saibotk-de/infrastructure
saibotk-de/infrastructure
1
0
Fork 0
Code Issues Pull requests Releases 42 Activity
infrastructure/roles/gitlab/defaults/main.yml
Sheogorath 7ea009d7a4
gitlab: Add option to use a tmpfs instead of log bindmount 
This patch will provide a new config option `gitlab_log_tmpfs` to
configure the docker container to setup a tmpfs instead of the bindmount
for the log directory of GitLab.

This should solve all headache around logs clogging up the disk but
might just trades it against memory problems. So far the test-run looks
good, but time will tell if it is a sufficent solution.
2021-02-01 08:51:59 +01:00

102 lines
4.1 KiB
YAML
Raw Blame History

---
# Default variables for the gitlab role
# Infrastructure
# Ansible instructions to deploy the infrastructure
# Copyright (C) 2019-2020 Christoph (Sheogorath) Kern
# Copyright (C) 2020 Saibotk
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# Install location settings
gitlab_install_location: /srv/gitlab
gitlab_data_location: "{{ gitlab_install_location }}/data"
gitlab_config_location: "{{ gitlab_install_location }}/config"
gitlab_log_location: "{{ gitlab_install_location }}/log"
# Put GitLab's logs in a tempfs instead to save headache with diskspace
gitlab_log_tmpfs: false
# Set the certresolver to your desired traefik certresolver.
# Note: This is `letsencrypt_cf` by default for backwards compatibility, you might want to use `letsencrypt_http` instead, depending on your setup
gitlab_traefik_certresolver: letsencrypt_http
# The domain under which traefik should make gitlab (and, if enabled, the registry) reachable
gitlab_domain: gitlab.example.com
gitlab_registry_domain: registry.gitlab.example.com
# The Gitlab version, usually you don't need to adjust this for a host.
# renovate: depName=gitlab/gitlab-ce
gitlab_version: 13.8.1-ce.0
# The port you want Gitlab to listen on for SSH connections
gitlab_ssh_port: 22
# Email/SMTP settings
gitlab_smtp_address: smtp.example.com
gitlab_smtp_port: 465
gitlab_smtp_user_name: 'gitlab@example.com'
gitlab_smtp_password: "{{ lookup('passwordstore', gitlab_domain + '/' + gitlab_smtp_user_name + ' create=true length=42') }}"
gitlab_smtp_tls: "{{ gitlab_snmp_tls | default('true') }}" # There was a typo in the config option name, this makes sure it's falling back properly
gitlab_email_from: "{{ gitlab_smtp_user_name }}"
gitlab_email_reply_to: "{{ gitlab_smtp_user_name }}"
# Libravatar / Gravatar URLs
gitlab_libravatar_plain: "cdn.libravatar.org"
gitlab_libravatar_ssl: "seccdn.libravatar.org"
# CSP settings
gitlab_csp:
img_src: 'https:'
#frame_src: "https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com"
#script_src: "https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.gstatic.com/recaptcha/ https://apis.google.com"
# SAML settings
# gitlab_saml:
# label: "SAML"
# groups_attribute: "roles"
# external_groups: "{{ gitlab_domain }}:external"
# idp_cert_fingerprint: "<to be set>"
# idp_sso_target_url: "https://sso.example.com"
# idp_slo_target_url: "https://sso.example.com"
# issuer: "{{ gitlab_domain }}"
# certificate: "<cert without '----BEGIN CERTIFICATE----' (can be omited)>"
# private_key: "<private key without '----BEGIN RSA PRIVATE KEY----' (can be omited)>"
# attribute_statements:
# first_name: "first_name"
# last_name: "last_name"
# name: "name"
# username: "username"
# email: "email"
# name_identifier_format: urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
# autologin: false
# IMAP settings (for email replies to comments etc.)
# gitlab_imap:
# username: "{{ gitlab_smtp_user_name }}"
# password: "{{ gitlab_smtp_password }}"
# server_address: imap.example.com
# email_address: 'incoming+%{key}@gitlab.example.com'
# Gitlab docker registry settings
gitlab_registry:
enabled: false
# Enable the packages feature (see https://docs.gitlab.com/ee/administration/packages/index.html)
gitlab_packages:
enabled: false
# IPv6 ULA config for the bridge network used by docker-ipv6-nat
gitlab_ipv6:
enabled: false
subnet: "fd9e:21a7:a92c:2326::/64"
Reference in a new issue View git blame Copy permalink