Compare commits
7 commits
Author | SHA1 | Date | |
---|---|---|---|
2da9b5cfba | |||
cdf5f3090a | |||
52e0445972 | |||
b56342f14e | |||
d02a152f4b | |||
6819a4b3ac | |||
fdf44bb252 |
13 changed files with 116 additions and 61 deletions
18
.forgejo/workflows/molecule.yml
Normal file
18
.forgejo/workflows/molecule.yml
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
---
|
||||||
|
on: [push]
|
||||||
|
jobs:
|
||||||
|
lint:
|
||||||
|
runs-on: docker
|
||||||
|
container:
|
||||||
|
image: code.waks.be/nishiki/molecule:docker
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- run: ansible-lint .
|
||||||
|
- run: yamllint .
|
||||||
|
molecule:
|
||||||
|
runs-on: docker
|
||||||
|
container:
|
||||||
|
image: code.waks.be/nishiki/molecule:docker
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- run: molecule test
|
10
.gitlab-ci.yml
Normal file
10
.gitlab-ci.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
---
|
||||||
|
image: nishiki/molecule:docker
|
||||||
|
|
||||||
|
before_script:
|
||||||
|
- molecule --version
|
||||||
|
|
||||||
|
molecule:
|
||||||
|
stage: test
|
||||||
|
script:
|
||||||
|
- molecule test
|
|
@ -2,11 +2,11 @@
|
||||||
extends: default
|
extends: default
|
||||||
|
|
||||||
ignore: |
|
ignore: |
|
||||||
.kitchen/*
|
.kitchen*
|
||||||
vendor/
|
vendor/
|
||||||
|
.forgejo/
|
||||||
|
|
||||||
rules:
|
rules:
|
||||||
line-length:
|
line-length:
|
||||||
max: 120
|
max: 120
|
||||||
level: warning
|
level: warning
|
||||||
truthy: false
|
|
||||||
|
|
15
CHANGELOG.md
15
CHANGELOG.md
|
@ -5,6 +5,21 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
|
||||||
|
|
||||||
## Unreleased
|
## Unreleased
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
- feat: add gitlab_registry_url variable
|
||||||
|
- feat: add options for backup
|
||||||
|
- test: add support debian 12
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
- test: use personal docker registry
|
||||||
|
|
||||||
|
### Removed
|
||||||
|
|
||||||
|
- test: remove support debian 10
|
||||||
|
- test: remove support debian 11
|
||||||
|
|
||||||
## v1.1.0 - 2021-08-24
|
## v1.1.0 - 2021-08-24
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
23
README.md
23
README.md
|
@ -1,16 +1,17 @@
|
||||||
# Ansible role: Gitlab
|
# Ansible role: Gitlab
|
||||||
|
|
||||||
[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-gitlab/releases)
|
[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-gitlab/releases)
|
||||||
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-gitlab/src/branch/master/LICENSE)
|
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-gitlab/src/branch/main/LICENSE)
|
||||||
|
[![Build](https://code.waks.be/nishiki/ansible-role-gitlab/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-gitlab/actions?workflow=molecule.yml)
|
||||||
|
|
||||||
Install and configure a Gitlab server
|
Install and configure a Gitlab server
|
||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
* Ansible >= 2.9
|
- Ansible >= 2.9
|
||||||
* Debian
|
- Debian
|
||||||
* Buster
|
- Bullseye
|
||||||
* Bullseye
|
- Bookworm
|
||||||
|
|
||||||
## Role variables
|
## Role variables
|
||||||
|
|
||||||
|
@ -32,6 +33,8 @@ Install and configure a Gitlab server
|
||||||
- `gitlab_backup_cron_day` - set the day for the backup cron (default: `'*'`)
|
- `gitlab_backup_cron_day` - set the day for the backup cron (default: `'*'`)
|
||||||
- `gitlab_backup_cron_hour` - set the hour for the backup cron (default: `2`)
|
- `gitlab_backup_cron_hour` - set the hour for the backup cron (default: `2`)
|
||||||
- `gitlab_backup_cron_minute` - set the minute for the backup cron (default: `30`)
|
- `gitlab_backup_cron_minute` - set the minute for the backup cron (default: `30`)
|
||||||
|
- `gitlab_backup_skip` - list with [skip data](https://docs.gitlab.com/ee/administration/backup_restore/backup_gitlab.html#excluding-specific-data-from-the-backup)
|
||||||
|
- `gitlab_backup_auto` - set if a backup if create during update (default: `true`)
|
||||||
|
|
||||||
## How to use
|
## How to use
|
||||||
|
|
||||||
|
@ -45,10 +48,10 @@ Install and configure a Gitlab server
|
||||||
|
|
||||||
### Test with molecule and docker
|
### Test with molecule and docker
|
||||||
|
|
||||||
* install [docker](https://docs.docker.com/engine/installation/)
|
- install [docker](https://docs.docker.com/engine/installation/)
|
||||||
* install `python3` and `python3-pip`
|
- install `python3` and `python3-pip`
|
||||||
* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
|
- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
|
||||||
* run `molecule test`
|
- run `molecule test`
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
|
|
|
@ -7,3 +7,5 @@ gitlab_backup_cron_weekday: '*'
|
||||||
gitlab_backup_cron_day: '*'
|
gitlab_backup_cron_day: '*'
|
||||||
gitlab_backup_cron_hour: 2
|
gitlab_backup_cron_hour: 2
|
||||||
gitlab_backup_cron_minute: 30
|
gitlab_backup_cron_minute: 30
|
||||||
|
gitlab_backup_skip: []
|
||||||
|
gitlab_backup_auto: true
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
- name: reconfigure gitlab
|
- name: Reconfigure gitlab # noqa no-changed-when
|
||||||
ansible.builtin.command: gitlab-ctl reconfigure
|
ansible.builtin.command: gitlab-ctl reconfigure
|
||||||
|
|
|
@ -1,17 +1,18 @@
|
||||||
---
|
---
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
role_name: gitlab
|
role_name: gitlab
|
||||||
|
namespace: nishiki
|
||||||
author: Adrien Waksberg
|
author: Adrien Waksberg
|
||||||
company: Adrien Waksberg
|
company: Adrien Waksberg
|
||||||
description: Install and configure gitlab server
|
description: Install and configure gitlab server
|
||||||
license: Apache2
|
license: Apache2
|
||||||
min_ansible_version: 2.9
|
min_ansible_version: "2.9"
|
||||||
|
|
||||||
platforms:
|
platforms:
|
||||||
- name: Debian
|
- name: Debian
|
||||||
versions:
|
versions:
|
||||||
- buster
|
|
||||||
- bullseye
|
- bullseye
|
||||||
|
- bookworm
|
||||||
|
|
||||||
galaxy_tags:
|
galaxy_tags:
|
||||||
- git
|
- git
|
||||||
|
|
|
@ -5,23 +5,15 @@
|
||||||
- ansible-role-gitlab
|
- ansible-role-gitlab
|
||||||
vars:
|
vars:
|
||||||
gitlab_data_dir: /opt/data/git
|
gitlab_data_dir: /opt/data/git
|
||||||
|
gitlab_backup_auto: false
|
||||||
|
gitlab_backup_skip:
|
||||||
|
- db
|
||||||
|
- registry
|
||||||
gitlab_config:
|
gitlab_config:
|
||||||
prometheus:
|
prometheus:
|
||||||
enable: false
|
enable: false
|
||||||
alertmanager:
|
alertmanager:
|
||||||
enable: false
|
enable: false
|
||||||
grafana:
|
|
||||||
enable: false
|
|
||||||
ldap_servers:
|
|
||||||
main:
|
|
||||||
label: Main AD
|
|
||||||
host: localhost
|
|
||||||
port: 389
|
|
||||||
uid: sAMAccountName
|
|
||||||
encryption: plain
|
|
||||||
bind_dn: 'CN=gitlab,DC=example,DC=com'
|
|
||||||
password: secret
|
|
||||||
base: 'OU=FR,DC=example,DC=com'
|
|
||||||
|
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: delete dockerenv file
|
- name: delete dockerenv file
|
||||||
|
|
|
@ -2,27 +2,15 @@
|
||||||
driver:
|
driver:
|
||||||
name: docker
|
name: docker
|
||||||
platforms:
|
platforms:
|
||||||
- name: debian10
|
- name: debian12
|
||||||
image: nishiki/debian10:molecule
|
image: code.waks.be/nishiki/molecule:debian12
|
||||||
privileged: true
|
privileged: true
|
||||||
volumes:
|
volumes:
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||||
|
cgroupns_mode: host
|
||||||
command: /bin/systemd
|
command: /bin/systemd
|
||||||
capabilities:
|
capabilities:
|
||||||
- SYS_ADMIN
|
- SYS_ADMIN
|
||||||
- name: debian11
|
|
||||||
image: nishiki/debian11:molecule
|
|
||||||
privileged: true
|
|
||||||
volumes:
|
|
||||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
|
||||||
command: /bin/systemd
|
|
||||||
capabilities:
|
|
||||||
- SYS_ADMIN
|
|
||||||
provisioner:
|
|
||||||
inventory:
|
|
||||||
host_vars:
|
|
||||||
debian11:
|
|
||||||
gitlab_repository: deb https://packages.gitlab.com/gitlab/gitlab-ce/debian/ buster main
|
|
||||||
lint: |
|
lint: |
|
||||||
set -e
|
set -e
|
||||||
yamllint .
|
yamllint .
|
||||||
|
|
|
@ -18,8 +18,15 @@ def test_config_file(host):
|
||||||
assert config.group == 'root'
|
assert config.group == 'root'
|
||||||
assert config.mode == 0o600
|
assert config.mode == 0o600
|
||||||
assert config.contains("external_url 'http://gitlab.example.com'")
|
assert config.contains("external_url 'http://gitlab.example.com'")
|
||||||
assert config.contains("grafana\\['enable'\\] = false")
|
assert config.contains("prometheus\\['enable'\\] = false")
|
||||||
assert config.contains('label: Main AD')
|
|
||||||
|
def test_skip_auto_backup_file(host):
|
||||||
|
config = host.file('/etc/gitlab/skip-auto-backup')
|
||||||
|
assert config.exists
|
||||||
|
assert config.is_file
|
||||||
|
assert config.user == 'root'
|
||||||
|
assert config.group == 'root'
|
||||||
|
assert config.mode == 0o644
|
||||||
|
|
||||||
def test_service(host):
|
def test_service(host):
|
||||||
service = host.service('gitlab-runsvdir')
|
service = host.service('gitlab-runsvdir')
|
||||||
|
@ -41,4 +48,4 @@ def test_cron_file(host):
|
||||||
config = host.file('/var/spool/cron/crontabs/root')
|
config = host.file('/var/spool/cron/crontabs/root')
|
||||||
assert config.exists
|
assert config.exists
|
||||||
assert config.is_file
|
assert config.is_file
|
||||||
assert config.contains('30 2 \\* \\* \\* gitlab-backup create')
|
assert config.contains('30 2 \\* \\* \\* gitlab-backup create SKIP=db,registry')
|
||||||
|
|
|
@ -1,55 +1,71 @@
|
||||||
---
|
---
|
||||||
- name: install dependencies packages
|
- name: Install dependencies packages
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name:
|
name:
|
||||||
- cron
|
- cron
|
||||||
- gpg
|
- gpg
|
||||||
tags: gitlab
|
tags: gitlab
|
||||||
|
|
||||||
- name: add gpg key
|
- name: Add gpg key
|
||||||
ansible.builtin.apt_key:
|
ansible.builtin.apt_key:
|
||||||
url: https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
|
url: https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
|
||||||
tags: gitlab
|
tags: gitlab
|
||||||
|
|
||||||
- name: add repository
|
- name: Add repository
|
||||||
ansible.builtin.apt_repository:
|
ansible.builtin.apt_repository:
|
||||||
repo: '{{ gitlab_repository }}'
|
repo: '{{ gitlab_repository }}'
|
||||||
tags: gitlab
|
tags: gitlab
|
||||||
|
|
||||||
- name: install package
|
- name: Install package
|
||||||
ansible.builtin.package:
|
ansible.builtin.package:
|
||||||
name:
|
name:
|
||||||
- gitlab-ce
|
- gitlab-ce
|
||||||
tags: gitlab
|
tags: gitlab
|
||||||
|
|
||||||
- name: copy config
|
- name: Copy config
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: gitlab.rb.j2
|
src: gitlab.rb.j2
|
||||||
dest: /etc/gitlab/gitlab.rb
|
dest: /etc/gitlab/gitlab.rb
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0600
|
mode: 0600
|
||||||
notify: reconfigure gitlab
|
notify: Reconfigure gitlab
|
||||||
tags: gitlab
|
tags: gitlab
|
||||||
|
|
||||||
- name: init gitlab
|
- name: Init gitlab
|
||||||
ansible.builtin.command: gitlab-ctl reconfigure
|
ansible.builtin.command: gitlab-ctl reconfigure
|
||||||
args:
|
args:
|
||||||
creates: /usr/lib/systemd/system/gitlab-runsvdir.service
|
creates: /usr/lib/systemd/system/gitlab-runsvdir.service
|
||||||
tags: gitlab
|
tags: gitlab
|
||||||
|
|
||||||
- name: enable and start service
|
- name: Enable and start service
|
||||||
ansible.builtin.service:
|
ansible.builtin.service:
|
||||||
name: gitlab-runsvdir
|
name: gitlab-runsvdir
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
tags: gitlab
|
tags: gitlab
|
||||||
|
|
||||||
- name: add backup cron
|
- name: Check if skip autobackup file exists
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: /etc/gitlab/skip-auto-backup
|
||||||
|
register: st
|
||||||
|
tags: gitlab
|
||||||
|
|
||||||
|
- name: Manage skip autobackup file
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /etc/gitlab/skip-auto-backup
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: "0644"
|
||||||
|
state: "{{ gitlab_backup_auto | ternary('absent', 'touch')}}"
|
||||||
|
when: not st.stat.exists or gitlab_backup_auto
|
||||||
|
tags: gitlab
|
||||||
|
|
||||||
|
- name: Add backup cron
|
||||||
ansible.builtin.cron:
|
ansible.builtin.cron:
|
||||||
name: gitlab-backup
|
name: gitlab-backup
|
||||||
user: root
|
user: root
|
||||||
job: gitlab-backup create
|
job: "gitlab-backup create SKIP={{ gitlab_backup_skip | join(',') }}"
|
||||||
month: '{{ gitlab_backup_cron_month | string }}'
|
month: '{{ gitlab_backup_cron_month | string }}'
|
||||||
weekday: '{{ gitlab_backup_cron_weekday | string }}'
|
weekday: '{{ gitlab_backup_cron_weekday | string }}'
|
||||||
day: '{{ gitlab_backup_cron_day | string }}'
|
day: '{{ gitlab_backup_cron_day | string }}'
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
external_url '{{ gitlab_url }}'
|
external_url '{{ gitlab_url }}'
|
||||||
|
{% if gitlab_registry_url is defined %}
|
||||||
|
registry_external_url '{{ gitlab_registry_url }}'
|
||||||
|
{% endif %}
|
||||||
{% if gitlab_pages_url is defined %}
|
{% if gitlab_pages_url is defined %}
|
||||||
pages_external_url '{{ gitlab_pages_url }}'
|
pages_external_url '{{ gitlab_pages_url }}'
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
Loading…
Reference in a new issue