No description
- Shell 100%
| defaults | ||
| files | ||
| meta | ||
| tasks | ||
| .gitignore | ||
| README.md | ||
ansible-roles-gitlab
This role is designed to deploy gitlab as a standalone podman container
Task Configuration
Define gitlab_url, this will useful in conjunction with a proxy role such as traefik or nginx
Define gitlab_path if the container user has a custom homedir such as something under /srv..
Get the initial root password after the container has been succcessfully deployed
podman exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password
Example deployment
- name: Setup proxy and service
hosts: somehost
become: true
roles:
- role: gitlab
gitlab_url: gitlab.somehost.somewhere
gitlab_path: "/home/gitlab"
gitlab_http_listen: 127.0.0.1:8000
- role: traefik
traefik_routes:
- name: uptime
host: "{{ uptime_url }}"
srv: "{{ traefik_host_address }}:3001"
- role: firewalld
firewalld_add:
- name: public
services:
- http
- https
forwards:
- port: 80
to: 8080
- port: 443
to: 8443
- port: 22
to: 2222
Customzing gitlab, any options can be set in GITLAB_OMNIBUS_CONFIG
gitlab_server_env:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://127.0.0.1:80'
gitlab_rails['gitlab_shell_ssh_port'] = 22
Deployment and Removal
Sometimes you need to manually stop the running containers to get a clean run when re-deploying Services must be stopped as the respecitve user or another means to aquire the correct user scope for systemd
systemctl --user stop container-traefik.service
systemctl --user stop container-gitlab.service
Deploy
ansible-playbook -i hosts site.yml --tags=firewalld,traefik,gitlab --limit=somehost
Remove
ansible-playbook -i hosts site.yml --tags=firewalld,traefik,gitlab --extra-vars "container_state=absent firewall_action=remove" --limit=somehost