env-ansible/tasks/server/software/gitlab.yml

---
# Install a Gitlab server for hosting software projects.

##  Checks ##

- name: "Server | Software | GitLab | Checks | Host Variable: {{ gitlab }}"
  shell: echo "ERROR! Variable has an invalid value!" && exit 1
  when: gitlab not in ("ee", "ce")

- name: Server | Software | GitLab | Checks | Play Variables
  set_fact:
    gitlab_bundle: "gitlab-{{ gitlab }}"
    gitlab_config: /etc/gitlab/gitlab.rb
    gitlab_url_prefix: "https://git"

# Ensure other version is not installed.
- name: Server | Software | GitLab | Checks | Remove EE
  package:
    name: gitlab-ee
    state: absent
  when: gitlab == "ce"

- name: Server | Software | GitLab | Checks | Remove CE
  package:
    name: gitlab-ce
    state: absent
  when: gitlab == "ee"


## Install ##
# https://about.gitlab.com/install/?version=ce#ubuntu
# https://about.gitlab.com/install/?version=ce#centos-8 (Fedora)

- name: Server | Software | GitLab | Install | Check
  shell: which gitlab-ctl
  ignore_errors: yes
  register: gitlab_installed

- name: Server | Software | GitLab | Install | Pre-Reqs
  package:
    update_cache: yes
    name: 
      - curl 
      - openssh-server 
      - ca-certificates 
      - tzdata 
      - perl
      - postfix
    state: present 
  when:  gitlab_installed.failed
  
- name: Server | Software | GitLab | Install | Add Repo (apt)
  shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.deb.sh | bash
  when:  gitlab_installed.failed and ansible_pkg_mgr == "apt"
  
- name: Server | Software | GitLab | Install | Add Repo (dnf)
  shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.rpm.sh | bash
  when:  gitlab_installed.failed and ansible_pkg_mgr == "dnf"

- name: Server | Software | GitLab | Install | Install
  shell: EXTERNAL_URL="{{ gitlab_url_prefix }}.{{ domain }}" {{ ansible_pkg_mgr }} install -y {{ gitlab_bundle }}
  when:  gitlab_installed.failed

- name: Server | Software | GitLab | Install | Get Password
  shell: cat /etc/gitlab/initial_root_password && cp /etc/gitlab/initial_root_password ~/
  register: gitlab_passwd
  when:  gitlab_installed.failed

- name: Server | Software | GitLab | Install | Print Password
  debug: 
    var: gitlab_passwd.stdout_lines
  when:  gitlab_installed.failed


## Configuration ##
# https://docs.gitlab.com/ee/install/next_steps.html

# Need to make server think it's https but not actually listen for it, otherwise reverse proxy doesn't work.
# https://www.itsfullofstars.de/2019/06/gitlab-behind-a-reverse-proxy/

- name: Server | Software | GitLab | Configure |Check External URL
  lineinfile:
    path: "{{ gitlab_config }}"
    regexp: '^external_url '
    line: "external_url '{{ gitlab_url_prefix }}.{{ domain }}' # Managed by Ansible"
    state: present
    create: yes
    backup: yes

- name: Server | Software | GitLab | Configure | Turn Off Serving Local SSL
  blockinfile:
    path: "{{ gitlab_config }}"
    block: |
      nginx['listen_port'] = 80
      nginx['listen_https'] = false
    marker: "# {mark} MANAGED BY ANSIBLE - {{ gitlab_config }}"
    state: present
    create: yes
    backup: yes

- name: Server | Software | GitLab | Configure | Reconfigure
  shell: gitlab-ctl reconfigure
Add initial HUGO support, FreeBSD 13 support, and script for Ansible to hit dev branch. (#4) * Create HUGO file. * Add HUGO. * Add script for running system against development branch. * Add newline to end of file. * Comment unused blocks. * Add path of site that HUGO should host. * Newlines, comments, and HUGO path. (#2) (#3) * Create HUGO file. * Add HUGO. * Add script for running system against development branch. * Add newline to end of file. * Comment unused blocks. * Add path of site that HUGO should host. * FreeBSD is complaining about certbot not having dict object stdout. This whole playbook is supposed to be skipped though, lol. * FreeBSD 13 is still mad. Ansible 2.11.2, jinja 2.11.2 (same version number??), Python 3.8.10. * Fix root group to be existing variable. FreeBSD uses wheel. * Allow choosing Github branch dynamically. * `branch` needs to be at General level. Testing if this works... * Change other `localhost` to `everything`. * Update FreeBSD status. * Goodbye, Code-OSS on Linux! * Delete a terrible file. * Remove excess tag. * "Fix" SSHFS for FreeBSD. * Variablize FreeBSD's loading of fusefs. * Variablize /etc/rc.conf. Enable FuseFS more properly. * Add beginning ticks. * Add missing playbook. * Enable FreeBSD mount job. * Rearrange items to be more consistent with comment. * It seems FreeBSD removed the `gnome3` metapackage. Use `gnome3-lite` instead. Also add Telegram. * Python is to 3.8 now. * Expand on FreeBSD work. * Expand on FreeBSD work. * Add placeholders for Gitlab. * Add parameter for Gitlab install. * Add Gitlab playbook. * Ensure FreeBSD uses the correct Python install. * Add newline. * Fix NFS for FreeBSD workstations. * Remove unnecessary line, restricted install to Linux in playbook. * Fix mount options for FreeBSD. * Fix mount number, as well as system-specific facts. * Add placeholders for remote viewing. * Add RDP for FreeBSD. * Omg! It works! Add setting enforcement. * Always remove OSS. * Remove hosts from explicit dev testing. 2021-07-19 07:07:03 -05:00			`---`
General Release (#17) * Add a few aliases for initializing projects. * Begin creating executables in bin for flatpaks. Create an array to reduce future changes. * Add quotes. * Create files as user and set executable permissions. * Split exec dir from array section. * Increase interval for Telegraf but keep the flush at 30s. * Add alias goodbye/bye, modify alias names for initializing program and video projects. * Add newline. * Add content to file to remove warning. * Use arrays for Flatpak sections. Create executable files for them. * Move sudoer files into shared folder. * First stab at automating a GitLab install. * First stab at automating DWM install. * Fix 'usr' typo. * Lowercase dwm. * Fix config play. Install font-awesome. * Add placeholder. * Add dmenu and st. * Fix typo. Hopefully also fixes ~/bin executables. * Add Signal. Remove Discord. * Remove extra line. * Add newline. * Move dbus-launch to correct app. * Fix clock minutes. * Add server for GitLab. * Change check, package was not registering anything. * Change success to failed. * Change to http. Will use reverse proxy. * Remove useless sudo. Go ahead and allow postfix to be installed. * Fix debug option "var". * Only give the out lines. Remove exit, doesn't stop the job. * Add a few games and test them on dell-laptop. * Ignore Lutris errors, Rolling Rhino doesn't like the PPA. ;) * Add goodbye for updating then quitting. * Add airbook to gaming. * Add dnf. * Fix missing underscores. * Install cronie on Fedora. * Beginning to add Fedora. * Add Fedora values. * Make font-awesome optional since it may need installed manually on some systems. * Fix typo in ignore_errors. * Allow DWM to fail, won't work for all workstations. Fedora doesn't have X11 headers. * Most dists are using python3-psutil for the psutil package name. Make it the default. * Fix firefox_esr variable. * More Fedora support. * Move installation of cron to more applicable task list. * Fic nfs-utils typo. * The font is honestly pretty important. ;) * Add Librewolf for testing vs Brave. * For some reason the other link didn't work for Fedora, add the one from flatpak's instructions. * Fedora status update. * Add games to Inspiron. * LibreWolf is amazing. Use it as default if available. * Use English rather than code for `and` and `or`. * Always have LibreWolf pinned if it's available. Brave should still be the main browser for URL-clicking compatibility. * Fix comma. * Add entry for testing Fedora Gitlab server. * Attempt to automate more of the Gitlab setup, especially the part of being behind a reverse proxy. Also add Fedora family support. * Specify the package managers for Gitlab. * Add missing bracket. * Add another missing bracket. * Fix gitlab's when clause. * Another fix for the gitlab when. * Change original gitlab install to be Community Edition. * Fix mgr typo. Create config file if it doesn't exist. * Remove duplicate `when` on Lutris uninstall. * Gitlab script gets a packagecloud.io error for Fedora. Looks like only CentOS and its derivatives are supported. * Update status of Fedora. 2021-11-07 12:40:31 -06:00			`# Install a Gitlab server for hosting software projects.`

			`## Checks ##`

			`- name: "Server \| Software \| GitLab \| Checks \| Host Variable: {{ gitlab }}"`
			`shell: echo "ERROR! Variable has an invalid value!" && exit 1`
			`when: gitlab not in ("ee", "ce")`

			`- name: Server \| Software \| GitLab \| Checks \| Play Variables`
			`set_fact:`
			`gitlab_bundle: "gitlab-{{ gitlab }}"`
			`gitlab_config: /etc/gitlab/gitlab.rb`
			`gitlab_url_prefix: "https://git"`

			`# Ensure other version is not installed.`
			`- name: Server \| Software \| GitLab \| Checks \| Remove EE`
			`package:`
			`name: gitlab-ee`
			`state: absent`
			`when: gitlab == "ce"`

			`- name: Server \| Software \| GitLab \| Checks \| Remove CE`
			`package:`
			`name: gitlab-ce`
			`state: absent`
			`when: gitlab == "ee"`


			`## Install ##`
			`# https://about.gitlab.com/install/?version=ce#ubuntu`
			`# https://about.gitlab.com/install/?version=ce#centos-8 (Fedora)`

			`- name: Server \| Software \| GitLab \| Install \| Check`
			`shell: which gitlab-ctl`
			`ignore_errors: yes`
			`register: gitlab_installed`

			`- name: Server \| Software \| GitLab \| Install \| Pre-Reqs`
			`package:`
			`update_cache: yes`
			`name:`
			`- curl`
			`- openssh-server`
			`- ca-certificates`
			`- tzdata`
			`- perl`
			`- postfix`
			`state: present`
			`when: gitlab_installed.failed`

			`- name: Server \| Software \| GitLab \| Install \| Add Repo (apt)`
			`shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.deb.sh \| bash`
			`when: gitlab_installed.failed and ansible_pkg_mgr == "apt"`

			`- name: Server \| Software \| GitLab \| Install \| Add Repo (dnf)`
			`shell: curl https://packages.gitlab.com/install/repositories/gitlab/{{ gitlab_bundle }}/script.rpm.sh \| bash`
			`when: gitlab_installed.failed and ansible_pkg_mgr == "dnf"`

			`- name: Server \| Software \| GitLab \| Install \| Install`
			`shell: EXTERNAL_URL="{{ gitlab_url_prefix }}.{{ domain }}" {{ ansible_pkg_mgr }} install -y {{ gitlab_bundle }}`
			`when: gitlab_installed.failed`

			`- name: Server \| Software \| GitLab \| Install \| Get Password`
			`shell: cat /etc/gitlab/initial_root_password && cp /etc/gitlab/initial_root_password ~/`
			`register: gitlab_passwd`
			`when: gitlab_installed.failed`

			`- name: Server \| Software \| GitLab \| Install \| Print Password`
			`debug:`
			`var: gitlab_passwd.stdout_lines`
			`when: gitlab_installed.failed`


			`## Configuration ##`
			`# https://docs.gitlab.com/ee/install/next_steps.html`

			`# Need to make server think it's https but not actually listen for it, otherwise reverse proxy doesn't work.`
			`# https://www.itsfullofstars.de/2019/06/gitlab-behind-a-reverse-proxy/`

			`- name: Server \| Software \| GitLab \| Configure \|Check External URL`
			`lineinfile:`
			`path: "{{ gitlab_config }}"`
			`regexp: '^external_url '`
			`line: "external_url '{{ gitlab_url_prefix }}.{{ domain }}' # Managed by Ansible"`
			`state: present`
			`create: yes`
			`backup: yes`

			`- name: Server \| Software \| GitLab \| Configure \| Turn Off Serving Local SSL`
			`blockinfile:`
			`path: "{{ gitlab_config }}"`
			`block: \|`
			`nginx['listen_port'] = 80`
			`nginx['listen_https'] = false`
			`marker: "# {mark} MANAGED BY ANSIBLE - {{ gitlab_config }}"`
			`state: present`
			`create: yes`
			`backup: yes`

			`- name: Server \| Software \| GitLab \| Configure \| Reconfigure`
			`shell: gitlab-ctl reconfigure`