samdoran
commented
6 years ago Rather than making this GitLab specific, I think it'd be better to put the self-signed cert bits in its own role. That way you can use it across multiple roles/projects.
Closed bandit145 closed 6 years ago
samdoran
commented
6 years ago Rather than making this GitLab specific, I think it'd be better to put the self-signed cert bits in its own role. That way you can use it across multiple roles/projects.
I think a self signed certificate option would be super helpful when using this role for bootstrapping new environments. It provides way more security than just setting gitlab up with http only.
I added 3 variables: gitlab_ssl_self_sign (False) - If "True" creates the self signed cert. gitlab_ssl_self_sign_subj ("/CN={{ ansible_fqdn }}") - Subject string for openssl certificate generation. gitlab_ssl_self_sign_days (365) - Days certificate is signed for.
I also added the process to generate a self signed certificate.