refactor(web-app-gitlab): restructure configuration and add OIDC support

- Added oidc feature flag in config - Removed obsolete credentials schema (initial_root_password) - Updated docker-compose.yml.j2 to use explicit GITLAB_* vars (image, version, container, volumes) - Moved initial_root_password into vars/main.yml - Introduced GITLAB_OMNIBUS_BASE and GITLAB_OMNIBUS_OIDC config lists - Switched env.j2 to use GITLAB_OMNIBUS_ALL join See conversation: https://chatgpt.com/share/68b1962c-3ee0-800f-a858-d4590ff6132a
2025-08-30 15:28:12 +02:00 · 2025-08-29 14:02:46 +02:00
parent 3ed84717a7
commit f4ea6c6c0f
5 changed files with 90 additions and 44 deletions
--- a/roles/web-app-gitlab/templates/env.j2
+++ b/roles/web-app-gitlab/templates/env.j2
@@ -1,22 +1 @@
-{# env.j2 #}
-{% set config_lines = [
-  "external_url 'https://{{ domain }}'",
-  "postgresql['enable']=false",
-  "gitlab_rails['gitlab_shell_ssh_port']={{ ports.public.ssh[application_id] }}",
-  "gitlab_rails['db_adapter']='postgresql'",
-  "gitlab_rails['db_encoding']='utf8'",
-  "gitlab_rails['db_host']='{{ database_host }}'",
-  "gitlab_rails['db_port']='{{ database_port }}'",
-  "gitlab_rails['db_username']='{{ database_username }}'",
-  "gitlab_rails['db_password']='{{ database_password }}'",
-  "gitlab_rails['db_database']=\"{{ database_name }}\"",
-  "nginx['listen_port']=80",
-  "nginx['listen_https']=false",
-  "",
-  "gitlab_rails['initial_root_password']=\"{{ gitlab_initial_root_password }}\"",
-  "",
-  "redis['enable']=false",
-  "gitlab_rails['redis_host']='redis'",
-  "gitlab_rails['redis_port']='6379'"
-] %}
-GITLAB_OMNIBUS_CONFIG="{{ config_lines | join('\\n') }}"
+GITLAB_OMNIBUS_CONFIG="{{ GITLAB_OMNIBUS_ALL | join('\\n') }}"