diff --git a/ansible/roles/gitlab/files/gitlab.rb b/ansible/roles/gitlab/files/gitlab.rb index 6494e56..58bc0ee 100644 --- a/ansible/roles/gitlab/files/gitlab.rb +++ b/ansible/roles/gitlab/files/gitlab.rb @@ -54,3 +54,10 @@ registry['storage'] = { # https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6895 nginx['worker_processes'] = "auto" + +# GitLab Pages +pages_external_url "https://gitlab-pages.theorangeone.net" +gitlab_pages["external_http"] = [":8008"] +gitlab_pages["access_control"] = true +pages_nginx["enable"] = false +gitlab_rails["pages_path"] = "/mnt/gitlab-bulk/pages" diff --git a/ansible/roles/traefik/files/file-provider-gitlab.yml b/ansible/roles/traefik/files/file-provider-gitlab.yml index 38f36fc..3a7e72b 100644 --- a/ansible/roles/traefik/files/file-provider-gitlab.yml +++ b/ansible/roles/traefik/files/file-provider-gitlab.yml @@ -6,8 +6,15 @@ http: router-gitlab-registry: rule: Host(`registry.git.theorangeone.net`) service: service-gitlab + router-gitlab-pages: + rule: HostRegexp(`gitlab-pages.theorangeone.net`, `{subdomain:[a-z]+}.gitlab-pages.theorangeone.net`) + service: service-gitlab-pages services: service-gitlab: loadBalancer: servers: - url: https://{{ pve_hosts.gitlab.ip }} + service-gitlab-pages: + loadBalancer: + servers: + - url: http://{{ pve_hosts.gitlab.ip }}:8008 diff --git a/ansible/roles/traefik/files/traefik.yml b/ansible/roles/traefik/files/traefik.yml index 771cc68..0d4f140 100644 --- a/ansible/roles/traefik/files/traefik.yml +++ b/ansible/roles/traefik/files/traefik.yml @@ -26,6 +26,10 @@ entryPoints: sans: "*.jakehoward.tech" - main: 0rng.one sans: "*.0rng.one" +{% if traefik_provider_gitlab %} + - main: gitlab-pages.theorangeone.net + sans: "*.gitlab-pages.theorangeone.net" +{% endif %} proxyProtocol: trustedIPs: - "{{ wireguard.cidr }}" diff --git a/terraform/theorangeone.net.tf b/terraform/theorangeone.net.tf index 2018307..344000a 100644 --- a/terraform/theorangeone.net.tf +++ b/terraform/theorangeone.net.tf @@ -252,3 +252,19 @@ resource "cloudflare_record" "theorangeonenet_mailgun_dmarc" { type = "TXT" ttl = 1 } + +resource "cloudflare_record" "theorangeonenet_gitlab_pages" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "gitlab-pages" + value = cloudflare_record.theorangeonenet_git.hostname + type = "CNAME" + ttl = 1 +} + +resource "cloudflare_record" "theorangeonenet_gitlab_pages_wildcard" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "*.gitlab-pages" + value = cloudflare_record.theorangeonenet_gitlab_pages.hostname + type = "CNAME" + ttl = 1 +}