salt/ansible
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
eddfdcdf20
ansible/roles/gitlab/tasks/main.yml

162 lines
5.1 KiB
YAML
Raw Blame History

#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Set up webroot for {{ gitlab_repo }}
block:
- name: Add repository keys
apt_key:
url: "{{ item }}"
loop:
- "https://dl.yarnpkg.com/debian/pubkey.gpg"
- name: Add repositories
apt_repository:
repo: "{{ item }}"
loop:
- "ppa:brightbox/ruby-ng" # Ruby version in 18.10 is out-of-date per GitLab 12.2
- "deb https://dl.yarnpkg.com/debian/ stable main"
register: repo
- name: Update repos
apt:
upgrade: "yes"
update_cache: yes
when: repo is changed
- name: Install dependencies
apt:
name:
- build-essential
- checkinstall
- cmake
- curl
- git
- git-core
- golang
- graphicsmagick
- libcurl4-openssl-dev
- libffi-dev
- libgdbm-dev
- libicu-dev
- libncurses5-dev
- libre2-dev
- libreadline-dev
- libssl-dev
- libxml2-dev
- libxslt-dev
- libyaml-dev
- logrotate
- nodejs
- openssh-server
- pkg-config
- python-docutils
- rsync
- ruby
- runit
- yarn
- zlib1g-dev
- name: Add gitlab user
user:
name: git
home: "/home/git"
groups:
- "redis"
comment: "GitLab"
shell: "/usr/sbin/nologin"
- name: Set up MySQL
block:
- name: Create database
mysql_db:
name: gitlab
login_user: root
login_password: "{{ mysql_root_password }}"
state: present
- name: Create Gitlab user
mysql_user:
name: gitlab
host: localhost
password: "{{ gitlab_mysql_password }}"
priv: "gitlab.*:ALL,GRANT"
login_user: root
login_password: "{{ mysql_root_password }}"
- name: Clone and build GitLab
block:
- name: Clone GitLab
git:
depth: 1
dest: "/home/git/gitlab"
force: yes
repo: "https://gitlab.com/gitlab-org/gitlab-foss.git"
version: 12-10-stable
- name: Create public directory
file:
path: "/home/git/public"
mode: "0755"
state: directory
- name: Create uploads directory
file:
path: "/home/git/public/uploads"
mode: "0700"
state: directory
- name: Copy secrets
copy:
src: "/home/git/gitlab/config/secrets.yml.example"
dest: "/home/git/gitlab/config/secrets.yml"
remote_src: yes
- name: Copy configs around
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
loop:
- { src: "gitlab.yml", dest: "/home/git/gitlab/config/gitlab.yml" }
- { src: "pumba.rb", dest: "/home/git/gitlab/config/puma.rb" }
- { src: "rack_attack.rb", dest: "/home/git/gitlab/config/initializers/rack_attack.rb" }
- { src: "resque.yml", dest: "/home/git/gitlab/config/resque.yml" }
- name: Change permissions
file:
path: "{{ item.src }}"
state: touch
mode: "{{ item.mode }}"
loop:
- { src: "/home/git/gitlab/log", mode: "u+rwX,go-w" }
- { src: "/home/git/gitlab/tmp", mode: "u+rwX" }
- { src: "/home/git/gitlab/tmp/pids", mode: "u+rwX" }
- { src: "/home/git/gitlab/tmp/sockets", mode: "u+rwX" }
- { src: "/home/git/gitlab/builds", mode: "u+rwX" }
- { src: "/home/git/gitlab/shared/artifacts", mode: "u+rwX" }
- { src: "/home/git/gitlab/shared/pages", mode: "u+rwX" }
- name: Configure git
git_config:
name: "{{ item.name }}"
value: "{{ item.value }}"
loop:
- { name: "core.autocrlf", value: "input" }
- { name: "gc.auto", value: "0" }
- { name: "repack.writeBitmaps", value: "true" }
- { name: "receive.advertisePushOptions", value: "true" }
- { name: "core.fsyncObjectFiles", value: "true" }
become: yes
become_user: git
- name: Set up Apache
block:
- name: Create webroot
file:
path: "{{ gitlab_webroot }}"
src: "/home/git/public"
mode: "0755"
state: link
- name: Copy over virtual host configs
template:
src: apache2-vhost-ssl.conf
dest: "/etc/apache2/sites-available/{{ gitlab_url }}.conf"
notify: restart apache
- name: Enable config
command:
cmd: "a2ensite {{ gitlab_url }}.conf"
creates: "/etc/apache2/sites-enabled/{{ gitlab_url }}.conf"
notify: restart apache
- name: Generate certificate
include_role:
name: https
vars:
website_url: "{{ gitlab_url }}"
website_webroot: "{{ gitlab_webroot }}"
become: yes
Reference in New Issue View Git Blame Copy Permalink