"]
url = ssh://< Slave_User >@< Slave_User_ip >/path/to/repo/${name}.git
replicationDelay = 1
I'm hoping someone can make me understand with examples.
Solution
Setting the container.slave option in etc/gerrit.config to true (see documentation) will enable slave mode (by passing --slave to the Gerrit daemon), which makes the server read-only and disables the HTTP server
Apart from that the regular rules for configuring e.g. access control and authentication apply.
OTHER TIPS
the --slave unfortunately doesn't provide Web UI for viewing the reviews. One way to workaround it is to run gerrit in normal mode but
a) change the gerrit.config to restrict receive.allowGroup to e.g. only administrators then none (except administrators) can push to gerrit git repositories
b) put gerrit httpd behind an apache proxy and use mod_rewrite to restrict to set of read only requests. I basically allow only GET, HEAD and POST for /login, /gerrit_ui/rpc/ChangeDetailService and /gerrit_ui/rpc/PatchDetailService
It works quite well for us with single gerrit master and multi readonly replica in different data centers
