Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/samdoran/ansible-role-gitlab

Ansible role for GitLab CE Omnibus
https://github.com/samdoran/ansible-role-gitlab

Last synced: 2 months ago
JSON representation

Ansible role for GitLab CE Omnibus

Host: GitHub
URL: https://github.com/samdoran/ansible-role-gitlab
Owner: samdoran
Created: 2014-09-19T17:43:35.000Z (over 10 years ago)
Default Branch: main
Last Pushed: 2021-07-27T20:12:11.000Z (over 3 years ago)
Last Synced: 2023-05-21T08:35:16.732Z (over 1 year ago)
Language: Ruby
Size: 194 KB
Stars: 29
Watchers: 6
Forks: 21
Open Issues: 2
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        GitLab Community Edition

========

The role will install the latest version of GitLab CE from the official repositories.

There is a cron job or `systemd` timer that creates daily backups of the database.

To only run update tasks, run `ansible-playbook site.yml --tags gitlab_update`.

Requirements

------------

* SSL private and public keys if using SSL

* Postfix installed and configured to relay mail properly

* Ports 80 and 443 open in firewall

Role Variables

--------------

#### GitLab Variables  ####

There are now far too many variable to describe each individually. I recommend looking through `defaults/main.yml` to see all available options and some useful links for further information.

Here are the variables you will most likely need to set.

| Name           | Default                     | Description                |

|----------------|-----------------------------|----------------------------|

| `gitlab_version` | `[undefined]` | If defined, install a specific version of GitLab. If undefined, install the latest version. This needs to be a string, so be sure to wrap it in double quotes. |

| `gitlab_version_suffix` | `-ce.0` | **Debian only** When specifying `gitlab_version`, an additional suffix is needed. To see valid suffixes, run `aptitude versions gitlab-ce`. Since GitLab 8, the suffix is always `-ce.[012]`. |

| `gitlab_manage_backup_path` | `yes` | Whether or not GitLab should manage backups |

|  `gitlab_days_old_backups` | 10 | Passed to `find -time +[n]` in cron job that deletes GitLab backups |

| `gitlab_fqdn` | `"{{ ansible_fqdn }}"` | FQDN of GitLab host |

| `gitlab_nginx_ssl_enabled` | False | Whether or not to configure GitLab to use SSL. This is meant to be used when the SSL certificates are installed using an additional role and not defined inside `gitlab_nginx_ssl_crt` and `gitlab_nginx_ssl_key`. If `gitlab_nginx_ssl_crt` or `gitlab_nginx_ssl_key` are defined, SSL will be enabled |

| `gitlab_nginx_redirect_http_to_https` | False | Whether or not to redirect HTTP to HTTPS. |

| `gitlab_nginx_ssl_cert_path` | `/etc/pki/tls/certs/` | Directory where GitLab SSL certs are stored. |

| `gitlab_nginx_ssl_key_path` | `/etc/pki/tls/private/` | Directory where GitLab SSL certificate keys are stored. |

| `gitlab_nginx_ssl_filename` | `"{{ ansible_fqdn }}"` | What the SSL certificate and key files will be named. A `.crt` extension is used for the public cert, a `.key` extension is used for the private key. |

| `gitlab_nginx_ssl_port` | 443 | Listening port for HTTPS. |

| `gitlab_nginx_ssl_crt` | Undefined multi-line variable | SSL Public certificate. |

| `gitlab_nginx_ssl_key` | Undefined multi-line variable | SSL Private key. I recommend putting this in an ansible vault. |

#### GitLab CI Variables ####

**Note:** GitLab CI uses OAuth for authentication. Here is the rough procedure for setting it up:

  1. Install GitLab

  1. Follow the instructions on the GitLab CI login page to generate an OAuth token for GitLab CI

  1. Put those values in the appropriate variables

  1. Run the playbook with `--tags gitlabrb` in order to update the template and reconfigure GitLab.

Example Playbooks

----------------

Setup GitLab using SSL.

```yaml

- hosts: gitlab

  become: yes

  vars:

     gitlab_days_old_backups: 7

     gitlab_nginx_ssl_crt: "{{ ssl_cert_stored_in_vault }}"

     gitlab_nginx_ssl_key: "{{ ssl_key_stored_in_vault }}"

  roles:

     - role: samdoran.gitlab

```

Install a specific version of GitLab.

```yaml

- hosts: gitlab

  become: yes

  vars:

     gitlab_version: "12.5.3"

     gitlab_version_suffix: "-ce.2"

  roles:

     - role: samdoran.gitlab

```

License

-------

Apache 2.0