infrastructure/gitlab
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Jordan Holt 2021-12-12 20:54:00 +00:00
commit 408a3d8ce1
Signed by: jordan
GPG Key ID: B8CFFF61F1CCF520
6 changed files with 107 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
README.md Normal file
View File

@ -0,0 +1,85 @@
# Vimium GitLab
Self hosted [GitLab](https://about.gitlab.com/install) instance on Vimium.com. Deployed on Hetzner Cloud in the Helsinki datacentre.
## Prerequisites
Create an API key in the Hetzner Cloud GUI (Project -> Security -> API Tokens) with the name `gitlab`. This may already be accessible via `pass api/hetzner/gitlab`.
### SSH key
Replace :bearer with your API token from above and :sshkey with your SSH key.
```
POST https://api.hetzner.cloud/v1/ssh_keys HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json
{
"name": "jordan",
"public_key": ":sshkey"
}
```
### Create the primary server
This instance will run GitLab CE.
```
POST https://api.hetzner.cloud/v1/servers HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json
{
"name": "gitlab-nbg1-1",
"server_type": "cx31",
"location": "nbg1",
"start_after_create": true,
"image": "debian-10",
"labels": {"gitlab-role": "primary"},
"ssh_keys": [
"jordan"
],
"automount": false
}
```
### Create the GitLab Runner instance
```
POST https://api.hetzner.cloud/v1/servers HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json
{
"name": "gitlab-runner-nbg1-1",
"server_type": "cx21",
"location": "nbg1",
"start_after_create": true,
"image": "debian-10",
"labels": {"gitlab-role": "runner"},
"ssh_keys": [
"jordan"
],
"automount": false
}
```
## Deployment
Ansible is used to provision both the primary GitLab instance and the GitLab runner.
Run:
```bash
ansible-galaxy -r requirements.yml
ansible-playbook main.yml
```
## First time setup
SSH onto the GitLab instance and run:
```bash
grep 'Password:' /etc/gitlab/initial_root_password
```
Then login to the web interface with the username `root` and the password from above.
1. Change admin password
1. Disable sign ups
## Resources
- https://github.com/geerlingguy/ansible-role-gitlab
- https://github.com/riemers/ansible-gitlab-runner
- https://wyssmann.com/blog/2021/04/dynamic-inventory-with-ansible-and-hetzner-robot-and-hetzner-cloud/

4
ansible.cfg Normal file
View File

@ -0,0 +1,4 @@
[defaults]
inventory = inventory/prod
log_path = /var/log/ansible.log
remote_user = root

2
inventory/prod Normal file
View File

@ -0,0 +1,2 @@
[primary]
116.203.134.10

6
main.yml Normal file
View File

@ -0,0 +1,6 @@
---
- hosts: primary
vars_files:
- vars/primary.yml
roles:
- geerlingguy.gitlab

6
requirements.yml Normal file
View File

@ -0,0 +1,6 @@
---
roles:
- name: geerlingguy.gitlab
collections:
- name: hetzner.hcloud

4
vars/primary.yml Normal file
View File

@ -0,0 +1,4 @@
gitlab_domain: git.vimium.com
gitlab_create_self_signed_cert: false
gitlab_letsencrypt_enable: true
gitlab_letsencrypt_contact_emails: ["hostmaster@vimium.com"]