salt/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

More configs, give in to GitLab's directory heirarchy

Browse Source 
It's hardcoded in SO MANY FUCKING PLACES
This commit is contained in:
Salt 2020-04-26 04:33:35 -05:00
parent 16e27e1b80
commit 5fa716d470
2 changed files with 46 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
roles/gitlab/files/gitlab.yml
View File

@ -103,10 +103,10 @@ production: &base
# enabled: false
# S/MIME private key file in PEM format, unencrypted
# Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app).
# key_file: /var/gitlab/gitlab/.gitlab_smime_key
# key_file: /home/git/gitlab/.gitlab_smime_key
# S/MIME public certificate key in PEM format, will be attached to signed messages
# Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app).
# cert_file: /var/gitlab/gitlab/.gitlab_smime_cert
# cert_file: /home/git/gitlab/.gitlab_smime_cert
# Email server smtp settings are in config/initializers/smtp_settings.rb.sample
@ -357,7 +357,7 @@ production: &base
# File that contains the shared secret key for verifying access for gitlab-pages.
# Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app).
# secret_file: /var/gitlab/gitlab/.gitlab_pages_secret
# secret_file: /home/git/gitlab/.gitlab_pages_secret
## Mattermost
## For enabling Add to Mattermost button
@ -960,7 +960,7 @@ production: &base
# Gitaly settings
gitaly:
# Path to the directory containing Gitaly client executables.
client_path: /var/gitlab/gitaly
client_path: /home/git/gitaly
# Default Gitaly authentication token. Can be overridden per storage. Can
# be left blank when Gitaly is running locally on a Unix socket, which
# is the normal way to deploy Gitaly.
@ -978,8 +978,8 @@ production: &base
# real path not the symlink.
storages: # You must have at least a `default` storage path.
default:
path: /var/gitlab/repositories/
gitaly_address: unix:/var/gitlab/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
path: /home/git/repositories/
gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
# gitaly_token: 'special token' # Optional: override global gitaly.token for this storage.
## Backup settings
@ -1025,12 +1025,12 @@ production: &base
## GitLab Shell settings
gitlab_shell:
path: /var/gitlab/gitlab-shell/
authorized_keys_file: /var/gitlab/.ssh/authorized_keys
path: /home/git/gitlab-shell/
authorized_keys_file: /home/git/.ssh/authorized_keys
# File that contains the secret key for verifying access for gitlab-shell.
# Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
# secret_file: /var/gitlab/gitlab/.gitlab_shell_secret
# secret_file: /home/git/gitlab/.gitlab_shell_secret
# Git over HTTP
upload_pack: true
@ -1045,11 +1045,11 @@ production: &base
workhorse:
# File that contains the secret key for verifying access for gitlab-workhorse.
# Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
# secret_file: /var/gitlab/gitlab/.gitlab_workhorse_secret
# secret_file: /home/git/gitlab/.gitlab_workhorse_secret
## GitLab Elasticsearch settings
elasticsearch:
indexer_path: /var/gitlab/gitlab-elasticsearch-indexer/
indexer_path: /home/git/gitlab-elasticsearch-indexer/
## Git settings
# CAUTION!

39
roles/gitlab/tasks/main.yml
View File

@ -55,7 +55,7 @@
- name: Add gitlab user
user:
name: git
home: "/var/gitlab"
home: "/home/git"
groups:
- "redis"
comment: "GitLab"
@ -81,22 +81,53 @@
- name: Clone GitLab
git:
depth: 1
dest: "/var/gitlab/gitlab-foss"
dest: "/home/git/gitlab"
force: yes
repo: "https://gitlab.com/gitlab-org/gitlab-foss.git"
version: 12-10-stable
- name: Copy secrets
copy:
src: "/home/git/gitlab/config/secrets.yml.example"
dest: "/home/git/gitlab/config/secrets.yml"
remote_src: yes
- name: Copy configs around
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
loop:
- { src: "gitlab.yml", dest: "/var/gitlab/gitlab-foss/config/gitlab.yml" }
- { src: "gitlab.yml", dest: "/home/git/gitlab/config/gitlab.yml" }
- { src: "pumba.rb", dest: "/home/git/gitlab/config/puma.rb" }
- name: Change permissions
file:
path: "{{ item.src }}"
state: touch
mode: "{{ item.mode }}"
loop:
- { src: "/home/git/gitlab/log", mode: "u+rwX,go-w" }
- { src: "/home/git/gitlab/tmp", mode: "u+rwX" }
- { src: "/home/git/gitlab/tmp/pids", mode: "u+rwX" }
- { src: "/home/git/gitlab/tmp/sockets", mode: "u+rwX" }
- { src: "/home/git/gitlab/builds", mode: "u+rwX" }
- { src: "/home/git/gitlab/shared/artifacts", mode: "u+rwX" }
- { src: "/home/git/gitlab/shared/pages", mode: "u+rwX" }
- name: Create public directory
file:
path: "/home/git/public"
mode: "0755"
state: directory
- name: Create uploads directory
file:
path: "/home/git/public/uploads"
mode: "0700"
state: directory
become: yes
become_user: git
- name: Set up Apache
block:
- name: Create webroot
file:
path: "{{ gitlab_webroot }}"
src: "/var/gitlab/public"
src: "/home/git/public"
mode: "0755"
state: link
- name: Copy over virtual host configs