git/gitflow/gitlib>> ansible-role-gitlab>> 返回
项目作者: ansemjo

项目描述 :
role to install and configure gitlab ce
高级语言: Shell
项目地址: git://github.com/ansemjo/ansible-role-gitlab.git
创建时间: 2018-07-30T19:12:46Z
项目社区:https://github.com/ansemjo/ansible-role-gitlab
开源协议:MIT License
下载


ansemjo.gitlab

This role targets CentOS 7 systems and installs GitLab CE.

See defaults/main.yml for available variables or just define your own template to be used with
gitlab_template.

Configuration Notes

TLS certificates

This role expects to find a tls certificate and key at
/etc/pki/tls/{certs,private}/$FQDN.{crt,key}. If this is a FreeIPA-enrolled system, this can be
achieved with my ansemjo.ipa_getcert role. It also assumes that a valid CA certificate is located
at /etc/ipa/ca.crt.

  1. ansemjo_ipa_getcert_request_hostnames:
  2.   - "{{ ansible_fqdn }}"
  3.   - "{{ gitlab_registry_fqdn }}"
  4. gitlab_registry_enabled: true
  5. gitlab_registry_fqdn: "{{ my_registry }}"

Otherwise configure the following variables appropriately:

  1. gitlab_tls_cert: "/etc/pki/tls/certs/{{ gitlab_fqdn }}.crt"
  2. gitlab_tls_key: "/etc/pki/tls/private/{{ gitlab_fqdn }}.key"
  3. gitlab_registry_tls_cert: "/etc/pki/tls/certs/{{ gitlab_registry_fqdn }}.crt"
  4. gitlab_registry_tls_key: "/etc/pki/tls/private/{{ gitlab_registry_fqdn }}.key"
  5. gitlab_ca_symlinks:
  6.     - src: /etc/path/to/your/ca.crt
  7.       dst: /etc/gitlab/trusted-certs/my-ca.crt

Default project features

The default project features can be configured with:

  1. # default project feature settings
  2. gitlab_default_projects_features_issues: yes
  3. gitlab_default_projects_features_merge_requests: yes
  4. gitlab_default_projects_features_wiki: no
  5. gitlab_default_projects_features_snippets: no
  6. gitlab_default_projects_features_builds: no
  7. gitlab_default_projects_features_container_registry: no

Upload Backups to Amazon S3 / Minio

To upload your GitLab backups to an S3 compatible bucket, e.g. on minio, you
can set the following host variables:

  1. gitlab_backup_s3_enabled: yes
  2. gitlab_backup_s3_key_id: YOUR-ACCESS-KEY-HERE
  3. gitlab_backup_s3_key_secret: YOUR-SECRET-KEY-HERE
  4. gitlab_backup_s3_endpoint: https://minio.yourdomain.com:9000
  5. gitlab_backup_s3_path_style: yes
  6. gitlab_backup_s3_bucket: gitlab-backups

For
uploads to Amazon AWS
remove the *_path_style and *_endpoint variables and instead add a region:

  1. gitlab_backup_s3_enabled: yes
  2. gitlab_backup_s3_region: eu-west-1
  3. gitlab_backup_s3_key_id: YOUR-ACCESS-KEY-HERE
  4. gitlab_backup_s3_key_secret: YOUR-SECRET-KEY-HERE
  5. gitlab_backup_s3_bucket: gitlab-backups

Scheduling is done with:

  1. # backup scheduling
  2. gitlab_backup_on_calendar: weekly # systemd OnCalendar= format
  3. gitlab_backup_keep_time: 2678400 # 31 days

LDAP Authentication

You can enable LDAP authentication to use e.g. FreeIPA as a central user manager. See
defaults/main.yml for all availabe options.