main.yml

---

- name: Set filename from current date & time
  set_fact:
    config_date_time: "{{ ansible_date_time.date }}_{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}-{{ ansible_date_time.second }}"

- name: Install a list of packages
  ansible.builtin.apt:
    update_cache: yes
    state: present
    pkg:
    - curl
    - openssh-server
    - ca-certificates
    - tzdata
    - perl
    - gnupg
    - apt-transport-https

- name: Install Debian archive keyring
  ansible.builtin.apt:
    update_cache: yes
    state: present
    pkg:
    - debian-archive-keyring
  when: ansible_distribution == 'Debian'

- name: Add an Apt signing key, uses whichever key is at the URL
  ansible.builtin.apt_key:
    url: https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
    state: present

- name: Add specified repository into sources list
  ansible.builtin.apt_repository:
    repo: deb https://packages.gitlab.com/gitlab/gitlab-ce/{{ ansible_distribution | lower }}/ {{ ansible_distribution_release | lower }} main
    filename: gitlab_gitlab-ce
    state: present

# - name: Create a directory for trusted-certs
#   file:
#     path: "/etc/gitlab/trusted-certs"
#     state: directory
#     mode: '0755'

# - name: Install and configure external ssl
#   block:
#     - name: Create a directory for ssl
#       file:
#         path: "/etc/gitlab/ssl"
#         state: directory
#         mode: '0755'

#     - name: Create a symbolic link to /opt/ssl/fullchain.pem
#       file:
#         src: /opt/ssl/fullchain.pem
#         dest: "/etc/gitlab/ssl/{{ item }}.crt"
#         owner: root
#         group: root
#         state: link
#       loop: "{{ gitlab_hostnames }}"
#       notify: Reconfigure gitlab

#     - name: Create a symbolic link to /opt/ssl/privkey.pem
#       file:
#         src: /opt/ssl/privkey.pem
#         dest: "/etc/gitlab/ssl/{{ item }}.key"
#         owner: root
#         group: root
#         state: link
#       loop: "{{ gitlab_hostnames }}"
#       notify: Reconfigure gitlab
#   when: gitlab_custom_ssl|default(False) == False

- name: Create a directory for external configs
  ansible.builtin.file:
    path: "/opt/gitlab.rb"
    state: directory
    owner: root
    group: root
    mode: '0755'

- name: Template a file to /opt/gitlab.rb/_version_
  ansible.builtin.copy:
    content: |
      {{ gitlab_config }}
    dest: "/opt/gitlab.rb/{{ config_date_time }}"
    owner: root
    group: root
    mode: '0644'

- name: Create a directory for gitlab configs
  ansible.builtin.file:
    path: "/etc/gitlab"
    state: directory
    owner: root
    group: root
    mode: '0755'

- name: Create a hard link to /opt/gitlab.rb/_version_
  ansible.builtin.file:
    src: "/opt/gitlab.rb/{{ config_date_time }}"
    dest: /etc/gitlab/gitlab.rb
    owner: root
    group: root
    mode: '0644'
    state: hard
    force: yes
  notify: Reconfigure gitlab

- name: Install gitlab-ce
  ansible.builtin.apt:
    update_cache: yes
    state: present
    pkg:
    - gitlab-ce
  notify: Reconfigure gitlab

- name: Enable & start service gitlab-ce
  ansible.builtin.systemd:
    state: started
    enabled: yes
    masked: no
    daemon_reload: yes
    name: gitlab-runsvdir