44 lines
1.4 KiB
YAML
44 lines
1.4 KiB
YAML
- hosts: "review:!disabled"
|
|
name: "Configure gerrit"
|
|
roles:
|
|
- iptables
|
|
- install-docker
|
|
- gerrit
|
|
|
|
# NOTE(ianw) 2021-04-09 This is a workaround for RA leaks seen in
|
|
# vexxhost which is currently unresolved. This pins the ipv6 config
|
|
# and ensures we don't listen to RA's. See:
|
|
# http://lists.opendev.org/pipermail/service-discuss/2021-April/000200.html
|
|
# https://launchpad.net/bugs/1844712
|
|
# We do not want this to be created when we are testing gerrit.
|
|
- hosts: "review02.opendev.org"
|
|
tasks:
|
|
- name: Install RA rejection
|
|
when: gerrit_under_test is not defined or not gerrit_under_test
|
|
copy:
|
|
dest: '/etc/netplan/50-cloud-init.yaml'
|
|
owner: 'root'
|
|
group: 'root'
|
|
mode: '0644'
|
|
content: |
|
|
network:
|
|
version: 2
|
|
ethernets:
|
|
ens3:
|
|
dhcp4: true
|
|
dhcp6: false
|
|
accept-ra: false
|
|
addresses:
|
|
- '2604:e100:1:0:f816:3eff:fe52:22de/64'
|
|
routes:
|
|
- to: '::/0'
|
|
via: '2604:e100:1:0::1'
|
|
metric: 100
|
|
- to: '::/0'
|
|
via: '2604:e100:1:0::2'
|
|
metric: 100
|
|
match:
|
|
macaddress: fa:16:3e:52:22:de
|
|
mtu: 1500
|
|
set-name: ens3
|