systems/infrastructure
1
Fork 0
Code Issues 1 Pull requests 15 Activity Actions

Put GitLab on a real domain

Browse source
This commit is contained in:
Jake Howard 2021-05-29 16:21:47 +01:00
parent 9118938fea
commit 69abafd8c8
Signed by: jake
GPG key ID: 57AFB45680EDD477
6 changed files with 35 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
ansible/host_vars/pve-docker.yml
View file

@ -3,5 +3,6 @@ private_ip: "{{ pve_hosts.pve_docker.ip }}"
traefik_provider_jellyfin: true traefik_provider_jellyfin: true
traefik_provider_homeassistant: true traefik_provider_homeassistant: true
traefik_provider_grafana: true traefik_provider_grafana: true
traefik_provider_gitlab: true
with_fail2ban: true with_fail2ban: true

6
ansible/roles/gitlab/files/gitlab.rb
View file

@ -1,4 +1,4 @@
external_url 'https://{{ pve_hosts.gitlab.ip }}' # Obviously temporary external_url 'https://code.theorangeone.net'
nginx['redirect_http_to_https'] = false nginx['redirect_http_to_https'] = false
alertmanager['enable'] = false alertmanager['enable'] = false
prometheus_monitoring['enable'] = false prometheus_monitoring['enable'] = false
@ -21,5 +21,5 @@ sidekiq['max_concurrency'] = 10
gitlab_rails['gitlab_default_theme'] = 2 gitlab_rails['gitlab_default_theme'] = 2
nginx['real_ip_header'] = 'X-Forwarded-For' nginx['real_ip_header'] = 'X-Forwarded-For'
#nginx['real_ip_trusted_addresses'] = ['172.80.0.0/16'] nginx['real_ip_trusted_addresses'] = ['{{ pve_hosts.pve_docker.ip }}/32']
#gitlab_rails['trusted_proxies'] = ['172.80.0.0/16'] gitlab_rails['trusted_proxies'] = ['{{ pve_hosts.pve_docker.ip }}/32']

1
ansible/roles/traefik/defaults/main.yml
View file

@ -1,6 +1,7 @@
traefik_provider_jellyfin: false traefik_provider_jellyfin: false
traefik_provider_homeassistant: false traefik_provider_homeassistant: false
traefik_provider_grafana: false traefik_provider_grafana: false
traefik_provider_false: false
with_traefik_pages: false with_traefik_pages: false
with_fail2ban: false with_fail2ban: false

12
ansible/roles/traefik/files/file-provider-gitlab.yml Normal file
View file

@ -0,0 +1,12 @@
http:
routers:
router-gitlab:
rule: Host(`code.theorangeone.net`)
service: service-gitlab
tls:
certResolver: le
services:
service-gitlab:
loadBalancer:
servers:
- url: https://{{ pve_hosts.gitlab.ip }}

10
ansible/roles/traefik/tasks/main.yml
View file

@ -78,6 +78,16 @@
when: traefik_provider_grafana when: traefik_provider_grafana
become: true become: true
- name: Install gitlab provider
template:
src: files/file-provider-gitlab.yml
dest: /opt/traefik/traefik/conf/gitlab.yml
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
notify: restart traefik
when: traefik_provider_gitlab
become: true
- name: logrotate config - name: logrotate config
template: template:
src: files/logrotate.conf src: files/logrotate.conf

8
terraform/theorangeone.net.tf
View file

@ -10,6 +10,14 @@ resource "cloudflare_record" "theorangeonenet_git" {
ttl = 1 ttl = 1
} }
resource "cloudflare_record" "theorangeonenet_code" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "code"
value = vultr_instance.casey.main_ip
type = "A"
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_whoami" { resource "cloudflare_record" "theorangeonenet_whoami" {
zone_id = cloudflare_zone.theorangeonenet.id zone_id = cloudflare_zone.theorangeonenet.id
name = "whoami" name = "whoami"