Add GitLab EE Ansible role (temp location - move to infrastructure/ansible)

infrastructure/ansible/playbooks/services/gitlab.yml

@@ -0,0 +1,6 @@
+---
+- name: Deploy GitLab EE
+  hosts: gitlab
+  become: true
+  roles:
+    - gitlab

infrastructure/ansible/roles/gitlab/defaults/main.yml

@@ -0,0 +1,17 @@
+---
+gitlab_base_path: "{{ base_config_dir }}/gitlab"
+gitlab_config_path: "{{ gitlab_base_path }}/config"
+gitlab_logs_path: "{{ gitlab_base_path }}/logs"
+gitlab_data_path: "{{ gitlab_base_path }}/data"
+gitlab_state_path: "{{ gitlab_base_path }}/state"
+
+gitlab_hostname: gitlab.example.com
+gitlab_external_url: http://gitlab.example.com
+gitlab_ssh_port: 2222
+
+gitlab_proxy_port: 8080
+gitlab_http_port: 80
+gitlab_https_port: 443
+
+gitlab_gitlab_ee_image: gitlab/gitlab-ee:latest
+gitlab_nginx_image: nginx:alpine

infrastructure/ansible/roles/gitlab/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Restart GitLab
+  community.docker.docker_compose_v2:
+    project_src: "{{ gitlab_base_path }}"
+    state: restarted

infrastructure/ansible/roles/gitlab/meta/main.yml

@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: docker

infrastructure/ansible/roles/gitlab/tasks/main.yml

@@ -0,0 +1,36 @@
+---
+- name: Create GitLab directories
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: "{{ docker_uid }}"
+    group: "{{ docker_gid }}"
+    mode: '0755'
+  loop:
+    - "{{ gitlab_config_path }}"
+    - "{{ gitlab_logs_path }}"
+    - "{{ gitlab_data_path }}"
+    - "{{ gitlab_state_path }}"
+
+- name: Deploy docker-compose.yml
+  ansible.builtin.template:
+    src: docker-compose.yml.j2
+    dest: "{{ gitlab_base_path }}/docker-compose.yml"
+    owner: "{{ docker_uid }}"
+    group: "{{ docker_gid }}"
+    mode: '0600'
+  notify: Restart GitLab
+
+- name: Deploy nginx reverse proxy config
+  ansible.builtin.template:
+    src: nginx.conf.j2
+    dest: "{{ gitlab_base_path }}/nginx.conf"
+    owner: "{{ docker_uid }}"
+    group: "{{ docker_gid }}"
+    mode: '0644'
+  notify: Restart GitLab
+
+- name: Deploy GitLab via Docker Compose
+  community.docker.docker_compose_v2:
+    project_src: "{{ gitlab_base_path }}"
+    state: present

infrastructure/ansible/roles/gitlab/templates/docker-compose.yml.j2

@@ -0,0 +1,29 @@
+---
+services:
+  gitlab:
+    image: {{ gitlab_gitlab_ee_image }}
+    hostname: {{ gitlab_hostname }}
+    environment:
+      GITLAB_EXTERNAL_URL: "{{ gitlab_external_url }}"
+      GITLAB_SSH_PORT: {{ gitlab_ssh_port }}
+    ports:
+      - "{{ gitlab_ssh_port }}:22"
+    volumes:
+      - {{ gitlab_config_path }}:/etc/gitlab
+      - {{ gitlab_logs_path }}:/var/log/gitlab
+      - {{ gitlab_data_path }}:/var/opt/gitlab
+      - {{ gitlab_state_path }}:/var/gitlab/state
+    restart: unless-stopped
+    shm_size: '256m'
+
+  proxy:
+    image: {{ gitlab_nginx_image }}
+    ports:
+      - "{{ gitlab_proxy_port }}:80"
+      - "{{ gitlab_https_port }}:443"
+    volumes:
+      - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
+    depends_on:
+      gitlab:
+        condition: service_started
+    restart: unless-stopped

infrastructure/ansible/roles/gitlab/templates/nginx.conf.j2

@@ -0,0 +1,27 @@
+upstream gitlab {
+    server gitlab:{{ gitlab_http_port }};
+}
+
+server {
+    listen 80;
+    server_name {{ gitlab_hostname }};
+
+    location / {
+        proxy_pass http://gitlab;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_buffering off;
+        proxy_request_buffering off;
+    }
+
+    # GitLab WebSocket support for git clone via HTTP
+    location /-/gitlab-lfs/objects {
+        proxy_pass http://gitlab;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}