--- gitlab_config_template: "etc/gitlab/rocky_gitlab.rb" gitlab_domain: git.rockylinux.org gitlab_external_url: "https://{{ gitlab_domain }}/" # Location where all the git repositories will be stored. gitlab_git_data_dir: "/var/opt/gitlab/git-data" gitlab_backup_path: "/var/opt/gitlab/backups" gitlab_edition: "gitlab-ee" gitlab_redirect_http_to_https: "true" # SSL Self-signed Certificate Configuration. # Eventually we will have legitimate certificates to use, such as LetsEncrypt gitlab_create_self_signed_cert: "true" gitlab_self_signed_cert_subj: "/C=US/ST=Missouri/L=Saint Louis/O=IT/CN={{ gitlab_domain }}" gitlab_ssl_certificate: "/etc/gitlab/ssl/{{ gitlab_domain }}.crt" gitlab_ssl_certificate_key: "/etc/gitlab/ssl/{{ gitlab_domain }}.key" gitlab_ssl_cert: "/etc/pki/tls/certs/{{ gitlab_domain }}.crt" gitlab_ssl_key: "/etc/pki/tls/private/{{ gitlab_domain }}.key" gitlab_ipa_cert: "true" gitlab_certbot: "false" # LDAP Configuration gitlab_ldap_enabled: "true" gitlab_ldap_host: "{{ rocky_ipaserver_lb }}" gitlab_ldap_port: "389" gitlab_ldap_uid: "uid" gitlab_ldap_method: "start_tls" gitlab_ldap_bind_dn: "{{ rocky_ldap_bind_dn }}" gitlab_ldap_password: "{{ rocky_ldap_bind_pw }}" gitlab_ldap_base: "{{ rocky_ldap_user_basedn }}" gitlab_ldap_group_dn: "{{ rocky_ldap_group_basedn }}" gitlab_ldap_admin_group: "gitadm" gitlab_ldap_user_filter: "(&(objectClass=posixAccount)(memberOf=cn=gitusers,cn=groups,cn=accounts,dc=rockylinux,dc=org))" gitlab_time_zone: "UTC" # Validates Certifications when downloading Gitlab Installation repo gitlab_download_validate_certs: true # Email and SMTP configuration (For the future) # Email configuration. gitlab_email_enabled: "true" gitlab_email_from: "git@rockylinux.org" gitlab_email_display_name: "Gitlab" gitlab_email_reply_to: "noreply@rockylinux.org" # SMTP configuration gitlab_smtp_enable: "false" gitlab_smtp_address: "smtp.gmail.com" gitlab_smtp_port: "587" gitlab_smtp_user_name: "username@gmail.com" gitlab_smtp_password: "whateverThisIs" gitlab_smtp_domain: "gmail.com" gitlab_smtp_authentication: "login" gitlab_smtp_enable_starttls_auto: "true" gitlab_smtp_tls: "true" gitlab_smtp_openssl_verify_mode: "none" gitlab_smtp_ca_path: "/etc/pki/tls/certs" gitlab_smtp_ca_file: "/etc/pki/tls/certs/ca-bundle.crt" # In case of reverse proxy gitlab_nginx_listen_https: "true" gitlab_default_theme: 2 gitlab_external_db: true gitlab_external_db_host: db.rockylinux.org gitlab_external_db_user: gitlab gitlab_external_db_password: "{{ gitlab_db_pass }}" gitlab_registry_enable: "true" gitlab_registry_external_url: "https://git.rockylinux.org:5050" gitlab_registry_nginx_ssl_certificate: "{{ gitlab_ssl_certificate }}" gitlab_registry_nginx_ssl_certificate_key: "{{ gitlab_ssl_certificate_key }}" gitlab_trusted_proxies: - 10.100.20.20/32 ipa_getcert_requested_hostnames: - name: "{{ ansible_fqdn }}" owner: nginx key_location: "{{ gitlab_ssl_key }}" cert_location: "{{ gitlab_ssl_cert }}" postcmd: "/usr/local/bin/fix_gitlab_certs.sh" cnames: - "git.rockylinux.org" ...