feat: add options for backup

.forgejo/workflows/molecule.yml

@@ -0,0 +1,18 @@
+---
+on: [push]
+jobs:
+  lint:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: ansible-lint .
+      - run: yamllint .
+  molecule:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: molecule test

.gitlab-ci.yml

@@ -0,0 +1,10 @@
+---
+image: nishiki/molecule:docker
+
+before_script:
+  - molecule --version
+
+molecule:
+  stage: test
+  script:
+    - molecule test

.yamllint

@@ -2,11 +2,11 @@
 extends: default
 
 ignore: |
-  .kitchen/*
+  .kitchen*
   vendor/
+  .forgejo/
 
 rules:
   line-length:
     max: 120
     level: warning
-  truthy: false

CHANGELOG.md

@@ -3,8 +3,37 @@
 This project adheres to [Semantic Versioning](http://semver.org/).
 Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
-## [Unreleased]
+## Unreleased
 
-## [v1.0.0] - 2020-04-11
+### Added
+
+- feat: add gitlab_registry_url variable
+- feat: add options for backup
+- test: add support debian 12
+
+### Changed
+
+- test: use personal docker registry
+
+### Removed
+
+- test: remove support debian 10
+- test: remove support debian 11
+
+## v1.1.0 - 2021-08-24
+
+### Added
+
+- feat: add gitlab_data_dir variable
+- feat: add gitlab_pages_url variable
+- feat: add complex variables in config file
+- feat: add backup cron
+- test: add support debian 11
+
+### Changed
+
+- chore: use FQCN for module name
+
+## v1.0.0 - 2020-04-11
 
 - first version

README.md

@@ -1,18 +1,23 @@
 # Ansible role: Gitlab
 
-[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-gitlab/releases)
-[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-gitlab/src/branch/master/LICENSE)
+[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-gitlab/releases)
+[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-gitlab/src/branch/main/LICENSE)
+[![Build](https://code.waks.be/nishiki/ansible-role-gitlab/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-gitlab/actions?workflow=molecule.yml)
 
 Install and configure a Gitlab server
 
 ## Requirements
 
-* Ansible >= 2.9
-* Debian Buster
+- Ansible >= 2.9
+- Debian
+  - Bullseye
+  - Bookworm
 
 ## Role variables
 
-- `gitlab_url` - set the gitlab url (default: `http://gitlab.example.com`)
+- `gitlab_url` - set the gitlab url
+- `gitlab_pages_url` - set the gitlab pages url
+- `gitlab_data_dir` - set the path for repository
 - `gitlab_config` - set the config
 
 ```
@@ -23,6 +28,14 @@ Install and configure a Gitlab server
     backup_archive_permissions: 0644
 ```
 
+- `gitlab_backup_cron_month` - set the month for the backup cron (default: `'*'`)
+- `gitlab_backup_cron_weekday` - set the weekday for the backup cron (default: `'*'`)
+- `gitlab_backup_cron_day` - set the day for the backup cron (default: `'*'`)
+- `gitlab_backup_cron_hour` - set the hour for the backup cron (default: `2`)
+- `gitlab_backup_cron_minute` - set the minute for the backup cron (default: `30`)
+- `gitlab_backup_skip` - list with [skip data](https://docs.gitlab.com/ee/administration/backup_restore/backup_gitlab.html#excluding-specific-data-from-the-backup)
+- `gitlab_backup_auto` - set if a backup if create during update (default: `true`)
+
 ## How to use
 
 ```
@@ -35,10 +48,10 @@ Install and configure a Gitlab server
 
 ### Test with molecule and docker
 
-* install [docker](https://docs.docker.com/engine/installation/)
-* install `python3` and `python3-pip`
-* install molecule and dependencies `pip3 install molecule 'molecule[docker]' docker ansible-lint testinfra yamllint`
-* run `molecule test`
+- install [docker](https://docs.docker.com/engine/installation/)
+- install `python3` and `python3-pip`
+- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
+- run `molecule test`
 
 ## License
 

defaults/main.yml

@@ -2,3 +2,10 @@
 gitlab_repository: 'deb https://packages.gitlab.com/gitlab/gitlab-ce/debian/ {{ ansible_distribution_release }} main'
 gitlab_url: http://gitlab.example.com
 gitlab_config: {}
+gitlab_backup_cron_month: '*'
+gitlab_backup_cron_weekday: '*'
+gitlab_backup_cron_day: '*'
+gitlab_backup_cron_hour: 2
+gitlab_backup_cron_minute: 30
+gitlab_backup_skip: []
+gitlab_backup_auto: true

handlers/main.yml

@@ -1,4 +1,3 @@
 ---
-- name: reconfigure gitlab
-  command: gitlab-ctl reconfigure
-  tags: gitlab
+- name: Reconfigure gitlab  # noqa no-changed-when
+  ansible.builtin.command: gitlab-ctl reconfigure

meta/main.yml

@@ -1,16 +1,18 @@
 ---
 galaxy_info:
   role_name: gitlab
+  namespace: nishiki
   author: Adrien Waksberg
   company: Adrien Waksberg
   description: Install and configure gitlab server
   license: Apache2
-  min_ansible_version: 2.9
+  min_ansible_version: "2.9"
 
   platforms:
     - name: Debian
       versions:
-        - buster
+        - bullseye
+        - bookworm
 
   galaxy_tags:
     - git

molecule/default/converge.yml

@@ -4,16 +4,23 @@
   roles:
     - ansible-role-gitlab
   vars:
+    gitlab_data_dir: /opt/data/git
+    gitlab_backup_auto: false
+    gitlab_backup_skip:
+      - db
+      - registry
     gitlab_config:
       prometheus:
         enable: false
       alertmanager:
         enable: false
-      grafana:
-        enable: false
 
   pre_tasks:
     - name: delete dockerenv file
-      file:
+      ansible.builtin.file:
         path: /.dockerenv
         state: absent
+
+    - name: update apt cache
+      ansible.builtin.apt:
+        update_cache: true

molecule/default/molecule.yml

@@ -2,21 +2,18 @@
 driver:
   name: docker
 platforms:
-  - name: debian10
-    image: nishiki/debian10:molecule
+  - name: debian12
+    image: code.waks.be/nishiki/molecule:debian12
     privileged: true
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
     command: /bin/systemd
     capabilities:
       - SYS_ADMIN
-    exposed_ports:
-      - 22/tcp
-    published_ports:
-      - 0.0.0.0:2222:22/tcp
 lint: |
   set -e
   yamllint .
-  ansible-lint
+  ansible-lint .
 verifier:
   name: testinfra

molecule/default/tests/test_default.py

@@ -1,8 +1,14 @@
 import testinfra.utils.ansible_runner
 
 def test_packages(host):
-  package = host.package('gitlab-ce')
-  assert package.is_installed
+  for package_name in ['cron', 'gitlab-ce']:
+    package = host.package(package_name)
+    assert package.is_installed
+
+def test_git_directory(host):
+  path = host.file('/opt/data/git')
+  assert path.exists
+  assert path.is_directory
 
 def test_config_file(host):
   config = host.file('/etc/gitlab/gitlab.rb')
@@ -12,7 +18,15 @@ def test_config_file(host):
   assert config.group == 'root'
   assert config.mode == 0o600
   assert config.contains("external_url 'http://gitlab.example.com'")
-  assert config.contains("grafana\\['enable'\\] = false")
+  assert config.contains("prometheus\\['enable'\\] = false")
+
+def test_skip_auto_backup_file(host):
+  config = host.file('/etc/gitlab/skip-auto-backup')
+  assert config.exists
+  assert config.is_file
+  assert config.user == 'root'
+  assert config.group == 'root'
+  assert config.mode == 0o644
 
 def test_service(host):
   service = host.service('gitlab-runsvdir')
@@ -29,3 +43,9 @@ def test_grafana_down(host):
     assert False
   except:
     assert True
+
+def test_cron_file(host):
+  config = host.file('/var/spool/cron/crontabs/root')
+  assert config.exists
+  assert config.is_file
+  assert config.contains('30 2 \\* \\* \\* gitlab-backup create SKIP=db,registry')

tasks/main.yml

@@ -1,38 +1,74 @@
 ---
-- name: add gpg key
-  apt_key:
+- name: Install dependencies packages
+  ansible.builtin.package:
+    name:
+      - cron
+      - gpg
+  tags: gitlab
+
+- name: Add gpg key
+  ansible.builtin.apt_key:
     url: https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
   tags: gitlab
 
-- name: add repository
-  apt_repository:
+- name: Add repository
+  ansible.builtin.apt_repository:
     repo: '{{ gitlab_repository }}'
   tags: gitlab
 
-- name: install package
-  package:
-    name: gitlab-ce
+- name: Install package
+  ansible.builtin.package:
+    name:
+      - gitlab-ce
   tags: gitlab
 
-- name: copy config
-  template:
+- name: Copy config
+  ansible.builtin.template:
     src: gitlab.rb.j2
     dest: /etc/gitlab/gitlab.rb
     owner: root
     group: root
     mode: 0600
-  notify: reconfigure gitlab
+  notify: Reconfigure gitlab
   tags: gitlab
 
-- name: init gitlab
-  command: gitlab-ctl reconfigure
+- name: Init gitlab
+  ansible.builtin.command: gitlab-ctl reconfigure
   args:
     creates: /usr/lib/systemd/system/gitlab-runsvdir.service
   tags: gitlab
 
-- name: enable and start service
-  service:
+- name: Enable and start service
+  ansible.builtin.service:
     name: gitlab-runsvdir
     state: started
     enabled: true
   tags: gitlab
+
+- name: Check if skip autobackup file exists
+  ansible.builtin.stat:
+    path: /etc/gitlab/skip-auto-backup
+  register: st
+  tags: gitlab
+
+- name: Manage skip autobackup file
+  ansible.builtin.file:
+    path: /etc/gitlab/skip-auto-backup
+    owner: root
+    group: root
+    mode: "0644"
+    state: "{{ gitlab_backup_auto | ternary('absent', 'touch')}}"
+  when: not st.stat.exists or gitlab_backup_auto
+  tags: gitlab
+
+- name: Add backup cron
+  ansible.builtin.cron:
+    name: gitlab-backup
+    user: root
+    job: "gitlab-backup create SKIP={{ gitlab_backup_skip | join(',') }}"
+    month: '{{ gitlab_backup_cron_month | string }}'
+    weekday: '{{ gitlab_backup_cron_weekday | string }}'
+    day: '{{ gitlab_backup_cron_day | string }}'
+    hour: '{{ gitlab_backup_cron_hour | string }}'
+    minute: '{{ gitlab_backup_cron_minute | string }}'
+  tags: gitlab

templates/gitlab.rb.j2

@@ -1,12 +1,19 @@
 # {{ ansible_managed }}
 
 external_url '{{ gitlab_url }}'
-
+{% if gitlab_registry_url is defined %}
+registry_external_url '{{ gitlab_registry_url }}'
+{% endif %}
+{% if gitlab_pages_url is defined %}
+pages_external_url '{{ gitlab_pages_url }}'
+{% endif %}
+{% if gitlab_data_dir is defined %}
 git_data_dirs({
   "default" => {
     "path" => "{{ gitlab_data_dir }}"
    }
 })
+{% endif %}
 {% for module, options in gitlab_config.items() %}
 
 {% for option, value in options.items() %}
@@ -14,7 +21,9 @@ git_data_dirs({
 {% elif value is sameas false %}false
 {% elif value is string %}'{{ value }}'
 {% elif value is number %}{{ value }}
-{% else %}['{{ value|join("', '") }}']
+{% else %}YAML.load <<-EOS
+{{ value|to_nice_yaml }}
+EOS
 {% endif %}
 {% endfor %}
 {% endfor %}