dubzland.gitlab.gitlab_server role – Installs and configures the GitLab DevOps server.

Note

This role is part of the dubzland.gitlab collection (version 1.1.1).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install dubzland.gitlab.

To use it in a playbook, specify: dubzland.gitlab.gitlab_server.

Entry point main – Installs and configures the GitLab DevOps server.

Synopsis

  • Sets up the GitLab apt repository

  • Installs the gitlab-ee package

  • Creates and applies the GitLab configuration

Parameters

Parameter

Comments

gitlab_server_backup_keep_time

integer

Amount of time (in seconds) to keep old backup files.

gitlab_server_backup_path

path

Directory on the GitLab server to hold backup data.

gitlab_server_default_theme

integer

Default theme for the GitLab web UI.

Default: 2

gitlab_server_email_display_name

string

Name displayed as the sender on outbound emails.

gitlab_server_email_enabled

boolean

Enables email originating from the GitLab server.

Choices:

  • false

  • true

gitlab_server_email_from

string

Email address listed as the sender on outbound emails.

gitlab_server_email_reply_to

string

Reply-to address for outbound emails.

gitlab_server_manage_backup_path

boolean

Should GitLab manage the permissions and ownership of the directory specified in gitlab_server_backup_path?

Choices:

  • false

  • true

gitlab_server_nginx_client_max_body_size

string

Maximum payload size allowed by Nginx.

Default: "250m"

gitlab_server_nginx_listen_addresses

list / elements=string

Local addresses the GitLab Nginx server should bind to.

Default: ["*", "[::]"]

gitlab_server_nginx_listen_https

boolean

Listen on https (443). Set to False if using a reverse proxy.

Choices:

  • false

  • true

gitlab_server_nginx_listen_port

integer

If present, specifies the port Nginx should listen on.

gitlab_server_nginx_real_ip_header

string

HTTP header containing upstream proxy addresses.

gitlab_server_nginx_real_ip_recursive

boolean

Enable Nginx Real-Ip recursive search.

Choices:

  • false

  • true

gitlab_server_nginx_real_ip_trusted_addresses

list / elements=string

List of upstream reverse proxies.

gitlab_server_nginx_redirect_http_to_https

boolean

Should http requests to the server be redirected to https.

Choices:

  • false

  • true ← (default)

gitlab_server_object_store_bucket_artifacts

string

Name of the bucket used for artifact storage.

gitlab_server_object_store_bucket_ci_secure_files

string

Name of the bucket used for storing secured files used during CI runs. See ERROR while parsing: While parsing “L(https://docs.gitlab.com/ee/administration/secure_files.html) for details.” at index 77: Cannot find comma separating parameter 1 from the next one

gitlab_server_object_store_bucket_dependency_proxy

string

Name of the bucket used for dependency proxy caching.

gitlab_server_object_store_bucket_external_diffs

string

Name of the bucket used for merge request diffs.

gitlab_server_object_store_bucket_lfs

string

Name of the bucket used for Large File Storage.

gitlab_server_object_store_bucket_packages

string

Name of the bucket used for project packages.

gitlab_server_object_store_bucket_pages

string

Name of the bucket used for storing Gitlab Pages.

gitlab_server_object_store_bucket_terraform_state

string

Name of the bucket used for storing Terraform state.

gitlab_server_object_store_bucket_uploads

string

Name of the bucket used for uploads.

gitlab_server_object_store_connection

dictionary

Connection configuration for the object store. See ERROR while parsing: While parsing “L(https://docs.gitlab.com/ee/administration/object_storage.html) for details.” at index 53: Cannot find comma separating parameter 1 from the next one

aws_access_key_id

string

AWS credentials.

aws_secret_access_key

string

AWS credentials.

endpoint

string

Can be used to configure an S3 compatible service (like Minio).

path_style

boolean

Set to true if using Minio, otherwise false.

Choices:

  • false

  • true

provider

string

Choices:

  • "AWS"

  • "Google"

  • "AzureRM"

region

string

AWS Region (us-east-1 for Minio)

gitlab_server_object_store_enabled

boolean

Enables the consoldated configuration for Object Storage.

Choices:

  • false

  • true

gitlab_server_object_store_proxy_download

boolean

Proxy all object requests through the GitLab server.

Choices:

  • false

  • true

gitlab_server_pages_access_control

boolean

Enables Access control for the Pages daemon.

Choices:

  • false

  • true

gitlab_server_pages_cert

path

Certificate file used by the GitLab Pages server.

gitlab_server_pages_cert_key

path

Certificate key file used by the GitLab Pages server.

gitlab_server_pages_enable

boolean

Enable GitLab Pages functionality.

Choices:

  • false ← (default)

  • true

gitlab_server_pages_external_http

list / elements=string

List of IP addresses the Pages daemon will bind to (for http). Necessary if you want to use custom domains. See ERROR while parsing: While parsing “L(https://docs.gitlab.com/ee/administration/pages/index.html#advanced-configuration)\n for more information.” at index 121: Cannot find comma separating parameter 1 from the next one

gitlab_server_pages_external_https

list / elements=string

List of IP addresses the Pages daemon will bind to (for https). Necessary if you want to use custom domains. See ERROR while parsing: While parsing “L(https://docs.gitlab.com/ee/administration/pages/index.html#advanced-configuration)\n for more information.” at index 122: Cannot find comma separating parameter 1 from the next one

gitlab_server_pages_external_url

string

Base URL under which GitLab will server Pages projects.

gitlab_server_pages_nginx_enable

boolean

Controls the GitLab Pages Nginx instance. If you are planning on utilizing custom domains, this should be disabled. See ERROR while parsing: While parsing “L(https://docs.gitlab.com/ee/administration/pages/index.html#advanced-configuration)\n for more information.” at index 131: Cannot find comma separating parameter 1 from the next one

Choices:

  • false

  • true

gitlab_server_pages_redirect_http

boolean

Redirect Pages traffic from HTTP to HTTPS

Choices:

  • false

  • true

gitlab_server_postgresql_enabled

boolean

Enable the omnibus embedded PostgreSQL server. Set to “false” to use an external PostgreSQL server.

Choices:

  • false

  • true ← (default)

gitlab_server_postgresql_encoding

string

Encoding used by the external PostgreSQL server. Note: This setting only applies if gitlab_server_postgresql_enabled is v(false).

gitlab_server_postgresql_host

string

Hostname or IP address of an external PostgreSQL server. See the [GitLab documentation](https://docs.gitlab.com/ee/administration/postgresql/external.html) for more information on configuring an external PostgreSQL server. Note: This setting only applies if gitlab_server_postgresql_enabled is v(false).

gitlab_server_postgresql_password

string

Password used to authenticate with the external PostgreSQL server. Note: This setting only applies if gitlab_server_postgresql_enabled is v(false).

gitlab_server_postgresql_port

integer

Port the external PostgreSQL server is accepting connections on. See the [GitLab documentation](https://docs.gitlab.com/ee/administration/postgresql/external.html) for more information on configuring an external PostgreSQL server. Note: This setting only applies if gitlab_server_postgresql_enabled is v(false).

gitlab_server_puma_worker_processes

integer

Number of Puma workers to run. Set to 0 to disable Puma clustered mode. See ERROR while parsing: While parsing “L(https://docs.gitlab.com/ee/administration/operations/puma.html#disable-puma-clustered-mode-in-memory-constrained-environments)\n for more information. Generally speaking, this setting should not be\n used. Primarily exists for reducing resource usage during CI runs.” at index 83: Cannot find closing “)” after last parameter

gitlab_server_registry_enabled

boolean

Enables the GitLab Container Registry.

Choices:

  • false

  • true

gitlab_server_registry_external_url

string

URL under which the Container Registry is available.

gitlab_server_registry_host

string

Host running the Docker registry daemon.

gitlab_server_registry_nginx_enable

boolean

Enable the Nginx server for Registry access.

Choices:

  • false

  • true

gitlab_server_registry_nginx_listen_https

boolean

Enable or disable HTTPS for the Registry Nginx instance.

Choices:

  • false

  • true

gitlab_server_registry_nginx_listen_port

integer

Port the Registry Nginx server should listen on.

gitlab_server_registry_path

path

Directory on the GitLab server where registry data should be stored.

gitlab_server_registry_port

integer

Port the gitlab_server_registry_host is listening on.

gitlab_server_registry_storage

dictionary

Connection configuration for the object store. See ERROR while parsing: While parsing “L(https://docs.gitlab.com/ee/administration/object_storage.html) for details.” at index 53: Cannot find comma separating parameter 1 from the next one

accesskey

string

AWS credentials.

bucket

string

Name of the bucket used to store container image data.

disable_redirect

boolean

Disables redirection of registry requests to the storage server.

Choices:

  • false

  • true

encrypt

boolean

Enable server side encryption of Registry data.

Choices:

  • false

  • true

pathstyle

boolean

Set to true if using Minio, otherwise false.

Choices:

  • false

  • true

provider

string

Choices:

  • "s3"

region

string

AWS Region (us-east-1 for Minio)

regionendpoint

string

Can be used to configure an S3 compatible service (like Minio).

secretkey

string

AWS credentials.

secure

boolean

Enables TLS encryption to the storage server.

Choices:

  • false

  • true

gitlab_server_smtp_address

string

Address of the SMTP server used for sending emails.

gitlab_server_smtp_authentication

string

Authentication method to use with the SMTP server.

Choices:

  • "login"

  • "plain"

gitlab_server_smtp_ca_file

path

Actual CA certificate.

gitlab_server_smtp_ca_path

path

Path to the CA to use for validating peer cerficates.

gitlab_server_smtp_domain

string

Domain to authenticate to.

gitlab_server_smtp_enable

boolean

Enables sending email via an external server, as opposed to using Sendmail or Postfix directly.

Choices:

  • false

  • true

gitlab_server_smtp_enable_starttls_auto

boolean

Use STARTTLS on the SMTP server if present.

Choices:

  • false

  • true

gitlab_server_smtp_openssl_verify_mode

string

Sets how OpenSSL checks the certificate. See ActionMailer for more information.

Choices:

  • "none"

  • "peer"

  • "client_once"

  • "fail_if_no_peer_cert"

gitlab_server_smtp_password

string

Password that corresponds to gitlab_server_smtp_user_name.

gitlab_server_smtp_pool

boolean

Enables SMTP connection pooling.

Choices:

  • false

  • true

gitlab_server_smtp_port

integer

Port the gitlab_server_smtp_address is listening on.

gitlab_server_smtp_tls

boolean

Enables TLS authentication with the SMTP server.

Choices:

  • false

  • true

gitlab_server_smtp_user_name

string

Username used to authenticate to the SMTP server.