#!/usr/bin/ansible-playbook # vim:ft=ansible: --- - name: Set up webroot for {{ gitlab_repo }} block: - name: Add repository keys apt_key: url: "{{ item }}" loop: - "https://dl.yarnpkg.com/debian/pubkey.gpg" - name: Add repositories apt_repository: repo: "{{ item }}" loop: - "ppa:brightbox/ruby-ng" # Ruby version in 18.10 is out-of-date per GitLab 12.2 - "deb https://dl.yarnpkg.com/debian/ stable main" register: repo - name: Update repos apt: upgrade: "yes" update_cache: yes when: repo is changed - name: Install dependencies apt: name: - build-essential - checkinstall - cmake - curl - git - git-core - golang - graphicsmagick - libcurl4-openssl-dev - libffi-dev - libgdbm-dev - libicu-dev - libncurses5-dev - libre2-dev - libreadline-dev - libssl-dev - libxml2-dev - libxslt-dev - libyaml-dev - logrotate - nodejs - openssh-server - pkg-config - python-docutils - rsync - ruby - runit - yarn - zlib1g-dev - name: Install and configure Redis block: - name: Install packages apt: name: "redis-server" register: repo2 - name: Disable service service: name: redis-server state: stopped when: repo2 is changed - name: Copy config copy: src: redis.conf dest: "/etc/redis/redis.conf" - name: Copy tmpfiles config copy: src: redis-tmpfile.conf dest: "/etc/tmpfiles.d/redis.conf" - name: Create socket directory file: path: "/var/run/redis" state: directory mode: 755 owner: redis group: redis - name: Enable and start service service: name: redis-server state: started enabled: yes - name: Add gitlab user user: name: git home: "/var/gitlab" groups: - "redis" comment: "GitLab" shell: "/usr/sbin/nologin" - name: Set up MySQL block: - name: Create database mysql_db: name: gitlab login_user: root login_password: "{{ mysql_root_password }}" state: present - name: Create Gitlab user mysql_user: name: gitlab host: localhost password: "{{ gitlab_mysql_password }}" priv: "gitlab.*:ALL,GRANT" login_user: root login_password: "{{ mysql_root_password }}" - name: Clone and build GitLab block: - name: Clone GitLab git: depth: 1 dest: "/var/gitlab/gitlab-foss" force: yes repo: "https://gitlab.com/gitlab-org/gitlab-foss.git" version: 12-10-stable - name: Copy configs around copy: src: "{{ item.src }}" dest: "{{ item.dest }}" loop: - { src: "gitlab.yml", dest: "/var/gitlab/gitlab-foss/config/gitlab.yml" } - name: Set up Apache block: - name: Create webroot file: path: "{{ gitlab_webroot }}" mode: "0755" state: directory - name: Copy over virtual host configs template: src: apache2-vhost-ssl.conf dest: "/etc/apache2/sites-available/{{ gitlab_url }}.conf" notify: restart apache - name: Enable config command: cmd: "a2ensite {{ gitlab_url }}.conf" creates: "/etc/apache2/sites-enabled/{{ gitlab_url }}.conf" notify: restart apache - name: Generate certificate include_role: name: https vars: website_url: "{{ gitlab_url }}" website_webroot: "{{ gitlab_webroot }}" become: yes