Version information
This version is compatible with:
- Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
- Puppet >=3.7.0 <5.0.0
- , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'puppet-gitlab', '1.16.1'
Learn more about managing modules with a PuppetfileDocumentation
Table of Contents
- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with gitlab
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Overview
This Puppet module installs and manages Gitlab. It makes use of the provided Omnibus packages and the packagecloud package repositories.
Please note: The module vshn/gitlab has been deprecated and is now available under Vox Pupuli puppet/gitlab.
Module Description
The module installs the Gitlab package from the provided repositories and creates the configuration file
which is then used by gitlab-ctl reconfigure
to configure all the services. Fun fact: This really uses
Chef to configure all the services.
Supported are Debian based (Ubuntu, Debian) and RedHat based (CentOS, RHEL) operating systems.
Beaker acceptance tests are run in Travis for CentOS 6 and Ubuntu 12.04.
As Gitlab is providing the package repo since 7.10+, this module only works with CE edition greater than 7.10. Also the enterprise edition package is only available since 7.11+. So the EE is supported with versions greater than 7.11.
Setup
What gitlab affects
- Package repository (APT or YUM)
- Package
gitlab-ce
orgitlab-ee
(depending on the chosen edition) - Configuration file
/etc/gitlab/gitlab.rb
- System service
gitlab-runsvdir
- Gitlab configuration using
gitlab-ctl reconfigure
Setup Requirements
Have a look at the official download page for the required prerequisits (f.e. Postfix). This module doesn't handle them, that's the job of the specific modules.
It requires only the puppetlabs-apt module when using it under
a Debian based OS and the paramater manage_package_repo
is not false. Furthermore the stdlib
module is required.
At least on RedHat based OS versions, it's required that Puppet is configured with
the stringify_facts
setting set to false
(Puppet < 4.0), otherwise
the $::os
fact used in install.pp
doesn't work as expected.
Beginning with Gitlab
Just include the class and specify at least external_url
. If external_url
is not specified it will default to the FQDN fact of the system.
class { 'gitlab':
external_url => 'http://gitlab.mydomain.tld',
}
The module also supports Hiera, here comes an example:
gitlab::external_url: 'http://gitlab.mydomain.tld'
gitlab::gitlab_rails:
time_zone: 'UTC'
gitlab_email_enabled: false
gitlab_default_theme: 4
gitlab_email_display_name: 'Gitlab'
gitlab::sidekiq:
shutdown_timeout: 5
If one wants to install Gitlab Enterprise Edition, just define the parameter edition
with the value ee
:
class { 'gitlab':
external_url => 'http://gitlab.mydomain.tld',
edition => 'ee',
}
Note: This works only for Gitlab version 7.11 and greater. See this blog entry: GitLab 7.11 released with Two-factor Authentication and a publicly viewable Enterprise Edition
Usage
To find the default values, have a look at params.pp
. All other parameters are documented
inside init.pp
.
The main class (init.pp
) exposes the configuration sections from the gitlab.rb
configuration file
as hashes. So if there are any parameter changes in future versions of Gitlab, the module should support
them right out of the box. Only if there would be bigger changes to sections, the module would need
some updates.
All possible parameters for gitlab.rb
can be found here: gitlab.rb.template
Some examples:
class { 'gitlab':
external_url => 'http://gitlab.mydomain.tld',
gitlab_rails => {
'webhook_timeout' => 10,
'gitlab_default_theme' => 2,
},
logging => {
'svlogd_size' => '200 * 1024 * 1024',
},
}
Gitlab secrets
To manage /etc/gitlab/gitlab-secrets.json
the parameter secrets
accepts a hash.
Here is an example how to use it with Hiera:
gitlab::secrets:
gitlab_shell:
secret_token: 'asecrettoken1234567890'
gitlab_rails:
secret_token: 'asecrettoken123456789010'
gitlab_ci:
secret_token: null
secret_key_base: 'asecrettoken123456789011'
db_key_base: 'asecrettoken123456789012'
Hint 1: This secret tokens can be generated f.e. using Ruby with SecureRandom.hex(64)
, or
taken out of an installation without having secrets
used.
Hint 2: When using the gitlab_ci
parameter to specify the gitlab_server
, then this parameters
must be added also to the secrets
hash (Omnibus overrides gitlab-secrets.json
).
LDAP configuration example
Here is an example how to configure LDAP using Hiera:
gitlab::gitlab_rails:
ldap_enabled: true
ldap_servers:
myldapserver:
label: 'Company LDAP'
host: 'ldap.company.tld'
port: 389
uid: 'uid'
method: 'plain' # "tls" or "ssl" or "plain"
bind_dn: 'MYBINDDN'
password: 'MYBINDPW'
active_directory: false
allow_username_or_email_login: false
block_auto_created_users: false
base: 'MYBASEDN'
group_base: 'MYGROUPBASE'
user_filter: ''
Gitlab CI Runner Config
Here is an example how to configure Gitlab CI runners using Hiera:
To use the Gitlab CI runners it is required to have the garethr/docker module.
$manage_docker
can be set to false if docker is managed externaly.
classes:
- gitlab::cirunner
gitlab::cirunner::concurrent: 4
gitlab::cirunner::metrics_server: "localhost:8888"
gitlab_ci_runners:
test_runner1:{}
test_runner2:{}
test_runner3:
url: "https://git.alternative.org/ci"
registration-token: "abcdef1234567890"
gitlab_ci_runners_defaults:
url: "https://git.example.com/ci"
registration-token: "1234567890abcdef"
executor: "docker"
docker-image: "ubuntu:trusty"
NGINX Configuration
Configuration of the embedded NGINX instance is handled by the /etc/gitlab/gitlab.rb
file. Details on available configuration options are available at http://doc.gitlab.com/omnibus/settings/nginx.html. Options listed here can be passed in to the nginx
parameter as a hash. For example, to enable ssh redirection:
class { 'gitlab':
external_url => 'https://gitlab.mydomain.tld',
nginx => {
redirect_http_to_https => true,
},
}
Similarly, the certificate and key location can be configured as follows:
class { 'gitlab':
external_url => 'https://gitlab.mydomain.tld',
nginx => {
ssl_certificate => '/etc/gitlab/ssl/gitlab.example.com.crt',
ssl_certificate_key => '/etc/gitlab/ssl/gitlab.example.com.key'
},
}
Gitlab Custom Hooks
Manage custom hook files within a GitLab project. Custom hooks can be created as a pre-receive, post-receive, or update hook. It's possible to create different custom hook types for the same project - one each for pre-receive, post-receive and update.
gitlab::custom_hook { 'my_custom_hook':
namespace => 'my_group',
project => 'my_project',
type => 'post-receive',
source => 'puppet:///modules/my_module/post-receive',
}
or via hiera
gitlab::custom_hooks:
my_custom_hook:
namespace: my_group
project: my_project
type: post-receive
source: 'puppet:///modules/my_module/post-receive'
Since GitLab Shell 4.1.0 and GitLab 8.15 Chained hooks are supported. You can create global hooks which will run for each repository on your server. Global hooks can be created as a pre-receive, post-receive, or update hook.
gitlab::global_hook { 'my_custom_hook':
type => 'post-receive',
source => 'puppet:///modules/my_module/post-receive',
}
or via hiera
gitlab::global_hooks:
my_custom_hook:
type: post-receive
source: 'puppet:///modules/my_module/post-receive'
Gitlab CI Runner Limitations
The Gitlab CI runner installation is at the moment only tested on Ubuntu 14.04.
Development
- Fork it (https://github.com/voxpupuli/puppet-gitlab/fork)
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request
Make sure your PR passes the Rspec tests.
Contributors
Have a look at Github contributors to see a list of all the awesome contributors to this Puppet module. <3 This module was created and maintained by VSHN AG until the end of 2017. It was then donated to Voxpupuli so that a broader community is able to maintain the module.
Changelog
All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module.
v1.16.1 (2018-02-07)
Merged pull requests:
v1.16.0 (2018-02-07)
Implemented enhancements:
- Verify package signatures on RedHat #163
Fixed bugs:
- Regression: yum $releasever results in 404 error for RHEL yum repo #153
Closed issues:
- Deploy current version of GitLab Runner #166
- GitLab 10: Your git_dta_dirs settings is deprecated #162
- Support new package repo #157
- puppet-gitlab requires outdated module dependencies #152
- Broken LDAP #138
Merged pull requests:
- Release 1.16.0 #190 (tobru)
- Ensure spec test use hiera fixtures. #181 (andrekeller)
- Update for rubocop compliance #179 (mterzo)
- Fixes via rubocop -a #176 (kallies)
- fix typo #175 (bc-bjoern)
- initial modulesync #174 (tobru)
- Transfer module to Vox Pupuli #173 (tobru)
- Fix repo URL for RHEL 7. Enable gpgcheck and add in gitlab-ee key. #172 (mhyzon)
- apt dep version bump #169 (minorOffense)
- Add support for metrics_server in CI Runner #167 (djjudas21)
- Fix for new git_data_dirs syntax in Gitlab 10 #164 (flyinbutrs)
- Add 'package_name' param to cirunner class #160 (dandunckelman)
- Add backup job #155 (b4ldr)
- add support for chained global hooks #154 (hboomsma)
v1.15.2 (2017-09-28)
Closed issues:
- Different directory name inside the Forge package #151
v1.15.1 (2017-07-28)
v1.15.0 (2017-07-28)
Closed issues:
Merged pull requests:
- Gitlab geo #149 (shaheed121)
- Drop warning about RPM support #142 (djjudas21)
v1.14.0 (2017-05-22)
Implemented enhancements:
- Review gitlab.rb Template #103
Closed issues:
- Unable to disable prometheus monitoring due to template #135
- Module Compatible on Enterprise Linux ? #134
- Add parameter to allow to skip auto migrations #132
- registry_external_url not recognised in hiera #113
- Feature: re-enable signup disable #112
- When specifying LDAP configuration, puppet creates a gitlab.rb file with the wrong syntax #92
Merged pull requests:
- Refactor unit tests to iterate over all supported OS's #131 (LongLiveCHIEF)
- Added Gitaly related params + fixed template for redis/sentinel related data. #130 (shaheed121)
- Adding support to confifure redis HA while using omnibus package #129 (shaheed121)
- Fix spec test #128 (op-ct)
- Adds ability to specify git_data_dirs #110 (logicminds)
v1.13.3 (2017-04-04)
v1.13.2 (2017-04-03)
v1.13.1 (2017-04-03)
v1.13.0 (2017-04-03)
v1.12.0 (2017-04-03)
Closed issues:
- Registry Configuration incorrectly formatted #127
- Omnibus overwrites
gitlab-secrets.json
#122 - CI Runner options #117
- xz-utils incorrect name for CentOS #114
Merged pull requests:
- add possibility to config prometheus exporters #126 (cristifalcas)
- fixed method for sorting hashes in gitlab.rb to sort ldap hashes too #116 (rwuest)
- In CentOS land - this is just xz #115 (mlosapio)
- Add settings for Prometheus #111 (mansong1)
- fixed the use of Integers in gitlab_rails Settings inside gitlab.rb #109 (rwuest)
- cirunner: merge hashes for runner configuration #108 (knackaron)
- cirunner: add missing hard dependency for xz-utils #105 (roock)
- cirunner: fix missing dependency to apt-transport-https #104 (roock)
v1.11.0 (2016-12-23)
Implemented enhancements:
Closed issues:
Merged pull requests:
- Fix #82 #102 (dhollinger)
- Fix incorrect syntax in "gitlab_rails['ldap_servers']" field #100 (jnicholas1)
- External url #97 (willtome)
- Refactor beaker tests for Travis #96 (petems)
- Fixes beaker tests #95 (petems)
- Add systemd_compatibility #94 (petems)
- Added external_port parameter #93 (blakejakopovic)
- Allow "Disable storage directories management" #91 (gdowmont)
- Add Beaker Travis acceptance tests #89 (petems)
v1.10.0 (2016-08-10)
Implemented enhancements:
Fixed bugs:
- Issues with Puppet 4.5.3 and Rspec-Puppet #85
Closed issues:
- gitlab-secrets.json is destroyed and recreated on every puppet run #87
- parametirize the repo path #86
- unrecognized option '--version' #65
- Failed to call refresh: Could not restart Service[gitlab-runsvdir] #64
- yum repo is incompatible for Amazon Linux #46
Merged pull requests:
- Added registry configuration hash option #84 (jkroepke)
- Typo fix: 'oder' -> 'or' #83 (Anovadea)
- Allow settings of custom gitlab.rb config file #69 (agray1017)
v1.9.2 (2016-06-14)
Closed issues:
- Bump version to > 1.8.0 #78
v1.9.1 (2016-06-14)
v1.9.0 (2016-06-14)
Implemented enhancements:
- Add support for Docker registry #74
Closed issues:
- Invalid parameter registry_external_url on Class[Gitlab] #81
- Make config file management configurable #79
- Error: Execution of '/usr/sbin/update-rc.d gitlab-runsvdir defaults' returned 1: update-rc.d: error: unable to read /etc/init.d/gitlab-runsvdir #72
- gitlab::gitlab_rails hash merge not working #66
Merged pull requests:
- Make config file management configurable #80 (divansantana)
- Add support for Registry #76 (llauren)
- Add package_ensure parameter for gitlab-ci-multi-runner package. #70 (thlapin)
- Fix cirunner failure-message for unsupported OS families #68 (gerhardsam)
- add documentation #63 (b4ldr)
v1.8.0 (2016-03-11)
Implemented enhancements:
- Add support for pages #60
- Add support for gitlab-workhorse configuration. #59
- Cleanup CI parameters #37
Closed issues:
- ldap_servers hash order #51
- Service enabled check fails on CentOS 6 #50
- Make sure apt-transport-https is installed on Debian OS #47
Merged pull requests:
- 59 gitlab workhorse #62 (tunasalat)
- Do not enable service by default on RHEL6 #58 (petems)
- Fix rspec tests #57 (petems)
- Fixes Beaker hosts and test #55 (petems)
- add custom hooks #54 (b4ldr)
- Add RedHat support for cirunner #53 (petems)
v1.7.2 (2016-01-22)
Closed issues:
Merged pull requests:
- As this template is writing a config file based on some hashes and ha… #52 (msutter)
- Add information about how the module handles NGINX configuration. #49 (bgshacklett)
- Cleanup coding-style issues. #45 (andrekeller)
v1.7.1 (2015-12-23)
Implemented enhancements:
- Add CI multi runner installation and configuration #21
Closed issues:
- gitlab-runsvdir.service not enabled running on CentOS 7 #27
Merged pull requests:
- service enabled for all distro's #27 #43 (witjoh)
- Fix this module should work with out having to set the stringify_facts option #41 (jcsmith)
v1.7.0 (2015-11-25)
Closed issues:
- support for omniauth configuration #38
Merged pull requests:
- Add 'manage_package' parameter #40 (iamjamestl)
- Gitlab CI Runner #39 (maetthu-indermuehle)
v1.6.0 (2015-11-06)
Fixed bugs:
- Decorator Creates to many quotes #36
Closed issues:
Merged pull requests:
- allow disabling of omnibus user management #34 (alexsmithhp)
- Fix issues with deprecated values in apt::source #33 (b4ldr)
- Added the sym-link to the GitLab service executable in the /etc/init.d/. #31 (valdemon)
- Fix unrecognized datatypes inside array in decorate method #29 (deadratfink)
v1.5.0 (2015-08-27)
Closed issues:
- Question: can i configure ldap for gitlab with this puppet module? #23
- Question: Would this module work with puppet 3.6.2? #20
Merged pull requests:
v1.4.0 (2015-07-24)
Closed issues:
- Add 'db_key_base' for Gitlab CI 7.13 #22
Merged pull requests:
- Fix rails parameter in hiera example. #19 (thlapin)
- Simplify the decorator for hashes. This allows nested hashes to be output correctly. #18 (thlapin)
v1.3.0 (2015-07-17)
Closed issues:
- Not working on RHEL7? #17
- bump puppetlabs-apt supported version #16
- Wrong package url for Debian #11
- Will this puppet module be maintained? #8
Merged pull requests:
- Added check for external database #15 (sd-robbruce)
- RedHat releasever #14 (sd-robbruce)
- Updated erb template to accomodate for values being hashes #13 (sd-robbruce)
- Fixed bug with gitlab.rb.erb template for use with git_data_dir #10 (sd-robbruce)
- Adds vagrant file #9 (spuder)
v1.2.2 (2015-07-07)
Merged pull requests:
- Omnibus service fix and template improvement #7 (jrwesolo)
- Added Tags to the metadata #6 (maetthu-indermuehle)
v1.2.1 (2015-06-29)
v1.2.0 (2015-06-23)
Closed issues:
- rails vs gitlab_rails? #3
Merged pull requests:
- Remove rails; it's a duplicate of gitlab_rails. #5 (tdb)
- Add high_availability config section. #4 (tdb)
v1.1.0 (2015-06-17)
Merged pull requests:
v1.0.3 (2015-06-16)
v1.0.2 (2015-05-29)
v1.0.1 (2015-05-29)
v1.0.0 (2015-05-29)
* This Changelog was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (4.x)
- puppetlabs/apt (>=2.1.0 <5.0.0)
Copyright (c) 2015, VSHN AG, info@vshn.ch All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of VSHN nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.