Commit a5784406 authored by Sven-Hendrik Haase's avatar Sven-Hendrik Haase
Browse files

Add GitLab role

parent fa1da1a5
......@@ -264,6 +264,9 @@ arch_users:
groups:
- dev
- multilib
gitlab:
name: ""
groups: []
grazzolini:
name: "Giancarlo Razzolini"
ssh_key: grazzolini.pub
......
$ANSIBLE_VAULT;1.1;AES256
30373662313233366335326465303964376230346234633438356330643962626338356133333764
3639366535343030303632303766656663633937393561370a653062383335333531336363323835
32663063313964353937663234313263363937653039333162616437393766666337356632366332
3434636134643030640a613462353965333339643366313239643665346333383336633765316364
35366330363333386665323232316334613333363134353039633935643738373835383934383632
63313037613131613232343561333034323862363534363562333436616366306434366462646330
656163303863373565656233646239633064
---
- name: setup gitlab server
hosts: gitlab.archlinux.org
remote_user: root
roles:
- { role: common }
- { role: tools }
- { role: firewalld }
- { role: sshd }
- { role: root_ssh }
- { role: gitlab, gitlab_domain: "gitlab.archlinux.org" }
---
- name: install docker dependencies
pacman: name=docker,python-docker state=present
- name: start docker
service: name=docker enabled=yes state=started
- name: start docker gitlab image
docker_container:
name: gitlab
image: gitlab/gitlab-ce:latest
domainname: "{{ gitlab_domain }}"
published_ports:
- "80:80"
- "443:443"
- "222:22"
pull: yes
restart_policy: always
env:
# See https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://{{ gitlab_domain }}'
letsencrypt['enable'] = true
letsencrypt['contact_emails'] = ['webmaster@archlinux.org']
gitlab_rails['lfs_enabled'] = true
gitlab_rails['gitlab_shell_ssh_port'] = 222
gitlab_rails['initial_root_password'] = "{{ gitlab_root_password }}"
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = 'mail.archlinux.org'
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = 'gitlab'
gitlab_rails['smtp_password'] = "{{ gitlab_root_password }}"
gitlab_rails['smtp_domain'] = 'gitlab.archlinux.org'
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'gitlab@archlinux.org'
gitlab_rails['gitlab_email_display_name'] = 'GitLab'
gitlab_rails['gitlab_email_reply_to'] = 'noreply@archlinux.org'
gitlab_rails['gitlab_default_theme'] = 2
volumes:
- "/srv/gitlab/config:/etc/gitlab"
- "/srv/gitlab/logs:/var/log/gitlab"
- "/srv/gitlab/data:/var/opt/gitlab"
- name: open firewall holes
firewalld: port={{ item }} permanent=true state=enabled immediate=yes
when: configure_firewall
with_items:
- "80/tcp"
- "443/tcp"
- "222/tcp"
tags:
- firewall
- name: make docker0 interface trusted
firewalld: interface=docker0 zone=trusted permanent=true state=enabled immediate=yes
when: configure_firewall
with_items:
- "80/tcp"
- "443/tcp"
- "222/tcp"
tags:
- firewall
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment