GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → samdoran → ansible-role-gitlab

samdoran / ansible-role-gitlab

Licence: other
Ansible role for GitLab CE Omnibus

Programming Languages

ruby
36898 projects - #4 most used programming language
Jinja
831 projects
python
139335 projects - #7 most used programming language

GitLab Community Edition

The role will install the latest version of GitLab CE from the official repositories.

There is a cron job or systemd timer that creates daily backups of the database.

To only run update tasks, run ansible-playbook site.yml --tags gitlab_update.

Requirements

  • SSL private and public keys if using SSL
  • Postfix installed and configured to relay mail properly
  • Ports 80 and 443 open in firewall

Role Variables

GitLab Variables

There are now far too many variable to describe each individually. I recommend looking through defaults/main.yml to see all available options and some useful links for further information.

Here are the variables you will most likely need to set.

Name Default Description
gitlab_version [undefined] If defined, install a specific version of GitLab. If undefined, install the latest version. This needs to be a string, so be sure to wrap it in double quotes.
gitlab_version_suffix -ce.0 Debian only When specifying gitlab_version, an additional suffix is needed. To see valid suffixes, run aptitude versions gitlab-ce. Since GitLab 8, the suffix is always -ce.[012].
gitlab_manage_backup_path yes Whether or not GitLab should manage backups
gitlab_days_old_backups 10 Passed to find -time +[n] in cron job that deletes GitLab backups
gitlab_fqdn "{{ ansible_fqdn }}" FQDN of GitLab host
gitlab_nginx_ssl_enabled False Whether or not to configure GitLab to use SSL. This is meant to be used when the SSL certificates are installed using an additional role and not defined inside gitlab_nginx_ssl_crt and gitlab_nginx_ssl_key. If gitlab_nginx_ssl_crt or gitlab_nginx_ssl_key are defined, SSL will be enabled
gitlab_nginx_redirect_http_to_https False Whether or not to redirect HTTP to HTTPS.
gitlab_nginx_ssl_cert_path /etc/pki/tls/certs/ Directory where GitLab SSL certs are stored.
gitlab_nginx_ssl_key_path /etc/pki/tls/private/ Directory where GitLab SSL certificate keys are stored.
gitlab_nginx_ssl_filename "{{ ansible_fqdn }}" What the SSL certificate and key files will be named. A .crt extension is used for the public cert, a .key extension is used for the private key.
gitlab_nginx_ssl_port 443 Listening port for HTTPS.
gitlab_nginx_ssl_crt Undefined multi-line variable SSL Public certificate.
gitlab_nginx_ssl_key Undefined multi-line variable SSL Private key. I recommend putting this in an ansible vault.

GitLab CI Variables

Note: GitLab CI uses OAuth for authentication. Here is the rough procedure for setting it up:

  1. Install GitLab
  2. Follow the instructions on the GitLab CI login page to generate an OAuth token for GitLab CI
  3. Put those values in the appropriate variables
  4. Run the playbook with --tags gitlabrb in order to update the template and reconfigure GitLab.

Example Playbooks

Setup GitLab using SSL.

- hosts: gitlab
  become: yes

  vars:
     gitlab_days_old_backups: 7

     gitlab_nginx_ssl_crt: "{{ ssl_cert_stored_in_vault }}"
     gitlab_nginx_ssl_key: "{{ ssl_key_stored_in_vault }}"

  roles:
     - role: samdoran.gitlab

Install a specific version of GitLab.

- hosts: gitlab
  become: yes

  vars:
     gitlab_version: "12.5.3"
     gitlab_version_suffix: "-ce.2"

  roles:
     - role: samdoran.gitlab

License

Apache 2.0

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].