Skip to content
This repository has been archived by the owner on Oct 22, 2021. It is now read-only.

ansemjo/ansible-role-gitlab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

defaults

defaults

 
 

files

files

 
 

handlers

handlers

 
 

meta

meta

 
 

tasks

tasks

 
 

templates

templates

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

ansemjo.gitlab

This role targets CentOS 7 systems and installs GitLab CE.

See defaults/main.yml for available variables or just define your own template to be used with gitlab_template.

Configuration Notes

TLS certificates

This role expects to find a tls certificate and key at /etc/pki/tls/{certs,private}/$FQDN.{crt,key}. If this is a FreeIPA-enrolled system, this can be achieved with my ansemjo.ipa_getcert role. It also assumes that a valid CA certificate is located at /etc/ipa/ca.crt.

ansemjo_ipa_getcert_request_hostnames:
  - "{{ ansible_fqdn }}"
  - "{{ gitlab_registry_fqdn }}"
gitlab_registry_enabled: true
gitlab_registry_fqdn: "{{ my_registry }}"

Otherwise configure the following variables appropriately:

gitlab_tls_cert: "/etc/pki/tls/certs/{{ gitlab_fqdn }}.crt"
gitlab_tls_key: "/etc/pki/tls/private/{{ gitlab_fqdn }}.key"
gitlab_registry_tls_cert: "/etc/pki/tls/certs/{{ gitlab_registry_fqdn }}.crt"
gitlab_registry_tls_key: "/etc/pki/tls/private/{{ gitlab_registry_fqdn }}.key"
gitlab_ca_symlinks:
    - src: /etc/path/to/your/ca.crt
      dst: /etc/gitlab/trusted-certs/my-ca.crt

Default project features

The default project features can be configured with:

# default project feature settings
gitlab_default_projects_features_issues: yes
gitlab_default_projects_features_merge_requests: yes
gitlab_default_projects_features_wiki: no
gitlab_default_projects_features_snippets: no
gitlab_default_projects_features_builds: no
gitlab_default_projects_features_container_registry: no

Upload Backups to Amazon S3 / Minio

To upload your GitLab backups to an S3 compatible bucket, e.g. on minio, you can set the following host variables:

gitlab_backup_s3_enabled: yes
gitlab_backup_s3_key_id: YOUR-ACCESS-KEY-HERE
gitlab_backup_s3_key_secret: YOUR-SECRET-KEY-HERE
gitlab_backup_s3_endpoint: https://minio.yourdomain.com:9000
gitlab_backup_s3_path_style: yes
gitlab_backup_s3_bucket: gitlab-backups

For uploads to Amazon AWS remove the *_path_style and *_endpoint variables and instead add a region:

gitlab_backup_s3_enabled: yes
gitlab_backup_s3_region: eu-west-1
gitlab_backup_s3_key_id: YOUR-ACCESS-KEY-HERE
gitlab_backup_s3_key_secret: YOUR-SECRET-KEY-HERE
gitlab_backup_s3_bucket: gitlab-backups

Scheduling is done with:

# backup scheduling
gitlab_backup_on_calendar: weekly # systemd OnCalendar= format
gitlab_backup_keep_time: 2678400 # 31 days

LDAP Authentication

You can enable LDAP authentication to use e.g. FreeIPA as a central user manager. See defaults/main.yml for all availabe options.

About

role to install and configure gitlab ce

Topics

ansible gitlab ansible-role gitlab-ce gitlab-registry

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages