I have a working gerrit installation, the only thing is, gerrit is configured with HTTP authentication backend, and nginx handle the authentication.
Now, I want to use gerrit restapi (just to set Verified label via curl as a specific user). for that I need to use http password generated by gerrit in setting panel. so you can see the problem. there is two different password. first I try to set same password for both, (nginx password is in my control, gerrit is not) then I change try to create a new location for /a/ (gerrit prefix for authentication) and remove the nginx password on that route, yet no luck. the final nginx config is :
location /a/ { proxy_pass http://127.0.0.1:8118; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; auth_basic "Gerrit"; proxy_set_header Authorization $http_authorization; proxy_pass_header Authorization; } location / { proxy_pass http://127.0.0.1:8118; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; auth_basic "Gerrit"; auth_basic_user_file /etc/nginx/conf.d/gerrit.htpasswd; proxy_set_header Authorization $http_authorization; proxy_pass_header Authorization; } my gerrit config is :
[gerrit] basePath = git canonicalWebUrl = http://gerrit.example.com/ [database] type = postgresql hostname = 127.0.0.1 database = reviewdb username = gerrit2 [index] type = LUCENE [auth] type = HTTP [sendemail] smtpServer = mail.vada.ir from = ${user} Code Review <[email protected]> smtpUser = [email protected] smtpPass = T7SMkUYRqMP [container] user = gerrit2 javaHome = /usr/lib/jvm/java-7-openjdk-amd64/jre [sshd] listenAddress = *:29418 [httpd] listenUrl = proxy-http://127.0.0.1:8118/ [cache] directory = cache [plugins] allowRemoteAdmin = true changing the gerrit authentication is only an option if we can protect it from registration.
Thank you.
gerrit.configlook like?