geerlingguy · araimbert · Feb 24, 2020 · Feb 24, 2020 · Feb 24, 2020 · Feb 24, 2020
diff --git a/.gitignore b/.gitignore
@@ -3,3 +3,4 @@
 *.pyc
 .cache
 
+.idea
diff --git a/README.md b/README.md
@@ -62,14 +62,14 @@ Whether to create a self-signed certificate for serving GitLab over a secure con
 
 ### LetsEncrypt Configuration.
 
-    gitlab_letsencrypt_enable: "false"
+    gitlab_letsencrypt_enabled: "false"
     gitlab_letsencrypt_contact_emails: ["gitlab@example.com"]
     gitlab_letsencrypt_auto_renew_hour: 1
     gitlab_letsencrypt_auto_renew_minute: 30
     gitlab_letsencrypt_auto_renew_day_of_month: "*/7"
     gitlab_letsencrypt_auto_renew: true
 
-GitLab LetsEncrypt configuration; tells GitLab whether to request and use a certificate from LetsEncrypt, if `gitlab_letsencrypt_enable` is set to `"true"`. Multiple contact emails can be configured under `gitlab_letsencrypt_contact_emails` as a list.
+GitLab LetsEncrypt configuration; tells GitLab whether to request and use a certificate from LetsEncrypt, if `gitlab_letsencrypt_enabled` is set to `"true"`. Multiple contact emails can be configured under `gitlab_letsencrypt_contact_emails` as a list.
 
     # LDAP Configuration.
     gitlab_ldap_enabled: "false"
@@ -143,6 +143,24 @@ If you want to enable [2-way SSL Client Authentication](https://docs.gitlab.com/
 
     gitlab_default_theme: 2
 
+If you are willing to enable/disable the Gitlab docker registry (By default the registry is enabled)
+
+    gitlab_registry_enabled: true
+    gitlab_registry_external_url: "https://gitlab/"
+    gitlab_registry_external_url: 4567
+
+If you want to set up the upload backup, your vars_conf goes under 'backup_upload_connection_conf'
+
+    # Example for AWS provider (Check gitlab doc to find the right vars of your provider)
+    backup_upload_connection_conf:
+        provider: AWS
+        region: YOUR_REGION
+        aws_access_key_id: YOUR_ACCESS_KEY_HERE
+        aws_secret_access_key: YOUR_SECRET_ACCESS_KEY_HERE
+
+    backup_upload_remote_directory: my.s3.bucket
+
+
 GitLab includes a number of themes, and you can set the default for all users with this variable. See [the included GitLab themes to choose a default](https://github.com/gitlabhq/gitlabhq/blob/master/config/gitlab.yml.example#L79-L85).
 
     gitlab_extra_settings:

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -69,13 +69,13 @@ gitlab_email_display_name: "Gitlab"
 gitlab_email_reply_to: "gitlab@example.com"
 
 # Registry configuration.
-gitlab_registry_enable: "false"
+gitlab_registry_enabled: "false"
 gitlab_registry_external_url: "https://gitlab.example.com:4567"
 gitlab_registry_nginx_ssl_certificate: "/etc/gitlab/ssl/gitlab.crt"
 gitlab_registry_nginx_ssl_certificate_key: "/etc/gitlab/ssl/gitlab.key"
 
 # LetsEncrypt configuration.
-gitlab_letsencrypt_enable: "false"
+gitlab_letsencrypt_enabled: "false"
 gitlab_letsencrypt_contact_emails: ["gitlab@example.com"]
 gitlab_letsencrypt_auto_renew_hour: 1
 gitlab_letsencrypt_auto_renew_minute: 30

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -2,10 +2,6 @@
 - name: Include OS-specific variables.
   include_vars: "{{ ansible_os_family }}.yml"
 
-- name: Check if GitLab configuration file already exists.
-  stat: path=/etc/gitlab/gitlab.rb
-  register: gitlab_config_file
-
 - name: Check if GitLab is already installed.
   stat: path=/usr/bin/gitlab-ctl
   register: gitlab_file
@@ -39,21 +35,13 @@
     gitlab_package_name: "{{ gitlab_edition }}{{ gitlab_package_version_separator }}{{ gitlab_version }}"
   when: gitlab_version | default(false)
 
-- name: Install GitLab
-  package:
-    name: "{{ gitlab_package_name | default(gitlab_edition) }}"
-    state: present
-  async: 300
-  poll: 5
-  when: not gitlab_file.stat.exists
-
-# Start and configure GitLab. Sometimes the first run fails, but after that,
-# restarts fix problems, so ignore failures on this run.
-- name: Reconfigure GitLab (first run).
-  command: >
-    gitlab-ctl reconfigure
-    creates=/var/opt/gitlab/bootstrapped
-  failed_when: false
+- name: Create GitLab configuration folder.
+  file:
+    path: /etc/gitlab
+    state: directory
+    owner: root
+    group: root
+    mode: 0775
 
 - name: Create GitLab SSL configuration folder.
   file:
@@ -79,3 +67,11 @@
     group: root
     mode: 0600
   notify: restart gitlab
+
+- name: Install GitLab
+  package:
+    name: "{{ gitlab_package_name | default(gitlab_edition) }}"
+    state: present
+  async: 900
+  poll: 5
+  when: not gitlab_file.stat.exists
diff --git a/templates/gitlab.rb.j2 b/templates/gitlab.rb.j2
@@ -1,6 +1,14 @@
 # The URL through which GitLab will be accessed.
 external_url "{{ gitlab_external_url }}"
 
+{% if gitlab_initial_root_password is defined %}
+gitlab_rails['initial_root_password'] = "{{ gitlab_initial_root_password }}"
+{% endif %}
+
+{% if gitlab_initial_shared_runners_registration_token is defined %}
+gitlab_rails['initial_shared_runners_registration_token'] = "{{ gitlab_initial_shared_runners_registration_token }}"
+{% endif %}
+
 # gitlab.yml configuration
 gitlab_rails['time_zone'] = "{{ gitlab_time_zone }}"
 gitlab_rails['backup_keep_time'] = {{ gitlab_backup_keep_time }}
@@ -19,8 +27,8 @@ nginx['redirect_http_to_https'] = {{ gitlab_redirect_http_to_https }}
 nginx['ssl_certificate'] = "{{ gitlab_ssl_certificate }}"
 nginx['ssl_certificate_key'] = "{{ gitlab_ssl_certificate_key }}"
 
-letsencrypt['enable'] = "{{ gitlab_letsencrypt_enable }}"
-{% if gitlab_letsencrypt_enable %}
+letsencrypt['enable'] = {{ gitlab_letsencrypt_enabled }}
+{% if gitlab_letsencrypt_enabled == "true" %}
 letsencrypt['contact_emails'] = "{{ gitlab_letsencrypt_contact_emails | to_json }}"
 letsencrypt['auto_renew_hour'] = "{{ gitlab_letsencrypt_auto_renew_hour }}"
 letsencrypt['auto_renew_minute'] = "{{ gitlab_letsencrypt_auto_renew_minute }}"
@@ -90,27 +98,51 @@ nginx['ssl_client_certificate'] = "{{ gitlab_nginx_ssl_client_certificate }}"
 {% endif %}
 
 # GitLab registry.
-registry['enable'] = {{ gitlab_registry_enable }}
-{% if gitlab_registry_enable == "true" %}
+registry['enable'] = {{ gitlab_registry_enabled }}
+{% if gitlab_registry_enabled == "true" %}
 registry_external_url "{{ gitlab_registry_external_url }}"
+
+{% if gitlab_registry_nginx_listen_port is defined %}
+registry_nginx['listen_port'] = "{{ gitlab_registry_nginx_listen_port }}"
+{% endif %}
+{% if gitlab_registry_nginx_listen_https is defined %}
+registry_nginx['listen_https'] = {{ gitlab_registry_nginx_listen_https }}
+{% endif %}
 registry_nginx['ssl_certificate'] = "{{ gitlab_registry_nginx_ssl_certificate }}"
 registry_nginx['ssl_certificate_key'] = "{{ gitlab_registry_nginx_ssl_certificate_key }}"
 {% endif %}
 
-{% if gitlab_extra_settings is defined %}
-# Extra configuration
-{% for extra in gitlab_extra_settings %}
-{% for setting in extra %}
-{% for kv in extra[setting] %}
-{% if (kv.type is defined and kv.type == 'plain') or (kv.value is not string) %}
-{{ setting }}['{{ kv.key }}'] = {{ kv.value }}
-{% else %}
-{{ setting }}['{{ kv.key }}'] = '{{ kv.value }}'
+# Backup upload connection
+{% if gitlab_backup_upload_connection_conf is defined %}
+gitlab_rails['backup_upload_connection'] = {
+    {% for key, value in gitlab_backup_upload_connection_conf.iteritems() %}
+       '{{ key }}' => '{{ value }}',
+    {% endfor %}
+}
+{% endif %}
+
+{% if gitlab_backup_upload_remote_directory is defined %}
+gitlab_rails['backup_upload_remote_directory'] = "{{ gitlab_backup_upload_remote_directory }}"
+{% endif %}
+
+{% if gitlab_omniauth_enabled is defined and gitlab_omniauth_enabled %}
+gitlab_rails['omniauth_enabled'] = true
+gitlab_rails['omniauth_external_providers'] = {{ gitlab_omniauth_external_providers | to_json}}
+gitlab_rails['omniauth_allow_single_sign_on'] = {{gitlab_omniauth_allow_single_sign_on | to_json}}
+gitlab_rails['omniauth_sync_email_from_provider'] = "{{ gitlab_omniauth_sync_email_from_provider }}"
+gitlab_rails['omniauth_block_auto_created_users'] = {{ gitlab_omniauth_block_auto_created_users }}
+gitlab_rails['omniauth_auto_link_ldap_user'] = {{ gitlab_omniauth_auto_link_ldap_user }}
+gitlab_rails['omniauth_sync_profile_from_provider'] = {{ gitlab_omniauth_sync_profile_from_provider | to_json }}
+gitlab_rails['omniauth_sync_profile_attributes'] = {{ gitlab_omniauth_sync_profile_attributes | to_json }}
+gitlab_rails['omniauth_auto_link_saml_user'] = {{ gitlab_omniauth_auto_link_saml_user }}
+{% if gitlab_omniauth_auto_sign_in_with_provider is defined %}
+gitlab_rails['omniauth_auto_sign_in_with_provider'] = {{ gitlab_omniauth_auto_sign_in_with_provider }}
+{% endif %}
+gitlab_rails['omniauth_providers'] = {{ gitlab_omniauth_providers | to_json }}
 {% endif %}
-{% endfor %}
-{% endfor %}
 
-{% endfor %}
+{% if gitlab_raw_config is defined %}
+{{ gitlab_raw_config }}
 {% endif %}
 
 # To change other settings, see: