systems/infrastructure
1
Fork 0
Code Issues 1 Pull Requests 14 Actions Activity

Enable GitLab registry

Browse Source
This commit is contained in:
Jake Howard 2022-02-25 21:48:13 +00:00
parent 47b5a2fbd3
commit 293aed0fd3
Signed by: jake
GPG Key ID: 57AFB45680EDD477
5 changed files with 45 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ansible/roles/gitlab/files/gitlab.rb
View File

@ -36,3 +36,18 @@ gitlab_rails['gitlab_email_from'] = "{{ gitlab_from_email }}"
gitlab_rails['artifacts_path'] = "/mnt/gitlab-bulk/artifacts"
gitlab_rails['backup_path'] = "/mnt/gitlab-bulk/backups"
# Registry
registry_external_url "https://registry.git.theorangeone.net"
registry_nginx['redirect_http_to_https'] = false
registry_nginx['ssl_certificate'] = "/etc/ssl/certs/ssl-cert-snakeoil.pem"
registry_nginx['ssl_certificate_key'] = "/etc/ssl/private/ssl-cert-snakeoil.key"
registry['storage'] = {
's3' => {
'accesskey' => '{{ gitlab_registry_access_key }}',
'secretkey' => '{{ gitlab_registry_secret_key }}',
'bucket' => '0rng-registry',
'region' => 'eu-central-003',
'regionendpoint' => 'https://s3.eu-central-003.backblazeb2.com'
}
}

2
ansible/roles/gitlab/vars/main.yml
View File

@ -3,3 +3,5 @@ gitlab_create_self_signed_cert: false
gitlab_smtp_password: "{{ vault_gitlab_smtp_password }}"
gitlab_smtp_user: "{{ vault_gitlab_smtp_user }}"
gitlab_from_email: "{{ vault_gitlab_from_email }}"
gitlab_registry_access_key: "{{ vault_gitlab_registry_access_key }}"
gitlab_registry_secret_key: "{{ vault_gitlab_registry_secret_key }}"

28
ansible/roles/gitlab/vars/vault.yml
View File

@ -1,12 +1,18 @@
$ANSIBLE_VAULT;1.1;AES256
61366238363431353336613362396330363337633339363735383438383939353532376539316263
6133383136353261386239303730633431653434343636350a353339393932396634656164333035
65353136333962366334396139316264646666353964643332313933346132303066323231626433
3761333362396231650a373935363763343831626431633930336337393037633933346339366135
34653062663737313833623731343462303935376131343061643632336366656636356439653534
39373430626466353333646638363936383932373161376135376239383231633665303439393939
62336361643336616634376562613963636461356265303834313162643261323433393965613762
31663133383163346434343662613965306234306563343565663362386563633664623538343363
63333965623262653735386563393162386532643362626562643539356339363131396430633030
31383361396265366237613635323839633562663264666638323531373933363733303839656564
626432386162306638356434616465396265
32363562323531613830333735616464333836386638373166633935383663646462323337633533
6334646537616133366436343335623333626663663732620a653038383139326565336139656135
39393334373164316334376262353030343732333531346434666336393631363833653262636337
6139343461613930620a613234353063373433623238333637663462643233396632333831616239
31616137333339376364653461343266373862666333326563383432383366643731613439643233
35353831666432636332363035666464373161313765306439316365306537363531373439656439
36316338636332623630393634306261613365333134373166613334356535336366316534393661
66363761643532656637333934643763326562626561323639653461383930623333396464383832
65646238343666326366376666356534353263626638323563323232383563386165663736383439
39376536396439633137393139643737346234313939396532366333396630666162613232323266
35663036346562633138623833306631363034663564383238323337616238663361363834623765
32366266613665363336646635363963626334623937653332366338343163396132353930376164
63323664666364633032326231356465316262393139336236363032653536326364653433303237
36343261613732343663653530313333353231333732653834363936303230633138303632643830
37343130343931346130616634346164393531613638393030366164633665306566323864353331
66383437383061643634663163303962386261353663393038376332363130306631633332326437
65383564316131316664393864393731356230663763663932333734636664366466

3
ansible/roles/traefik/files/file-provider-gitlab.yml
View File

@ -3,6 +3,9 @@ http:
router-gitlab:
rule: Host(`git.theorangeone.net`)
service: service-gitlab
router-gitlab-registry:
rule: Host(`registry.git.theorangeone.net`)
service: service-gitlab
services:
service-gitlab:
loadBalancer:

8
terraform/theorangeone.net.tf
View File

@ -10,6 +10,14 @@ resource "cloudflare_record" "theorangeonenet_git" {
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_git_registry" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "registry.git"
value = cloudflare_record.theorangeonenet_git.hostname
type = "CNAME"
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_whoami" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "whoami"