path: root/host_vars/staging-git.morello-project.org

---
sshd_port: 2222
docker_host: yes
docker_image_name: "gitlab/gitlab-ee:13.5.1-ee.0"
dovecot_user: gitlab
dovecot_allow_plaintext_auth: true
postfix_allow_inbound: true
postfix_networks: 172.17.0.0/16
gitlab_mail_server: smtp

#Leaving this in as an example of how to get oauth working
#oauth_github_app_id: 5cfb58f2db190e0eedca

gitlab_config: |
 external_url 'https://{{ inventory_hostname }}/'
 gitlab_rails['lfs_enabled'] = true
 gitlab_rails['monitoring_whitelist'] = ['95.217.117.19']

 {{ gitlab_config_outbound_mail }}
 {{ gitlab_config_inbound_mail }}
 {{ gitlab_config_object_storage }}
 {{ gitlab_config_limits }}
#Leaving this in as an example of how to get oauth working
# {{ gitlab_config_oauth }}

gitlab_config_object_storage: |
 gitlab_rails['object_store']['enabled'] = true
 gitlab_rails['object_store']['proxy_download'] = true
 gitlab_rails['object_store']['connection'] = {
   'provider' => 'AWS',
   'region' => 'us-east-1',
   'use_iam_profile' => true,
 }
 gitlab_rails['object_store']['objects']['artifacts']['bucket'] = 'morello-gl-artifacts'
 gitlab_rails['object_store']['objects']['external_diffs']['bucket'] = 'morello-gl-external-diffs'
 gitlab_rails['object_store']['objects']['lfs']['bucket'] = 'morello-gl-lfs-objects'
 gitlab_rails['object_store']['objects']['uploads']['bucket'] = 'morello-gl-uploads'
 gitlab_rails['object_store']['objects']['packages']['bucket'] = 'morello-gl-packages'
 gitlab_rails['object_store']['objects']['dependency_proxy']['bucket'] = 'morello-gl-dependency-proxy'
 gitlab_rails['object_store']['objects']['terraform_state']['bucket'] = 'morello-gl-terraform-state'

gitlab_config_limits: |
 gitaly['concurrency'] = [
  {
    'rpc' => "/gitaly.SmartHTTPService/PostUploadPack",
    'max_per_repo' => 10
  },
  {
    'rpc' => "/gitaly.SSHService/SSHUploadPack",
    'max_per_repo' => 10
  }
 ]

gitlab_config_outbound_mail: |
  gitlab_rails['gitlab_email_enabled'] = true
  gitlab_rails['gitlab_email_from'] = 'gitlab@{{ inventory_hostname }}'
  gitlab_rails['gitlab_email_display_name'] = 'Morello Project Gitlab'
  gitlab_rails['gitlab_email_reply_to'] = 'noreply@{{ inventory_hostname }}'
  gitlab_rails['gitlab_email_subject_suffix'] = ''
  gitlab_rails['gitlab_email_smime_enabled'] = false
  gitlab_rails['smtp_enable'] = true
  gitlab_rails['smtp_address'] = "{{ gitlab_mail_server }}"
  gitlab_rails['smtp_port'] = 25
  gitlab_rails['smtp_domain'] = "{{ gitlab_mail_server }}"
  gitlab_rails['smtp_tls'] = false
  gitlab_rails['smtp_openssl_verify_mode'] = 'none'
  gitlab_rails['smtp_enable_starttls_auto'] = false
  gitlab_rails['smtp_tls'] = false
  gitlab_rails['smtp_force_tls'] = false

gitlab_config_inbound_mail: |
  gitlab_rails['incoming_email_enabled'] = true
  gitlab_rails['incoming_email_address'] = "gitlab@git.morello-project.org"
  gitlab_rails['incoming_email_email'] = "{{ dovecot_user }}"
  gitlab_rails['incoming_email_password'] = "{{ dovecot_password }}"
  gitlab_rails['incoming_email_host'] = "{{ gitlab_mail_server }}"
  gitlab_rails['incoming_email_port'] = 143
  gitlab_rails['incoming_email_ssl'] = false
  gitlab_rails['incoming_email_start_tls'] = false
  gitlab_rails['incoming_email_mailbox_name'] = "inbox"
  gitlab_rails['incoming_email_idle_timeout'] = 60
  gitlab_rails['incoming_email_log_file'] = "/var/log/gitlab/mailroom/mail_room_json.log"
  gitlab_rails['incoming_email_expunge_deleted'] = true

#Leaving this in as an example of how to get oauth working
#gitlab_config_oauth: |
#  gitlab_rails['omniauth_providers'] = [
#    {
#      "name" => "github",
#      "app_id" => "{{ oauth_github_app_id }}",
#      "app_secret" => "{{ oauth_github_secret }}",
#      "args" => { "scope" => "user:email" }
#    }
#  ]
#  gitlab_rails['omniauth_allow_single_sign_on'] = ['github']
#  gitlab_rails['omniauth_block_auto_created_users'] = false
#  gitlab_rails['omniauth_sync_profile_from_provider'] = ['github']
#  gitlab_rails['omniauth_sync_profile_attributes'] = ['name', 'email', 'location']