Commit 03f9f48f authored by David Nowell's avatar David Nowell
Browse files

Removing hardcoded values in templates and tasks

parent 6aa57bd7
**/[._]*.swp
**/*.retry
files/*.key
files/*.crt
vars/secret-vars.yml
......@@ -224,8 +224,8 @@
dest: "/etc/gitlab/ssl/{{ item }}"
mode: '640'
with_items:
- "gitlab.aws.vdc.it.umich.edu.key"
- "gitlab.aws.vdc.it.umich.edu.crt"
- "{{ KEYFILE }}"
- "{{ CRTFILE }}"
- name: Create /root/.aws directory
file:
......
......@@ -10,7 +10,7 @@
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
external_url 'https://gitlab.aws.vdc.it.umich.edu'
external_url 'https://{{ SERVNAME }}'
## Roles for multi-instance GitLab
##! The default is to have no roles enabled, which results in GitLab running as an all-in-one instance.
......@@ -281,16 +281,16 @@ gitlab_rails['omniauth_auto_link_saml_user'] = true
# "app_id" => "YOUR APP ID",
# "app_secret" => "YOUR APP SECRET",
# "args" => { "access_type" => "offline", "approval_prompt" => "" }
# }
# umich.edu }
# ]
gitlab_rails['omniauth_providers'] = [
{
name: 'saml',
args: {
assertion_consumer_service_url: 'https://gitlab.aws.vdc.it.umich.edu/users/auth/saml/callback',
assertion_consumer_service_url: 'https://{{ SERVNAME }}/users/auth/saml/callback',
idp_cert_fingerprint: 'C4:99:C3:78:6A:93:FE:1A:FF:46:BC:6E:98:68:0B:18:61:EC:D1:FF',
idp_sso_target_url: 'https://shibboleth.umich.edu/idp/profile/SAML2/Redirect/SSO',
issuer: 'https://gitlab.aws.vdc.it.umich.edu/',
issuer: 'https://{{ SERVNAME}}/',
name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
attribute_statements: {
email: ['urn:oid:0.9.2342.19200300.100.1.3'],
......@@ -512,7 +512,7 @@ gitlab_rails['backup_keep_time'] = 90000
##! Docs: https://docs.gitlab.com/ce/administration/container_registry.html
################################################################################
registry_external_url 'https://gitlab.aws.vdc.it.umich.edu:4567'
registry_external_url 'https://{{ SERVNAME }}:4567'
### Settings used by GitLab application
# gitlab_rails['registry_enabled'] = true
......
---
# vars file for sample-app-role
restore: yes
SERVNAME: gitlab.umich.edu
KEYFILE: gitlab.umich.edu.key
CRTFILE: gitlab.umich.edu.crt
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment