From 5f870e9ca01353bf5122bf28f2922c586dc3160a Mon Sep 17 00:00:00 2001 From: Tanguy Herbron Date: Mon, 17 Oct 2022 00:35:03 +0200 Subject: [PATCH] feat(gitlab): Add basic Gitlab configuration Contains basic deployment and networking requirement, awaiting custom configuration and proper volume management. --- gitlab/backup-pvc.yaml | 12 ++++++++++++ gitlab/configmap.yaml | 38 ++++++++++++++++++++++++++++++++++++++ gitlab/cronjob.yaml | 25 +++++++++++++++++++++++++ gitlab/deployment.yaml | 33 +++++++++++++++++++++++++++++++++ gitlab/ingress.yaml | 23 +++++++++++++++++++++++ gitlab/namespace.yaml | 4 ++++ gitlab/service.yaml | 13 +++++++++++++ 7 files changed, 148 insertions(+) create mode 100644 gitlab/backup-pvc.yaml create mode 100644 gitlab/configmap.yaml create mode 100644 gitlab/cronjob.yaml create mode 100644 gitlab/deployment.yaml create mode 100644 gitlab/ingress.yaml create mode 100644 gitlab/namespace.yaml create mode 100644 gitlab/service.yaml diff --git a/gitlab/backup-pvc.yaml b/gitlab/backup-pvc.yaml new file mode 100644 index 0000000..dc57169 --- /dev/null +++ b/gitlab/backup-pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: gitlab-backup-pvc + namespace: gitlab +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: flat-storage-class diff --git a/gitlab/configmap.yaml b/gitlab/configmap.yaml new file mode 100644 index 0000000..3b48925 --- /dev/null +++ b/gitlab/configmap.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: gitlab-config + namespace: gitlab +data: + gitlab.rb: | + external_url 'https://git.beta.halia.dev' + gitlab_rails['gitlab_default_theme'] = 2 + registry_external_url 'https://git.beta.halia.dev' + puma['worker_processes'] = 0 + sidekiq['max_concurrency'] = 5 + nginx['listen_port'] = 80 + nginx['listen_https'] = false + gitlab_kas['enable'] = true + registry_nginx['enable'] = true + registry_nginx['proxy_set_headers'] = { + "X-Forwarded-Proto" => "https", + "X-Forwarded-Ssl" => "on" + } + registry_nginx['listen_port'] = 5050 + registry_nginx['listen_https'] = false + prometheus_monitoring['enable'] = false + gitaly['env'] = { + 'GITALY_COMMAND_SPAWN_MAX_PARALLEL' => '2' + } + gitaly['ruby_max_rss'] = 200_000_000 + gitaly['concurrency'] = [ + { + 'rpc' => "/gitaly.SmartHTTPService/PostReceivePack", + 'max_per_repo' => 3 + }, { + 'rpc' => "/gitaly.SSHService/SSHUploadPack", + 'max_per_repo' => 3 + } + ] + + diff --git a/gitlab/cronjob.yaml b/gitlab/cronjob.yaml new file mode 100644 index 0000000..9ae1fe4 --- /dev/null +++ b/gitlab/cronjob.yaml @@ -0,0 +1,25 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: backup-job + namespace: gitlab +spec: + schedule: "0 4 * * *" # Every day at 4AM + concurrencyPolicy: Forbid + jobTemplate: + spec: + template: + spec: + containers: + - name: maria-backup + image: mariadb + command: ["sh", "-c", "echo hi"] + volumeMounts: + - name: gitlab-backup + mountPath: /backup/gitlab + subPath: gitlab + volumes: + - name: gitlab-backup + persistentVolumeClaim: + claimName: gitlab-backup-pvc + restartPolicy: OnFailure diff --git a/gitlab/deployment.yaml b/gitlab/deployment.yaml new file mode 100644 index 0000000..31ac37c --- /dev/null +++ b/gitlab/deployment.yaml @@ -0,0 +1,33 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitlab + namespace: gitlab +spec: + replicas: 1 + selector: + matchLabels: + app: gitlab + template: + metadata: + labels: + app: gitlab + spec: + hostname: gitlab + subdomain: gitlab + containers: + - name: gitlab + image: gitlab/gitlab-ce:15.4.2-ce.0 + ports: + - containerPort: 80 + volumeMounts: + - mountPath: "/etc/gitlab/gitlab.rb" + name: gitlab-config-volume + subPath: gitlab.rb + volumes: + - name: gitlab-pv + hostPath: + path: "/mnt/gitlab" + - name: gitlab-config-volume + configMap: + name: gitlab-config diff --git a/gitlab/ingress.yaml b/gitlab/ingress.yaml new file mode 100644 index 0000000..c05db24 --- /dev/null +++ b/gitlab/ingress.yaml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gitlab-ingress + namespace: gitlab + annotations: + kubernetes.io/ingress.class: "traefik" +spec: + tls: + - secretName: git-beta-tls + hosts: + - git.beta.halia.dev + rules: + - host: git.beta.halia.dev + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gitlab-svc + port: + number: 80 diff --git a/gitlab/namespace.yaml b/gitlab/namespace.yaml new file mode 100644 index 0000000..05c6da4 --- /dev/null +++ b/gitlab/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: gitlab diff --git a/gitlab/service.yaml b/gitlab/service.yaml new file mode 100644 index 0000000..b3beb15 --- /dev/null +++ b/gitlab/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: gitlab-svc + namespace: gitlab +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: gitlab