ansible-gerrit-management/defaults/main.yml

---
# Defaults
gerrit_user: "git"
gerrit_group: "git"
gerrit_version: "3.8.1"
#gerrit_home_dir: "/opt/gerrit-{{ gerrit_version }}"
gerrit_home_dir: "/opt/gerrit"
gerrit_site: "rlgitsvc"
gerrit_container_user: "{{ gerrit_user }}"
gerrit_container_heap_limit: "1g"
gerrit_container_java_options: "-server -XX:+PrintGCDetails -XX:MaxPermSize=256M"
gerrit_build_container: false
gerrit_container_java_options_docker: " -Djava.security.egd=file:/dev/./urandom --add-opens java.base/java.net=ALL-UNNAMED --add-opens java.base/java.lang.invoke=ALL-UNNAMED"

gerrit_database_type: "postgresql"
gerrit_database_user: "gerrit"
gerrit_database_name: "gerrit"
gerrit_database_password: "gerrit"
gerrit_database_host: "localhost"

gerrit_allow_insecure_passwords: false

# Gerrit vars
gerrit_config_base_path: "git"
gerrit_config_canonical_domain: "git.rockylinux.org"
gerrit_config_canonical_weburl: "https://git.rockylinux.org"

# Gerrit index. Default LUCENE
gerrit_index_type: "LUCENE"

# Gerrit auth type
gerrit_auth_type: "LDAP"

# Gerrit sshd
gerrit_sshd_listen_address: "*:22220"
gerrit_sshd_threads: "32"

# Gerrit httpd
reverse_proxy: "httpd"
cert_owner: "{{ 'nginx' if reverse_proxy == 'nginx' else 'apache' }}"
gerrit_httpd_listen_url: "proxy-https://127.0.0.1:8080/"
gerrit_httpd_proxy_url: "http://127.0.0.1:8080/"
gerrit_referenced_objects_reachable: false

# Gerrit setup
gerrit_directories:
  - "{{ gerrit_home_dir }}/{{ gerrit_site }}/etc"
  - "{{ gerrit_home_dir }}/{{ gerrit_site }}/lib"
  - "{{ gerrit_home_dir }}/{{ gerrit_site }}/static"
  - "{{ gerrit_home_dir }}/{{ gerrit_site }}/hooks"
  - "{{ gerrit_home_dir }}/{{ gerrit_site }}/plugins"
  - "{{ gerrit_home_dir }}/{{ gerrit_site }}/cache"

# oauth if enabled
oauth_base_url: "https://accounts.rockylinux.org/auth"
oauth_realm: "rocky"
oauth_client_id: "gerrit"
oauth_client_secret: "NONE"

# ldap if enabled
ldap_url_list:
  - ldap://ipa-us-east-2.rockylinux.org

# Use freeipa CA
tls_use_internal_freeipa: true
...