infrastructure/gitlab
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-04-10. You can view files and clone it, but cannot push or open issues or pull requests.
gitlab/README.md

88 lines
2.1 KiB
Markdown
Raw Permalink Blame History

# Vimium GitLab
Self hosted [GitLab](https://about.gitlab.com/install) instance on Vimium.com. Deployed on Hetzner Cloud in the Nuremberg datacentre.
## Prerequisites
Create an API key in the Hetzner Cloud GUI (Project -> Security -> API Tokens) with the name `gitlab`. This may already be accessible via `pass api/hetzner/gitlab`.
### SSH key
Replace :bearer with your API token from above and :sshkey with your SSH key.
```
POST https://api.hetzner.cloud/v1/ssh_keys HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json
{
"name": "jordan",
"public_key": ":sshkey"
}
```
### Create the primary server
This instance will run GitLab CE.
```
POST https://api.hetzner.cloud/v1/servers HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json
{
"name": "gitlab-nbg1-1",
"server_type": "cx31",
"location": "nbg1",
"start_after_create": true,
"image": "debian-10",
"labels": {"gitlab-role": "primary"},
"ssh_keys": [
"jordan"
],
"automount": false
}
```
### Create the GitLab Runner instance
```
POST https://api.hetzner.cloud/v1/servers HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json
{
"name": "gitlab-runner-nbg1-1",
"server_type": "cpx11",
"location": "nbg1",
"start_after_create": true,
"image": "debian-10",
"labels": {"gitlab-role": "runner"},
"ssh_keys": [
"jordan"
],
"automount": false
}
```
## Deployment
Ansible is used to provision both the primary GitLab instance and the GitLab runner.
Run:
```bash
ansible-galaxy -r requirements.yml
ansible-playbook main.yml --ask-vault-pass
```
The vault password can be obtained from `pass ansible/infrastructure`.
## First time setup
SSH onto the GitLab instance and run:
```bash
grep 'Password:' /etc/gitlab/initial_root_password
```
Then login to the web interface with the username `root` and the password from above.
1. Change admin password
1. Disable sign ups
## Resources
- https://github.com/geerlingguy/ansible-role-gitlab
- https://github.com/riemers/ansible-gitlab-runner
- https://wyssmann.com/blog/2021/04/dynamic-inventory-with-ansible-and-hetzner-robot-and-hetzner-cloud/
Reference in New Issue View Git Blame Copy Permalink