Compilation results for gitlab1004.wikimedia.org: System changes detected

You can retrieve this result from host.json.

Catalog differences

Summary

Total Resources:	3470
Resources added:	0
Resources removed:	0
Resources modified:	8
Change percentage:	0.23%

Resources modified

Class[Gitlab]

Parameters differences:

--- Class[Gitlab].orig
+++ Class[Gitlab]

@@
-    nginx_listen_addresses => ['208.80.154.145', '2620:0:861:2:208:80:154:145']
+    nginx_listen_addresses => ['208.80.154.145', '2620:0:861:2:208:80:154:145', '127.0.0.1', '::1']

Envoyproxy::Tls_terminator[8443]

Parameters differences:

--- Envoyproxy::Tls_terminator[8443].orig
+++ Envoyproxy::Tls_terminator[8443]

@@
-    upstreams => [{'server_names': ['*'], 'cert_path': None, 'key_path': None, 'upstream_port': 443, 'upstream_addr': 'gitlab1004.wikimedia.org', 'upstream_tls': True}]
+    upstreams => [{'server_names': ['*'], 'cert_path': None, 'key_path': None, 'upstream_port': 443, 'upstream_addr': '127.0.0.1', 'upstream_tls': True, 'upstream_sni': 'gitlab.wikimedia.org'}]

File[/etc/envoy/clusters.d/00-cluster_local_port_443.yaml]

Content differences:

--- /etc/envoy/clusters.d/00-cluster_local_port_443.yaml.orig
+++ /etc/envoy/clusters.d/00-cluster_local_port_443.yaml
@@ -16,12 +16,13 @@
     - endpoint:
         address:
           socket_address:
-            address: gitlab1004.wikimedia.org
+            address: 127.0.0.1
             port_value: 443
 transport_socket:
   name: envoy.transport_sockets.tls
   typed_config:
     "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+    sni: gitlab.wikimedia.org
     common_tls_context:
       validation_context:
         trusted_ca:

Class[Profile::Gitlab]

Parameters differences:

--- Class[Profile::Gitlab].orig
+++ Class[Profile::Gitlab]

@@
-    nginx_listen_addresses => ['208.80.154.145', '2620:0:861:2:208:80:154:145']
+    nginx_listen_addresses => ['208.80.154.145', '2620:0:861:2:208:80:154:145', '127.0.0.1', '::1']

Envoyproxy::Conf[cluster_local_port_443]
Envoyproxy::Cluster[cluster_local_port_443]

Class[Profile::Tlsproxy::Envoy]

Parameters differences:

--- Class[Profile::Tlsproxy::Envoy].orig
+++ Class[Profile::Tlsproxy::Envoy]

+    upstream_sni  => gitlab.wikimedia.org
@@
-    upstream_addr => gitlab1004.wikimedia.org
+    upstream_addr => 127.0.0.1

File[/etc/gitlab/gitlab.rb]

Content differences:

--- /etc/gitlab/gitlab.rb.orig
+++ /etc/gitlab/gitlab.rb
@@ -61,7 +61,7 @@
 nginx['redirect_http_to_https'] = false
 nginx['ssl_certificate'] = "/etc/acmecerts/gitlab/live/ec-prime256v1.chained.crt"
 nginx['ssl_certificate_key'] = "/etc/acmecerts/gitlab/live/ec-prime256v1.key"
-nginx['listen_addresses'] = ["208.80.154.145", "[2620:0:861:2:208:80:154:145]"]
+nginx['listen_addresses'] = ["208.80.154.145", "[2620:0:861:2:208:80:154:145]", "127.0.0.1", "[::1]"]
 
 # Nginx access logging in JSON - see https://phabricator.wikimedia.org/T274462
 #

Compilation results for gitlab1004.wikimedia.org: System changes detected

Catalog differences

Summary

Resources modified

Relevant files