Capture files and links from first manual installation

README.md

-Installs GitLab Community Edition
\ No newline at end of file
+Installs GitLab Community Edition
+
+Links:
+
+- GitLab Install on Ubuntu 12.04: https://about.gitlab.com/downloads
+-- sudo apt-get install curl openssh-server ca-certificates postfix
+-- curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
+-- sudo apt-get install gitlab-ce
+-- sudo nano /etc/gitlab/gitlab.rb
+-- sudo gitlab-ctl restart
+-- Configure Apache
+-- sudo gitlab-ctl reconfigure
+-- sudo service apache2 restart
+--- Username: root
+--- Password: 5iveL!fe
+- Trouble Shooting: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
+- Blog Install GitLab: http://paulshipley.id.au/blog/coding-tips/install-gitlab-on-ubuntu-14-04-using-apache2
+- GitLab / SSL / Apache: https://gitlab.com/gitlab-org/gitlab-recipes/blob/master/web-server/apache/gitlab-ssl.conf
+- GitLab other webserver: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/nginx.md
+- Ansible Sample: https://gitlab.xarif.de/thomass/ansible_roles/tree/master/thomass.gitlab

defaults/main.yml

+gitlab_config_host: localhost
+gitlab_config_email_from: example@example.com
+gitlab_config_email_display_name: GitLab
+gitlab_config_email_reply_to: noreply@example.com

meta/main.yml

+---
+dependencies:
+  - { role: common }
+  - { role: ruby }
+  - { role: redis, redis_config_portListening: false, redis_config_socketListening: true }
+  - { role: postgresql }

tasks/main.yml

+---
+- name: install prerequisites
+  sudo: yes
+  apt:
+    name: "{{ item}}"
+    state: present
+  with_items:
+    - libgdbm-dev
+    - libncurses5-dev
+    - openssh-server
+    - checkinstall
+    - libxslt-dev
+    - libicu-dev
+    - logrotate
+    - python-docutils
+    - pkg-config
+    - cmake
+    - libkrb5-dev
+    - nodejs
+    - git-core
+    - postfix
+    - postgresql
+    - postgresql-client
+    - libpq-dev
+    - nginx
+
+- name: create git user
+  sudo: yes
+  user:
+    name: git
+    comment: "GitLab"
+    groups: redis
+    state: present
+
+- name: configure git
+  sudo: yes
+  copy:
+    src: gitconfig
+    dest: /home/git/.gitconfig
+    owner: git
+    group: git
+    mode: 0664
+
+- name: create database user
+  sudo: yes
+  sudo_user: postgres
+  postgresql_user:
+    name: git
+    role_attr_flags: CREATEDB
+    state: present
+
+- name: create database table
+  sudo: yes
+  sudo_user: postgres
+  postgresql_db:
+    name: gitlabhq_production
+    owner: git
+    state: present
+
+- name: clone gitlab source
+  sudo: yes
+  sudo_user: git
+  git:
+    repo: https://gitlab.com/gitlab-org/gitlab-ce.git
+    version: 7-12-stable
+    dest: /home/git/gitlab
+  register: result
+
+- name: update config files
+  command: "cp {{ item }}.example {{ item }}"
+  args:
+    chdir: /home/git/gitlab/config
+  with_items:
+    - gitlab.yml
+    - unicorn.rb
+    - initializers/rack_attack.rb
+    - resque.yml
+  when: result | changed
+
+- name: copy database config file
+  copy:
+    src: database.yml
+    dest: /home/git/gitlab/config/database.yml
+    owner: git
+    group: git
+
+- name: configure gitlab.yml
+  replace:
+    dest: /home/git/gitlab/config/gitlab.yml
+    regexp: '(\s*{{ item.key }}{{":"}}).*'
+    replace: '\1 {{ item.value }}'
+  with_items:
+    - { key: "host" , value: "{{ gitlab_config_host }}" }
+    - { key: "email_from" , value: "{{ gitlab_config_email_from }}" }
+    - { key: "email_display_name" , value: "{{ gitlab_config_email_display_name }}" }
+    - { key: "email_reply_to" , value: "{{ gitlab_config_email_reply_to }}" }
+
+- name: setup folder permissions
+  sudo: yes
+  file:
+    path: "{{ item }}"
+    state: directory
+    owner: git
+    mode: u+rwX
+    recurse: yes
+  with_items:
+    - /home/git/gitlab/log
+    - /home/git/gitlab/tmp
+    - /home/git/gitlab/public/uploads
+    - /home/git/gitlab-satellites
+
+- name: reduce permissions for log directory
+  sudo: yes
+  file:
+    path: /home/git/gitlab/log
+    mode: go-w
+
+- name: reduce permissions for database config
+  sudo: yes
+  file:
+    path: /home/git/gitlab/config/database.yml
+    mode: o-rwx
+
+- name: reduce permissions for gitlab-satellites directory
+  sudo: yes
+  file:
+    path: /home/git/gitlab-satellites
+    mode: g=rx,o-rwx
+
+- name: install gems
+  sudo: yes
+  sudo_user: git
+  command: bundle install -j8 --deployment --without development test mysql aws kerberos
+  args:
+    chdir: /home/git/gitlab
+  when: result | changed
+
+- name: install gitlab shell
+  sudo: yes
+  sudo_user: git
+  command: bundle exec rake gitlab:shell:install[v2.6.3] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
+  args:
+    chdir: /home/git/gitlab
+  when: result | changed
+
+- name: initialize database
+  sudo: yes
+  sudo_user: git
+  command: echo yes | bundle exec rake gitlab:setup RAILS_ENV=production
+  args:
+    chdir: /home/git/gitlab
+  when: result | changed
+
+- name: install the init script
+  command: cp /home/git/gitlab/lib/support/init.d/gitlab /etc/init.d/gitlab
+  args:
+    creates: /etc/init.d/gitlab
+
+- name: make gitlab start on boot
+  service:
+    name: gitlab
+    enabled: yes
+
+- name: setup logrotate
+  sudo: yes
+  command: cp /home/git/gitlab/lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
+  args:
+    creates: /etc/logrotate.d/gitlab
+
+- name: compile assets
+  sudo: yes
+  sudo_user: git
+  command: bundle exec rake assets:precompile RAILS_ENV=production
+  args:
+    chdir: /home/git/gitlab
+  when: result | changed
+
+- name: start gitlab instance
+  sudo: yes
+  service:
+    name: gitlab
+    state: running
+
+- name: copy nginx configuration from gitlab
+  sudo: yes
+  command: cp /home/git/gitlab/lib/support/nginx/gitlab /etc/nginx/sites-available/gitlab
+  args:
+    creates: /etc/nginx/sites-available/gitlab
+
+- name: activate nginx gitlab site
+  sudo: yes
+  command: ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab
+  args:
+    creates: /etc/nginx/sites-enabled/gitlab
+
+- name: deactivate nginx default site
+  sudo: yes
+  command: rm -f /etc/nginx/sites-enabled/default
+
+- name: set FQND in gitlab config
+  replace:
+    dest: /etc/nginx/sites-enabled/gitlab
+    regexp: YOUR_SERVER_FQDN
+    replace: "{{ gitlab_config_host }}"
+
+- name: restart nginx
+  sudo: yes
+  service:
+    name: nginx
+    state: restarted

templates/default

+<VirtualHost *:80>
+    ServerAdmin admin@paragon-es.de
+    DocumentRoot /var/www
+
+    <Directory /var/www>
+      Allow from all
+      Options -MultiViews
+    </Directory>
+
+    ErrorLog /var/log/apache2/error.log
+    LogLevel warn
+    CustomLog /var/log/apache2/access.log combined
+</VirtualHost>
+
+<VirtualHost *:80>
+  ServerName gitlab.paragon-es.de
+  ServerSignature Off
+
+  RewriteEngine on
+  RewriteCond %{HTTPS} !=on
+  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
+</VirtualHost>
+
+<VirtualHost *:80>
+  ServerName xyoutrack.paragon-es.de
+  ServerSignature Off
+
+  RewriteEngine on
+  RewriteCond %{HTTPS} !=on
+  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
+</VirtualHost>
+
+<VirtualHost *:80>
+  ServerName youtrack.paragon-es.de
+  ServerSignature Off
+
+    ProxyRequests Off
+    <Proxy *:80>
+      Order deny,allow
+      Allow from all
+    </Proxy>
+    ProxyPass / http://127.0.0.1:8085/
+    ProxyPassReverse / http://127.0.0.1:8085/
+</VirtualHost>
+

templates/default-ssl

+NameVirtualHost *:443
+
+<VirtualHost _default_:443>
+    ServerName gitlab.paragon-es.de
+    ServerAdmin admin@paragon-es.de
+    ServerSignature Off
+    DocumentRoot /var/opt/gitlab
+
+    ProxyPreserveHost On
+    AllowEncodedSlashes NoDecode
+    RequestHeader set X_FORWARDED_PROTO 'https'
+
+    ProxyPass / http://127.0.0.1:8888/
+    ProxyPassReverse / http://127.0.0.1:8888/
+
+    ErrorLog ${APACHE_LOG_DIR}/gitlab-error.log
+    LogLevel warn
+    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+    SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+    CustomLog ${APACHE_LOG_DIR}/gitlab_ssl_access.log combined env=!forwarded
+    CustomLog ${APACHE_LOG_DIR}/gitlab_ssl_access.log proxy env=forwarded
+
+    SSLEngine on
+    SSLCertificateChainFile /etc/ssl/private/Intermediate_CA_Bundle.crt
+    SSLCertificateFile /etc/ssl/private/paragon-es.de.crt
+    SSLCertificateKeyFile /etc/ssl/private/paragon-es.de.key
+
+    <FilesMatch "\.(cgi|shtml|phtml|php)$">
+        SSLOptions +StdEnvVars
+    </FilesMatch>
+    <Directory /usr/lib/cgi-bin>
+        SSLOptions +StdEnvVars
+    </Directory>
+    BrowserMatch "MSIE [2-6]" \
+        nokeepalive ssl-unclean-shutdown \
+        downgrade-1.0 force-response-1.0
+    # MSIE 7 and newer should be able to use keepalive
+    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+</VirtualHost>
+
+<VirtualHost _default_:443>
+    ServerName youtrack.paragon-es.de
+    ServerAdmin admin@paragon-es.de
+    ServerSignature Off
+
+    ProxyPreserveHost On
+    AllowEncodedSlashes NoDecode
+    RequestHeader set X_FORWARDED_PROTO 'https'
+
+    ProxyRequests Off
+    <Proxy *:80>
+      Order deny,allow
+      Allow from all
+    </Proxy>
+    ProxyPass /~socket.io/1/websocket ws://127.0.0.1:8085/~socket.io/1/websocket
+    ProxyPass / http://127.0.0.1:8085/
+    ProxyPassReverse / http://127.0.0.1:8085/
+
+    ErrorLog ${APACHE_LOG_DIR}/youtrack-error.log
+    LogLevel warn
+    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+    SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+    CustomLog ${APACHE_LOG_DIR}/youtrack_ssl_access.log combined env=!forwarded
+    CustomLog ${APACHE_LOG_DIR}/youtrack_ssl_access.log proxy env=forwarded
+
+    SSLEngine on
+    SSLCertificateChainFile /etc/ssl/private/Intermediate_CA_Bundle.crt
+    SSLCertificateFile /etc/ssl/private/paragon-es.de.crt
+    SSLCertificateKeyFile /etc/ssl/private/paragon-es.de.key
+
+    <FilesMatch "\.(cgi|shtml|phtml|php)$">
+        SSLOptions +StdEnvVars
+    </FilesMatch>
+    <Directory /usr/lib/cgi-bin>
+        SSLOptions +StdEnvVars
+    </Directory>
+    BrowserMatch "MSIE [2-6]" \
+        nokeepalive ssl-unclean-shutdown \
+        downgrade-1.0 force-response-1.0
+    # MSIE 7 and newer should be able to use keepalive
+    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+</VirtualHost>
+