Cransible Gitlab configuration

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>

group_vars/git.yml

@@ -0,0 +1,17 @@
+---
+
+glob_gitlab:
+  url: 'https://gitlab.crans.org'
+  time_zone: 'Europe/Paris'
+  email: 'gitlab@crans.org'
+  email_display_name: 'Crans GitLab'
+  ldap_label: 'Crans'
+  ldap_host: '172.16.10.90'  # Thot
+  ldap_port: 389
+  ldap_uid: 'uid'
+  ldap_bind_dn: 'cn=gitlab,ou=service-users,dc=crans,dc=org'
+  ldap_base: 'cn=Utilisateurs,dc=crans,dc=org'
+  ldap_user_filter: '(&(!(shadowExpire=0))(uid=*))'
+  cas_name: 'cas3'
+  cas_label: 'CAS Cr@ns'
+  cas_url: 'https://cas.crans.org'

host_vars/gitzly.adm.crans.org.yml

@@ -17,3 +17,6 @@ loc_certbot:
     mail: root@crans.org
     certname: adm.crans.org
     domains: "*.adm.crans.org"
+
+loc_gitlab:
+  ldap_bind_password: "{{ vault_gitlab_ldap_password }}"

plays/gitlab.yml

@@ -10,5 +10,8 @@
 - hosts: git
   vars:
     certbot: '{{ loc_certbot | default(glob_certbot | default([])) }}'
+    gitlab: '{{ glob_gitlab | default({}) | combine(loc_gitlab | default({})) }}'
   roles:
     - certbot
+    - gitlab
+    - nginx

roles/gitlab/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+- name: Add Gitlab configuration
+  template:
+    src: gitlab.rb.j2
+    dest: /etc/letsencrypt/rfc2136.ini
+    mode: 0600
+    owner: root