This is going to be long, so sorry about that, but no one seems to be able to help... Keep in mind, this is not my homework !! This is a project I get payed for, but I can't find any info about this, and I'm getting scared I can't even do this ...
I'm part of a project where we have to set up a virtual environment with gitlab, alfresco etc, make users, automatize commits and such with Ansible. We need this for advanced pen-testing and security purposes, a realistic playground of sorts.
I'm setting up Gitlab, which worked fine but now I have problems making users, I can't get the gitlab_user ansible module to work, there isn't a single example of how to use it and the given example playbooks don't work either ... Can someone please help me figure out the syntax ? Do I have to run a playbook with this in it ? :
- name: Create Gitlab User
gitlab_user:
server_url: https://gitlab.dj-wasabi.local
validate_certs: True
login_user: dj-wasabi
login_password: MySecretPassword
name: My Name
username: myusername
password: mysecretpassword
email: me@example.com
sshkey_name: MySSH
sshkey_file: ssh-rsa AAAAB3NzaC1yc...
state: present
delegate_to: localhost
Or if I have to use it as a command from terminal, how do I do that ? I joined up a google group to ask about this and no one answered for days.
I thought if I can't get it to work, I'll use LDAP for user management, but can I do that ? Or LDAP is only for authentication and I have to make users with gitlab either way ? This is something I don't really understand about GitLab itself ...
None the less I tried setting up Slapd with the ansible role debops.slapd. I found this question here, but when I copied the code and ran the playbook it simply gave me this:
PLAY [Manage OpenLDAP service] *************************************************
TASK [Gathering Facts] *********************************************************
ok: [ansitest1@192.168.1.71]
TASK [debops.slapd : Make sure that Ansible local facts directory exists] ******
ok: [ansitest1@192.168.1.71]
TASK [debops.slapd : Save APT local facts] *************************************
ok: [ansitest1@192.168.1.71]
TASK [debops.slapd : Update Ansible facts if they were modified] ***************
skipping: [ansitest1@192.168.1.71]
TASK [debops.slapd : Install required packages] ********************************
[DEPRECATION WARNING]: Invoking "apt" only once while using a loop via
squash_actions is deprecated. Instead of using a loop to supply multiple items
and specifying `name: {{ item }}`, please use `name: [u'{{ apt__base_packages
}}', u'{{ apt__packages }}']` and remove the loop. This feature will be removed
in version 2.11. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
ok: [ansitest1@192.168.1.71] => (item=[u'apt-transport-https', u'ca-certificates'])
TASK [debops.slapd : Ensure that APT default configuration is absent] **********
ok: [ansitest1@192.168.1.71]
TASK [debops.slapd : Generate APT configuration files] *************************
ok: [ansitest1@192.168.1.71] => (item=etc/apt/apt.conf.d/25no-recommends.conf)
TASK [debops.slapd : Check current APT diversions] *****************************
ok: [ansitest1@192.168.1.71]
TASK [debops.slapd : Divert original /etc/apt/sources.list] ********************
skipping: [ansitest1@192.168.1.71]
TASK [debops.slapd : Configure APT distribution sources] ***********************
ok: [ansitest1@192.168.1.71]
TASK [debops.slapd : Remove diversion of original /etc/apt/sources.list] *******
skipping: [ansitest1@192.168.1.71]
TASK [debops.slapd : Configure custom APT keys] ********************************
TASK [debops.slapd : Configure custom APT repositories] ************************
TASK [debops.slapd : Generate additionnal APT configuration files] *************
TASK [debops.slapd : Delete APT configuration files on remote hosts] ***********
TASK [debops.slapd : Remove old unattended-upgrades configuration] *************
ok: [ansitest1@192.168.1.71] => (item=25auto-upgrades.conf)
ok: [ansitest1@192.168.1.71] => (item=55unattended-upgrades.conf)
TASK [debops.slapd : Update APT cache] *****************************************
ok: [ansitest1@192.168.1.71]
TASK [debops.slapd : Update the role status in local facts] ********************
skipping: [ansitest1@192.168.1.71]
TASK [debops.slapd : Update Ansible facts if they were modified] ***************
skipping: [ansitest1@192.168.1.71]
PLAY RECAP *********************************************************************
ansitest1@192.168.1.71 : ok=10 changed=0 unreachable=0 failed=0
As you can see, it sure as hell doesn't set up anything, I even copied the example playbook one of the answers suggested and it didn't work either.
The VM I'm trying to set up slapd on is a simple Xubuntu installation, I'm using Mint, I'm not entirely sure if it's important ...
Now here's the question, I know that neither the debos role, nor the gitlab_user module have been touched for years at this point, do you think there's a change I can get it to wrok, or I have to write a playbook myself to set up slapd and add users to gitlab ?
And if that's the case, can I even do that ? I looked up digital ocean and it seems like I can set up Slapd, and even add users and such with Ldif files based on this page. What I'm not sure about is adding users to Gitlab ...
Again I'm terribly sorry the question is so long and complex, but there's nothing I found about any of this, and the google group is silent. Should I make this into multiple, short questions ?
Thank you for your time and help anyways ! (my first language isn't english, sorry for the mistakes )
The example you have shown with the gitlab_user module is a task. This needs to be a task under a play. Below is an example playbook with a single play in it. You would call this in the usual way using ansible-playbook.
White space is important if the indentation is wrong it can also cause "error: "gitlab_user is not a valid attribute for a Play" because the Ansible reads it as part of the play level not the task level
---
- hosts: <hosts_to_run_play_on>
vars:
var1: <foo>
var2: <bar>
remote_user: <user>
become: yes
tasks:
- name: Create Gitlab User
gitlab_user:
server_url: https://gitlab.dj-wasabi.local
validate_certs: True
login_user: dj-wasabi
login_password: MySecretPassword
name: My Name
username: myusername
password: mysecretpassword
email: me@example.com
sshkey_name: MySSH
sshkey_file: ssh-rsa AAAAB3NzaC1yc...
state: present
Also ensure the requirements are met as outlined by the module documentation.