├── .gitignore ├── templates ├── user_ssh_config ├── database.yml.j2 ├── hosts.j2 ├── gitlab_shell_config.yml.j2 ├── nginx.conf.j2 └── gitlab.yml.j2 ├── vars.yml.example ├── readme.md └── gitlab.yml /.gitignore: -------------------------------------------------------------------------------- 1 | vars.yml 2 | -------------------------------------------------------------------------------- /templates/user_ssh_config: -------------------------------------------------------------------------------- 1 | Host * 2 | StrictHostKeyChecking no 3 | UserKnownHostsFile /dev/null 4 | -------------------------------------------------------------------------------- /vars.yml.example: -------------------------------------------------------------------------------- 1 | --- 2 | domain_name: gitlab.dev # This is an FQDN, for example: google.com, foo.com 3 | database_password: secrete 4 | -------------------------------------------------------------------------------- /templates/database.yml.j2: -------------------------------------------------------------------------------- 1 | production: 2 | adapter: mysql2 3 | encoding: utf8 4 | database: gitlabhq_production 5 | username: gitlab 6 | password: {{ database_password }} 7 | socket: /var/run/mysqld/mysqld.sock 8 | 9 | -------------------------------------------------------------------------------- /templates/hosts.j2: -------------------------------------------------------------------------------- 1 | 127.0.0.1 localhost, {{ domain_name }} 2 | 3 | # The following lines are desirable for IPv6 capable hosts 4 | ::1 ip6-localhost ip6-loopback 5 | fe00::0 ip6-localnet 6 | ff00::0 ip6-mcastprefix 7 | ff02::1 ip6-allnodes 8 | ff02::2 ip6-allrouters 9 | ff02::3 ip6-allhosts 10 | -------------------------------------------------------------------------------- /templates/gitlab_shell_config.yml.j2: -------------------------------------------------------------------------------- 1 | # GitLab user. git by default 2 | user: git 3 | 4 | # Url to gitlab instance. Used for api calls. Should be ends with slash. 5 | gitlab_url: "http://{{ domain_name }}/" 6 | 7 | http_settings: 8 | # user: someone 9 | # password: somepass 10 | self_signed_cert: false 11 | 12 | # Repositories path 13 | repos_path: "/home/git/repositories" 14 | 15 | # File used as authorized_keys for gitlab user 16 | auth_file: "/home/git/.ssh/authorized_keys" 17 | 18 | # Redis settings used for pushing commit notices to gitlab 19 | redis: 20 | bin: /usr/bin/redis-cli 21 | host: 127.0.0.1 22 | port: 6379 23 | # socket: /tmp/redis.socket # Only define this if you want to use sockets 24 | namespace: resque:gitlab 25 | -------------------------------------------------------------------------------- /templates/nginx.conf.j2: -------------------------------------------------------------------------------- 1 | # GITLAB 2 | # Maintainer: @randx 3 | # App Version: 5.1 4 | 5 | upstream gitlab { 6 | server unix:///home/git/gitlab/tmp/sockets/gitlab.socket; 7 | } 8 | 9 | server { 10 | listen *:80 default_server; # e.g., listen 192.168.1.1:80; 11 | server_name {{ domain_name }}; # e.g., server_name source.example.com; 12 | root /home/git/gitlab/public; 13 | 14 | # individual nginx logs for this gitlab vhost 15 | access_log /var/log/nginx/gitlab_access.log; 16 | error_log /var/log/nginx/gitlab_error.log; 17 | 18 | location / { 19 | # serve static files from defined root folder;. 20 | # @gitlab is a named location for the upstream fallback, see below 21 | try_files $uri $uri/index.html $uri.html @gitlab; 22 | } 23 | 24 | # if a file, which is not found in the root folder is requested, 25 | # then the proxy pass the request to the upsteam (gitlab unicorn) 26 | location @gitlab { 27 | proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 28 | proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 29 | proxy_redirect off; 30 | 31 | proxy_set_header X-Forwarded-Proto $scheme; 32 | proxy_set_header Host $http_host; 33 | proxy_set_header X-Real-IP $remote_addr; 34 | 35 | proxy_pass http://gitlab; 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | # ansible-playbook-gitlab 2 | 3 | Playbook for installing GitLab 5.1 on Ubuntu (tested with quantal 12.10). 4 | 5 | Let's be honest, setting up gitlab is in pain in the ass. This ansible playbook was made to help you deploy GitLab in about 15 minutes with a single command. 6 | 7 | 8 | ## Prerequisites 9 | You need to have sudo installed on the server and Ansible on the client. 10 | 11 | You will need to copy `vars.yml.example` to `vars.yml` which contains the domain you would like to use, as the database password. 12 | 13 | _The playbooks use the apt module, and for that reason they only work on Debian-based distributions. They are currently only tested on Debian unstable. Patches are welcome for extending support for other platforms. Also, please let me know if the playbooks should happen to work on other configurations, such as Debian testing or Ubuntu Server._ 14 | 15 | ## Installation 16 | Run the following: 17 | 18 | ansible-playbook -vvv gitlab.yml -u ubuntu 19 | 20 | Now you should be able to log in with: 21 | 22 | username: admin@local.host 23 | password: 5iveL!fe 24 | 25 | ## Contributors 26 | 27 | * Alexander Teinum (https://github.com/alexanderte) 28 | * Jake Dahn (http://github.com/jakedahn) 29 | 30 | ## License 31 | Copyright © 2012 Tingtun 32 | 33 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 34 | 35 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 36 | 37 | THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 38 | -------------------------------------------------------------------------------- /templates/gitlab.yml.j2: -------------------------------------------------------------------------------- 1 | # # # # # # # # # # # # # # # # # # 2 | # GitLab application config file # 3 | # # # # # # # # # # # # # # # # # # 4 | # 5 | # How to use: 6 | # 1. copy file as gitlab.yml 7 | # 2. Replace gitlab -> host with your domain 8 | # 3. Replace gitlab -> email_from 9 | 10 | production: &base 11 | # 12 | # 1. GitLab app settings 13 | # ========================== 14 | 15 | ## GitLab settings 16 | gitlab: 17 | ## Web server settings 18 | host: {{ domain_name }} 19 | port: 80 20 | https: false 21 | # Uncomment and customize to run in non-root path 22 | # Note that ENV['RAILS_RELATIVE_URL_ROOT'] in config/unicorn.rb may need to be changed 23 | # relative_url_root: /gitlab 24 | 25 | # Uncomment and customize if you can't use the default user to run GitLab (default: 'git') 26 | # user: git 27 | 28 | ## Email settings 29 | # Email address used in the "From" field in mails sent by GitLab 30 | email_from: gitlab@{{ domain_name }} 31 | 32 | # Email address of your support contact (default: same as email_from) 33 | support_email: support@{{ domain_name }} 34 | 35 | ## Project settings 36 | default_projects_limit: 10 37 | # signup_enabled: true # default: false - Account passwords are not sent via the email if signup is enabled. 38 | # username_changing_enabled: false # default: true - User can change her username/namespace 39 | 40 | 41 | ## External issues trackers 42 | issues_tracker: 43 | # redmine: 44 | # ## If not nil, link 'Issues' on project page will be replaced with this 45 | # ## Use placeholders: 46 | # ## :project_id - GitLab project identifier 47 | # ## :issues_tracker_id - Project Name or Id in external issue tracker 48 | # project_url: "http://redmine.sample/projects/:issues_tracker_id" 49 | # 50 | # ## If not nil, links from /#\d/ entities from commit messages will replaced with this 51 | # ## Use placeholders: 52 | # ## :project_id - GitLab project identifier 53 | # ## :issues_tracker_id - Project Name or Id in external issue tracker 54 | # ## :id - Issue id (from commit messages) 55 | # issues_url: "http://redmine.sample/issues/:id" 56 | # 57 | # ## If not nil, linkis to creating new issues will be replaced with this 58 | # ## Use placeholders: 59 | # ## :project_id - GitLab project identifier 60 | # ## :issues_tracker_id - Project Name or Id in external issue tracker 61 | # new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new" 62 | 63 | ## Gravatar 64 | gravatar: 65 | enabled: true # Use user avatar image from Gravatar.com (default: true) 66 | # plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=mm 67 | # ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=mm 68 | 69 | 70 | 71 | # 72 | # 2. Auth settings 73 | # ========================== 74 | 75 | ## LDAP settings 76 | ldap: 77 | enabled: false 78 | host: '_your_ldap_server' 79 | base: '_the_base_where_you_search_for_users' 80 | port: 636 81 | uid: 'sAMAccountName' 82 | method: 'ssl' # "ssl" or "plain" 83 | bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' 84 | password: '_the_password_of_the_bind_user' 85 | 86 | ## OmniAuth settings 87 | omniauth: 88 | # Allow login via Twitter, Google, etc. using OmniAuth providers 89 | enabled: false 90 | 91 | # CAUTION! 92 | # This allows users to login without having a user account first (default: false). 93 | # User accounts will be created automatically when authentication was successful. 94 | allow_single_sign_on: false 95 | # Locks down those users until they have been cleared by the admin (default: true). 96 | block_auto_created_users: true 97 | 98 | ## Auth providers 99 | # Uncomment the following lines and fill in the data of the auth provider you want to use 100 | # If your favorite auth provider is not listed you can use others: 101 | # see https://github.com/gitlabhq/gitlabhq/wiki/Using-Custom-Omniauth-Providers 102 | # The 'app_id' and 'app_secret' parameters are always passed as the first two 103 | # arguments, followed by optional 'args' which can be either a hash or an array. 104 | providers: 105 | # - { name: 'google_oauth2', app_id: 'YOUR APP ID', 106 | # app_secret: 'YOUR APP SECRET', 107 | # args: { access_type: 'offline', approval_prompt: '' } } 108 | # - { name: 'twitter', app_id: 'YOUR APP ID', 109 | # app_secret: 'YOUR APP SECRET'} 110 | # - { name: 'github', app_id: 'YOUR APP ID', 111 | # app_secret: 'YOUR APP SECRET' } 112 | 113 | 114 | 115 | # 116 | # 3. Advanced settings 117 | # ========================== 118 | 119 | # GitLab Satellites 120 | satellites: 121 | # Relative paths are relative to Rails.root (default: tmp/repo_satellites/) 122 | path: /home/git/gitlab-satellites/ 123 | 124 | ## Backup settings 125 | backup: 126 | path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) 127 | # keep_time: 604800 # default: 0 (forever) (in seconds) 128 | 129 | ## GitLab Shell settings 130 | gitlab_shell: 131 | # REPOS_PATH MUST NOT BE A SYMLINK!!! 132 | repos_path: /home/git/repositories/ 133 | hooks_path: /home/git/gitlab-shell/hooks/ 134 | 135 | # Git over HTTP 136 | upload_pack: true 137 | receive_pack: true 138 | 139 | # If you use non-standard ssh port you need to specify it 140 | # ssh_port: 22 141 | 142 | ## Git settings 143 | # CAUTION! 144 | # Use the default values unless you really know what you are doing 145 | git: 146 | bin_path: /usr/bin/git 147 | # Max size of a git object (e.g. a commit), in bytes 148 | # This value can be increased if you have very large commits 149 | max_size: 5242880 # 5.megabytes 150 | # Git timeout to read a commit, in seconds 151 | timeout: 10 152 | 153 | development: 154 | <<: *base 155 | 156 | test: 157 | <<: *base 158 | issues_tracker: 159 | redmine: 160 | project_url: "http://redmine/projects/:issues_tracker_id" 161 | issues_url: "http://redmine/:project_id/:issues_tracker_id/:id" 162 | new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new" 163 | 164 | staging: 165 | <<: *base 166 | -------------------------------------------------------------------------------- /gitlab.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: gitlab 3 | sudo: yes 4 | tasks: 5 | - name: add domain to hosts file for fast resolution 6 | action: template src=templates/hosts.j2 dest=/etc/hosts 7 | - name: ensure apt cache is up to date 8 | action: apt update_cache=yes 9 | - name: ensure app apt dependencies are installed 10 | action: apt pkg=$item 11 | with_items: 12 | - build-essential 13 | - zlib1g-dev 14 | - libyaml-dev 15 | - libssl-dev 16 | - libgdbm-dev 17 | - libreadline-dev 18 | - libncurses5-dev 19 | - libffi-dev 20 | - curl 21 | - git-core 22 | - openssh-server 23 | - redis-server 24 | - postfix 25 | - checkinstall 26 | - libxml2-dev 27 | - libxslt1-dev 28 | - libcurl4-openssl-dev 29 | - libicu-dev 30 | - mysql-server 31 | - mysql-client 32 | - libmysqlclient-dev 33 | - python-mysqldb # Required for ansible mysql module to work, see: http://ansible.cc/docs/modules.html#mysql-user 34 | 35 | - hosts: gitlab 36 | sudo: yes 37 | tasks: 38 | - name: ensure /usr/local/bin/python2 links to /usr/bin/python 39 | file: state=link src=/usr/bin/python path=/usr/local/bin/python2 40 | 41 | # Compile Ruby! 42 | 43 | - hosts: gitlab 44 | sudo: no 45 | vars: 46 | url: http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.tar.gz 47 | path: /tmp/ruby/ruby-1.9.3-p392 48 | tasks: 49 | - name: ensure directory /tmp/ruby is present 50 | file: state=directory path=/tmp/ruby 51 | - name: ensure ruby is downloaded 52 | get_url: url=$url dest=/tmp/ruby 53 | - name: ensure ruby is extracted 54 | command: tar -xf ruby-1.9.3-p392.tar.gz chdir=/tmp/ruby creates=$path 55 | - name: ensure ruby is configured 56 | command: ./configure chdir=$path creates=$path/Makefile 57 | - name: ensure ruby is compiled 58 | command: make chdir=$path creates=$path/ruby 59 | 60 | - hosts: gitlab 61 | sudo: yes 62 | vars: 63 | path: /tmp/ruby/ruby-1.9.3-p392 64 | tasks: 65 | - name: ensure ruby is installed 66 | command: make install chdir=$path creates=/usr/local/bin/ruby 67 | - name: ensure bundler is installed 68 | command: gem install bundler creates=/usr/local/lib/ruby/gems/1.9.1/gems/bundler-1.3.0 69 | 70 | # System Users 71 | 72 | - hosts: gitlab 73 | sudo: yes 74 | tasks: 75 | - name: ensure user git is present 76 | user: state=present name=git system=yes shell=/bin/sh comment="Git Version Control" 77 | 78 | # 4. GitLab Shell 79 | 80 | - hosts: gitlab 81 | sudo: yes 82 | sudo_user: git 83 | vars_files: 84 | - vars.yml 85 | tasks: 86 | - name: ensure Gitlab-Shell git repository is cloned 87 | git: repo=https://github.com/gitlabhq/gitlab-shell.git dest=/home/git/gitlab-shell version=v1.5.0 88 | - name: ensure config is copied from example 89 | command: cp /home/git/gitlab-shell/config.yml.example /home/git/gitlab-shell/config.yml creates=/home/git/gitlab-shell/config.yml 90 | - name: ensure gitlab-shell config is written 91 | action: template src=templates/gitlab_shell_config.yml.j2 dest=/home/git/gitlab-shell/config.yml mode=0755 92 | - name: ensure gitlab-shell is installed 93 | command: /home/git/gitlab-shell/bin/install 94 | 95 | 96 | # 6. GitLab 97 | 98 | - hosts: gitlab 99 | sudo: yes 100 | sudo_user: git 101 | vars_files: 102 | - vars.yml 103 | tasks: 104 | - name: ensure GitLab 5.3-stable is cloned 105 | git: repo=https://github.com/gitlabhq/gitlabhq.git dest=/home/git/gitlab version=5-3-stable 106 | - name: ensure GitLab config file exists 107 | action: template src=templates/gitlab.yml.j2 dest=/home/git/gitlab/config/gitlab.yml mode=0755 108 | - name: Make sure that socket dir exists 109 | action: file path=/home/git/gitlab/tmp/sockets state=directory 110 | 111 | - hosts: gitlab 112 | sudo: yes 113 | tasks: 114 | - name: ensure GitLab can write to log (2) 115 | command: chmod -R u+rwX /home/git/gitlab/log 116 | - name: ensure GitLab can write to log (2) 117 | command: chmod -R u+rwX /home/git/gitlab/tmp 118 | 119 | - hosts: gitlab 120 | sudo: yes 121 | sudo_user: git 122 | vars_files: 123 | - vars.yml 124 | tasks: 125 | - name: ensure directory for satellites exists 126 | file: state=directory path=/home/git/gitlab-satellites 127 | - name: ensure database config is written 128 | action: template src=templates/database.yml.j2 dest=/home/git/gitlab/config/database.yml mode=0755 129 | - name: ensure database gitlabhq_production is present 130 | mysql_db: state=present name=gitlabhq_production collation=utf8_unicode_ci encoding=utf8 131 | - name: ensure database user gitlab is present and has privleges 132 | mysql_user: state=present name=gitlab host=localhost password=$database_password priv=gitlabhq_production.*:ALL 133 | - name: ensure copy of puma config exists 134 | command: cp /home/git/gitlab/config/puma.rb.example /home/git/gitlab/config/puma.rb creates=/home/git/gitlab/config/puma.rb 135 | 136 | 137 | - hosts: gitlab 138 | sudo: yes 139 | tasks: 140 | - name: ensure gem charlock_holmes is installed 141 | command: gem install charlock_holmes --version '0.6.9' 142 | 143 | - hosts: gitlab 144 | sudo: yes 145 | sudo_user: git 146 | vars_files: 147 | - vars.yml 148 | 149 | tasks: 150 | - name: ensure GitLab bundle is installed 151 | command: bundle install --deployment --without development test postgres chdir=/home/git/gitlab 152 | 153 | - hosts: gitlab 154 | sudo: yes 155 | sudo_user: git 156 | tasks: 157 | - shell: yes 'yes' | bundle exec rake gitlab:setup RAILS_ENV=production chdir=/home/git/gitlab 158 | 159 | # 6. GitLab (continued) 160 | 161 | - hosts: gitlab 162 | sudo: yes 163 | tasks: 164 | - name: ensure init script is installed 165 | get_url: url=https://raw.github.com/gitlabhq/gitlab-recipes/5-1-stable/init.d/gitlab dest=/etc/init.d/gitlab mode=0755 166 | - name: make GitLab start on boot 167 | command: update-rc.d gitlab defaults 21 168 | # Since the init script is janky, the following two actions seem to be the 169 | # way to go for reliably restarting gitlab. 170 | - name: kill erroneous puma socket file 171 | command: rm /home/git/gitlab/tmp/sockets/gitlab.socket 172 | ignore_errors: yes 173 | - name: stop GitLab 174 | command: /etc/init.d/gitlab stop 175 | ignore_errors: yes 176 | - name: start GitLab 177 | command: /etc/init.d/gitlab start 178 | ignore_errors: yes 179 | 180 | # 7. Nginx 181 | - hosts: gitlab 182 | sudo: yes 183 | vars_files: 184 | - vars.yml 185 | tasks: 186 | - name: ensure package nginx is present 187 | apt: state=present pkg=nginx 188 | - name: ensure GitLab Nginx site is available 189 | action: template src=templates/nginx.conf.j2 dest=/etc/nginx/sites-available/gitlab mode=0755 190 | - name: ensure default Nginx site is not enabled 191 | file: state=absent path=/etc/nginx/sites-enabled/default 192 | - name: ensure GitLab Nginx site is enabled 193 | file: state=link src=/etc/nginx/sites-available/gitlab path=/etc/nginx/sites-enabled/gitlab 194 | 195 | - hosts: gitlab 196 | sudo: yes 197 | tasks: 198 | - name: restart Nginx 199 | command: /etc/init.d/nginx restart 200 | --------------------------------------------------------------------------------