roles/gitlab: initial_root_password

4 years ago · d44c630c9e
--- a/roles/gitlab/README.md
+++ b/roles/gitlab/README.md
@ -4,15 +4,16 @@ Set-up a Omnibus GitLab server

 ## Configuration variables

 | Name            | Description                                     |
 |-----------------|-------------------------------------------------|
 | `server_fqdn`   | [`$hostname.$domain`]                           |
 | `ssh_port`      | External SSH port. [`22`]                       |
 | `ldap_server`*  | LDAP server fqdn [`'ldap1.dmz.$domain'`]        |
 | `ldap_domain`   | LDAP domain, used to derive base dn [`$domain`] |
 | `enable_https`  | Enable HTTPS. [`false`]                         |
 | `ldap_admin_dn` | DN of a LDAP user with admin privileges.        |
 | `ldap_admin_pw` | Bind password of that user.                     |
 | Name                    | Description                                     |
 |-------------------------|-------------------------------------------------|
 | `server_fqdn`           | [`$hostname.$domain`]                           |
 | `ssh_port`              | External SSH port. [`22`]                       |
 | `ldap_server`*          | LDAP server fqdn [`'ldap1.dmz.$domain'`]        |
 | `ldap_domain`           | LDAP domain, used to derive base dn [`$domain`] |
 | `enable_https`          | Enable HTTPS. [`false`]                         |
 | `ldap_admin_dn`         | DN of a LDAP user with admin privileges.        |
 | `ldap_admin_pw`         | Bind password of that user.                     |
 | `initial_root_password` | Available only before initialization.           |

 **Note**: The Ansible controller must have OpenLDAP properly configured
 with root ca set in `~/.ldaprc`.
--- a/roles/gitlab/templates/gitlab.rb.j2
+++ b/roles/gitlab/templates/gitlab.rb.j2
@ -529,7 +529,11 @@ external_url 'http://{{ server_fqdn }}'
 #### Change the initial default admin password and shared runner registration tokens.
 ####! **Only applicable on initial setup, changing these settings after database
 ####!   is created and seeded won't yield any change.**
 {% if initial_root_password is defined %}
 gitlab_rails['initial_root_password'] = "{{ initial_root_password }}"
 {% else %}
 # gitlab_rails['initial_root_password'] = "password"
 {% endif %}
 # gitlab_rails['initial_shared_runners_registration_token'] = "token"

 #### Set path to an initial license to be used while bootstrapping GitLab.