feat: add options for backup

.forgejo/workflows/molecule.yml

@@ -0,0 +1,18 @@
+---
+on: [push]
+jobs:
+  lint:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: ansible-lint .
+      - run: yamllint .
+  molecule:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: molecule test

.gitlab-ci.yml

@@ -0,0 +1,10 @@
+---
+image: nishiki/molecule:docker
+
+before_script:
+  - molecule --version
+
+molecule:
+  stage: test
+  script:
+    - molecule test

.yamllint

@@ -2,11 +2,11 @@
 extends: default
 
 ignore: |
-  .kitchen/*
+  .kitchen*
   vendor/
+  .forgejo/
 
 rules:
   line-length:
     max: 120
     level: warning
-  truthy: false

CHANGELOG.md

@@ -5,6 +5,21 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
 ## Unreleased
 
+### Added
+
+- feat: add gitlab_registry_url variable
+- feat: add options for backup
+- test: add support debian 12
+
+### Changed
+
+- test: use personal docker registry
+
+### Removed
+
+- test: remove support debian 10
+- test: remove support debian 11
+
 ## v1.1.0 - 2021-08-24
 
 ### Added

README.md

@@ -1,16 +1,17 @@
 # Ansible role: Gitlab
 
-[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-gitlab/releases)
+[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-gitlab/releases)
-[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-gitlab/src/branch/master/LICENSE)
+[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-gitlab/src/branch/main/LICENSE)
+[![Build](https://code.waks.be/nishiki/ansible-role-gitlab/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-gitlab/actions?workflow=molecule.yml)
 
 Install and configure a Gitlab server
 
 ## Requirements
 
-* Ansible >= 2.9
+- Ansible >= 2.9
-* Debian
+- Debian
-  * Buster
+  - Bullseye
-  * Bullseye
+  - Bookworm
 
 ## Role variables
 
@@ -32,6 +33,8 @@ Install and configure a Gitlab server
 - `gitlab_backup_cron_day` - set the day for the backup cron (default: `'*'`)
 - `gitlab_backup_cron_hour` - set the hour for the backup cron (default: `2`)
 - `gitlab_backup_cron_minute` - set the minute for the backup cron (default: `30`)
+- `gitlab_backup_skip` - list with [skip data](https://docs.gitlab.com/ee/administration/backup_restore/backup_gitlab.html#excluding-specific-data-from-the-backup)
+- `gitlab_backup_auto` - set if a backup if create during update (default: `true`)
 
 ## How to use
 
@@ -45,10 +48,10 @@ Install and configure a Gitlab server
 
 ### Test with molecule and docker
 
-* install [docker](https://docs.docker.com/engine/installation/)
+- install [docker](https://docs.docker.com/engine/installation/)
-* install `python3` and `python3-pip`
+- install `python3` and `python3-pip`
-* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
+- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
-* run `molecule test`
+- run `molecule test`
 
 ## License
 

defaults/main.yml

@@ -7,3 +7,5 @@ gitlab_backup_cron_weekday: '*'
 gitlab_backup_cron_day: '*'
 gitlab_backup_cron_hour: 2
 gitlab_backup_cron_minute: 30
+gitlab_backup_skip: []
+gitlab_backup_auto: true

handlers/main.yml

@@ -1,3 +1,3 @@
 ---
-- name: reconfigure gitlab
+- name: Reconfigure gitlab  # noqa no-changed-when
   ansible.builtin.command: gitlab-ctl reconfigure

meta/main.yml

@@ -1,17 +1,18 @@
 ---
 galaxy_info:
   role_name: gitlab
+  namespace: nishiki
   author: Adrien Waksberg
   company: Adrien Waksberg
   description: Install and configure gitlab server
   license: Apache2
-  min_ansible_version: 2.9
+  min_ansible_version: "2.9"
 
   platforms:
     - name: Debian
       versions:
-        - buster
         - bullseye
+        - bookworm
 
   galaxy_tags:
     - git

molecule/default/converge.yml

@@ -5,23 +5,15 @@
     - ansible-role-gitlab
   vars:
     gitlab_data_dir: /opt/data/git
+    gitlab_backup_auto: false
+    gitlab_backup_skip:
+      - db
+      - registry
     gitlab_config:
       prometheus:
         enable: false
       alertmanager:
         enable: false
-      grafana:
-        enable: false
-        ldap_servers:
-          main:
-            label: Main AD
-            host: localhost
-            port: 389
-            uid: sAMAccountName
-            encryption: plain
-            bind_dn: 'CN=gitlab,DC=example,DC=com'
-            password: secret
-            base: 'OU=FR,DC=example,DC=com'
 
   pre_tasks:
     - name: delete dockerenv file

molecule/default/molecule.yml

@@ -2,27 +2,15 @@
 driver:
   name: docker
 platforms:
-  - name: debian10
+  - name: debian12
-    image: nishiki/debian10:molecule
+    image: code.waks.be/nishiki/molecule:debian12
     privileged: true
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
     command: /bin/systemd
     capabilities:
       - SYS_ADMIN
-  - name: debian11
-    image: nishiki/debian11:molecule
-    privileged: true
-    volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
-    command: /bin/systemd
-    capabilities:
-      - SYS_ADMIN
-provisioner:
-  inventory:
-    host_vars:
-      debian11:
-        gitlab_repository: deb https://packages.gitlab.com/gitlab/gitlab-ce/debian/ buster main
 lint: |
   set -e
   yamllint .

molecule/default/tests/test_default.py

@@ -18,8 +18,15 @@ def test_config_file(host):
   assert config.group == 'root'
   assert config.mode == 0o600
   assert config.contains("external_url 'http://gitlab.example.com'")
-  assert config.contains("grafana\\['enable'\\] = false")
+  assert config.contains("prometheus\\['enable'\\] = false")
-  assert config.contains('label: Main AD')
+
+def test_skip_auto_backup_file(host):
+  config = host.file('/etc/gitlab/skip-auto-backup')
+  assert config.exists
+  assert config.is_file
+  assert config.user == 'root'
+  assert config.group == 'root'
+  assert config.mode == 0o644
 
 def test_service(host):
   service = host.service('gitlab-runsvdir')
@@ -41,4 +48,4 @@ def test_cron_file(host):
   config = host.file('/var/spool/cron/crontabs/root')
   assert config.exists
   assert config.is_file
-  assert config.contains('30 2 \\* \\* \\* gitlab-backup create')
+  assert config.contains('30 2 \\* \\* \\* gitlab-backup create SKIP=db,registry')

tasks/main.yml

@@ -1,55 +1,71 @@
 ---
-- name: install dependencies packages
+- name: Install dependencies packages
   ansible.builtin.package:
     name:
       - cron
       - gpg
   tags: gitlab
 
-- name: add gpg key
+- name: Add gpg key
   ansible.builtin.apt_key:
     url: https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
   tags: gitlab
 
-- name: add repository
+- name: Add repository
   ansible.builtin.apt_repository:
     repo: '{{ gitlab_repository }}'
   tags: gitlab
 
-- name: install package
+- name: Install package
   ansible.builtin.package:
     name:
       - gitlab-ce
   tags: gitlab
 
-- name: copy config
+- name: Copy config
   ansible.builtin.template:
     src: gitlab.rb.j2
     dest: /etc/gitlab/gitlab.rb
     owner: root
     group: root
     mode: 0600
-  notify: reconfigure gitlab
+  notify: Reconfigure gitlab
   tags: gitlab
 
-- name: init gitlab
+- name: Init gitlab
   ansible.builtin.command: gitlab-ctl reconfigure
   args:
     creates: /usr/lib/systemd/system/gitlab-runsvdir.service
   tags: gitlab
 
-- name: enable and start service
+- name: Enable and start service
   ansible.builtin.service:
     name: gitlab-runsvdir
     state: started
     enabled: true
   tags: gitlab
 
-- name: add backup cron
+- name: Check if skip autobackup file exists
+  ansible.builtin.stat:
+    path: /etc/gitlab/skip-auto-backup
+  register: st
+  tags: gitlab
+
+- name: Manage skip autobackup file
+  ansible.builtin.file:
+    path: /etc/gitlab/skip-auto-backup
+    owner: root
+    group: root
+    mode: "0644"
+    state: "{{ gitlab_backup_auto | ternary('absent', 'touch')}}"
+  when: not st.stat.exists or gitlab_backup_auto
+  tags: gitlab
+
+- name: Add backup cron
   ansible.builtin.cron:
     name: gitlab-backup
     user: root
-    job: gitlab-backup create
+    job: "gitlab-backup create SKIP={{ gitlab_backup_skip | join(',') }}"
     month: '{{ gitlab_backup_cron_month | string }}'
     weekday: '{{ gitlab_backup_cron_weekday | string }}'
     day: '{{ gitlab_backup_cron_day | string }}'

templates/gitlab.rb.j2

@@ -1,6 +1,9 @@
 # {{ ansible_managed }}
 
 external_url '{{ gitlab_url }}'
+{% if gitlab_registry_url is defined %}
+registry_external_url '{{ gitlab_registry_url }}'
+{% endif %}
 {% if gitlab_pages_url is defined %}
 pages_external_url '{{ gitlab_pages_url }}'
 {% endif %}