From d726218270738805273deb00c919e6e819ca9798 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <lwirzenius@wikimedia.org>
Date: Mon, 10 Jun 2019 20:08:42 +0300
Subject: Initial commit

---
 roles/gitlab/handlers/main.yml    |  5 +++
 roles/gitlab/tasks/main.yml       | 70 +++++++++++++++++++++++++++++++++++++++
 roles/gitlab/templates/main.cf.j2 | 19 +++++++++++
 roles/runner/tasks/main.yml       | 42 +++++++++++++++++++++++
 4 files changed, 136 insertions(+)
 create mode 100644 roles/gitlab/handlers/main.yml
 create mode 100644 roles/gitlab/tasks/main.yml
 create mode 100644 roles/gitlab/templates/main.cf.j2
 create mode 100644 roles/runner/tasks/main.yml

(limited to 'roles')

diff --git a/roles/gitlab/handlers/main.yml b/roles/gitlab/handlers/main.yml
new file mode 100644
index 0000000..2e2bc02
--- /dev/null
+++ b/roles/gitlab/handlers/main.yml
@@ -0,0 +1,5 @@
+- name: restart_postfix
+  systemd:
+    name: postfix
+    state: restarted
+
diff --git a/roles/gitlab/tasks/main.yml b/roles/gitlab/tasks/main.yml
new file mode 100644
index 0000000..5605e22
--- /dev/null
+++ b/roles/gitlab/tasks/main.yml
@@ -0,0 +1,70 @@
+- name: install helpful stuff
+  apt:
+    name:
+      - locales-all
+      - psmisc
+
+- name: install gitlab dependencies
+  apt:
+    name:
+      - curl
+      - openssh-server
+      - ca-certificates
+      - postfix
+      - apt-transport-https
+
+- name: set mailname
+  copy:
+    content: |
+      {{ mail_hostname }}
+    dest: /etc/mailname
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart_postfix
+
+- name: configure postfix
+  template:
+    src: main.cf.j2
+    dest: /etc/postfix/main.cf
+  notify: restart_postfix
+
+- name: install gitlab apt signing key
+  apt_key:
+    data: "{{ gitlab_apt_signing_key }}"
+
+- name: install gitlab apt sources.list
+  apt_repository:
+    update_cache: yes
+    codename: "{{ debian_codename }}"
+    repo: |
+      deb https://packages.gitlab.com/gitlab/gitlab-ce/debian/ {{ debian_codename }} main
+
+- name: install gitlab-ce
+  apt:
+    name: gitlab-ce
+
+- name: configure gitlab external url
+  lineinfile:
+    path: /etc/gitlab/gitlab.rb
+    regexp: "^external_url"
+    line: |
+      external_url '{{ external_url }}'
+
+- name: configure gitlab initial root password
+  lineinfile:
+    path: /etc/gitlab/gitlab.rb
+    regexp: "gitlab_rails.'initial_root_password'"
+    line: |
+      gitlab_rails['initial_root_password'] = "{{ root_password }}"
+
+- name: configure gitlab initial runner registration token
+  lineinfile:
+    path: /etc/gitlab/gitlab.rb
+    regexp: "gitlab_rails.'initial_shared_runners_registration_token'"
+    line: |
+      gitlab_rails['initial_shared_runners_registration_token'] = "{{runner_token }}"
+
+- name: start gitlab
+  shell:
+    dpkg-reconfigure gitlab-ce
diff --git a/roles/gitlab/templates/main.cf.j2 b/roles/gitlab/templates/main.cf.j2
new file mode 100644
index 0000000..3fcc001
--- /dev/null
+++ b/roles/gitlab/templates/main.cf.j2
@@ -0,0 +1,19 @@
+# Who are we? This varies depending on host.
+myhostname = {{ mail_hostname }}
+mydestination = {{ mail_hostname }}, localhost.localdomain, localhost
+
+
+# Configure various things. These should be the same everywhere.
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+inet_interfaces = 127.0.0.1
+myorigin = /etc/mailname
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+
+smtp_tls_security_level = may
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+smtp_tls_loglevel = 1
+
+smtpd_relay_restrictions =
+    permit_mynetworks
+    reject_unauth_destination
diff --git a/roles/runner/tasks/main.yml b/roles/runner/tasks/main.yml
new file mode 100644
index 0000000..f920d46
--- /dev/null
+++ b/roles/runner/tasks/main.yml
@@ -0,0 +1,42 @@
+- name: configure sources.lists for Debian release
+  copy:
+    content: |
+      deb http://deb.debian.org/debian {{ debian_codename }} main contrib non-free
+    dest: /etc/apt/sources.list
+
+- name: dist-upgrade
+  apt:
+    update_cache: yes
+    upgrade: dist
+
+- name: install helpful stuff
+  apt:
+    name:
+      - locales-all
+      - psmisc
+
+- name: install gitlab runner dependencies
+  apt:
+    name:
+      - apt-transport-https
+      - docker.io
+
+- name: install gitlab apt signing key
+  apt_key:
+    data: "{{ gitlab_apt_signing_key }}"
+
+- name: install gitlab apt sources.list
+  apt_repository:
+    update_cache: yes
+    codename: "{{ debian_codename }}"
+    repo: |
+      deb https://packages.gitlab.com/runner/gitlab-runner/debian/ {{ debian_codename }} main
+
+- name: install gitlab runner
+  apt:
+    name: gitlab-runner
+
+- name: configure gitlab runner
+  shell: |
+    gitlab-runner register -n -u "{{ gitlab_url }}" -r "{{ runner_token  }}" \
+      --executor docker --docker-image "{{ runner_docker_image }}"
-- 
cgit v1.2.1