Yikes. That sounds bad.
> We sync over git: to our local slave on the master site. We have a git
> daemon open for traffic from our master host only, and it replicates
> new changes over this protocol to the slave.
>
> Generic look of our replication.config:
> [remote "mirror"]
> url = git://host.intra.net/${name}.git
>
> This way of replicating works fine, and with plenty of speed, but
> introduces some new problems as well, however.
> Because suddenly create-project doesn't work very well, the git's
> don't appear on this particular slave any more, we have to initialize
> them manually over an ssh link.
Yea, that is a downside to using the anonymous git protocol.
> However, on second thought I seem to remember us in the past
> discussing whether the slave itself should initialize new projects,
> perhaps that would be a better way to handle this. It is clear that
> sync over git: isn't really an option today unless you have supportive
> scripts on the side.
I think we would prefer to do this. We should be able to use the
master's host key(s) to authenticate to the slave as the magic user
"Gerrit Code Review", assuming the slave had the master's host key
listed in its $site_path/etc/peer_keys file.
A minor code change to CreateProject could introduce a new --slave
flag that doesn't update the database, just initializes the new
project repository locally.
Then we just need to put the slave's URL into a new key in the remote
block in replication.config, and if present use `gerrit create-project
--slave` to create the new project. It doesn't sound that hard
actually. Most difficult part might be setting up the JSch session
with the master's host keys.