Merge pull request #177 from alexanderfast/fixletsencrypt

Fix quoting in letsencrypt

Author: geerlingguy

README.md

@@ -48,31 +48,31 @@ The `gitlab.rb.j2` template packaged with this role is meant to be very generic
 
 ### SSL Configuration.
 
-    gitlab_redirect_http_to_https: "true"
+    gitlab_redirect_http_to_https: true
     gitlab_ssl_certificate: "/etc/gitlab/ssl/{{ gitlab_domain }}.crt"
     gitlab_ssl_certificate_key: "/etc/gitlab/ssl/{{ gitlab_domain }}.key"
 
 GitLab SSL configuration; tells GitLab to redirect normal http requests to https, and the path to the certificate and key (the default values will work for automatic self-signed certificate creation, if set to `true` in the variable below).
 
     # SSL Self-signed Certificate Configuration.
-    gitlab_create_self_signed_cert: "true"
+    gitlab_create_self_signed_cert: true
     gitlab_self_signed_cert_subj: "/C=US/ST=Missouri/L=Saint Louis/O=IT/CN={{ gitlab_domain }}"
 
 Whether to create a self-signed certificate for serving GitLab over a secure connection. Set `gitlab_self_signed_cert_subj` according to your locality and organization.
 
 ### LetsEncrypt Configuration.
 
-    gitlab_letsencrypt_enable: "false"
+    gitlab_letsencrypt_enable: false
     gitlab_letsencrypt_contact_emails: ["[email protected]"]
     gitlab_letsencrypt_auto_renew_hour: 1
     gitlab_letsencrypt_auto_renew_minute: 30
     gitlab_letsencrypt_auto_renew_day_of_month: "*/7"
     gitlab_letsencrypt_auto_renew: true
 
-GitLab LetsEncrypt configuration; tells GitLab whether to request and use a certificate from LetsEncrypt, if `gitlab_letsencrypt_enable` is set to `"true"`. Multiple contact emails can be configured under `gitlab_letsencrypt_contact_emails` as a list.
+GitLab LetsEncrypt configuration; tells GitLab whether to request and use a certificate from LetsEncrypt, if `gitlab_letsencrypt_enable` is set to `true`. Multiple contact emails can be configured under `gitlab_letsencrypt_contact_emails` as a list.
 
     # LDAP Configuration.
-    gitlab_ldap_enabled: "false"
+    gitlab_ldap_enabled: false
     gitlab_ldap_host: "example.com"
     gitlab_ldap_port: "389"
     gitlab_ldap_uid: "sAMAccountName"
@@ -105,23 +105,23 @@ How long to keep local backups (useful if you don't want backups to fill up your
 Controls whether to validate certificates when downloading the GitLab installation repository install script.
 
     # Email configuration.
-    gitlab_email_enabled: "false"
+    gitlab_email_enabled: false
     gitlab_email_from: "[email protected]"
     gitlab_email_display_name: "Gitlab"
     gitlab_email_reply_to: "[email protected]"
 
 Gitlab system mail configuration. Disabled by default; set `gitlab_email_enabled` to `true` to enable, and make sure you enter valid from/reply-to values.
 
     # SMTP Configuration
-    gitlab_smtp_enable: "false"
+    gitlab_smtp_enable: false
     gitlab_smtp_address: "smtp.server"
     gitlab_smtp_port: "465"
     gitlab_smtp_user_name: "smtp user"
     gitlab_smtp_password: "smtp password"
     gitlab_smtp_domain: "example.com"
     gitlab_smtp_authentication: "login"
-    gitlab_smtp_enable_starttls_auto: "true"
-    gitlab_smtp_tls: "false"
+    gitlab_smtp_enable_starttls_auto: true
+    gitlab_smtp_tls: false
     gitlab_smtp_openssl_verify_mode: "none"
     gitlab_smtp_ca_path: "/etc/ssl/certs"
     gitlab_smtp_ca_file: "/etc/ssl/certs/ca-certificates.crt"
@@ -132,7 +132,7 @@ Gitlab SMTP configuration; of `gitlab_smtp_enable` is `true`, the rest of the co
 
 If you are running GitLab behind a reverse proxy, you may want to override the listen port to something else.
 
-    gitlab_nginx_listen_https: "false"
+    gitlab_nginx_listen_https: false
 
 If you are running GitLab behind a reverse proxy, you may wish to terminate SSL at another proxy server or load balancer
 

defaults/main.yml

@@ -9,16 +9,16 @@ gitlab_backup_path: "/var/opt/gitlab/backups"
 gitlab_config_template: "gitlab.rb.j2"
 
 # SSL Configuration.
-gitlab_redirect_http_to_https: "true"
+gitlab_redirect_http_to_https: true
 gitlab_ssl_certificate: "/etc/gitlab/ssl/{{ gitlab_domain }}.crt"
 gitlab_ssl_certificate_key: "/etc/gitlab/ssl/{{ gitlab_domain }}.key"
 
 # SSL Self-signed Certificate Configuration.
-gitlab_create_self_signed_cert: "true"
+gitlab_create_self_signed_cert: true
 gitlab_self_signed_cert_subj: "/C=US/ST=Missouri/L=Saint Louis/O=IT/CN={{ gitlab_domain }}"
 
 # LDAP Configuration.
-gitlab_ldap_enabled: "false"
+gitlab_ldap_enabled: false
 gitlab_ldap_host: "example.com"
 gitlab_ldap_port: "389"
 gitlab_ldap_uid: "sAMAccountName"
@@ -28,15 +28,15 @@ gitlab_ldap_password: "password"
 gitlab_ldap_base: "DC=example,DC=com"
 
 # SMTP Configuration
-gitlab_smtp_enable: "false"
+gitlab_smtp_enable: false
 gitlab_smtp_address: "smtp.server"
 gitlab_smtp_port: "465"
 gitlab_smtp_user_name: "smtp user"
 gitlab_smtp_password: "smtp password"
 gitlab_smtp_domain: "example.com"
 gitlab_smtp_authentication: "login"
-gitlab_smtp_enable_starttls_auto: "true"
-gitlab_smtp_tls: "false"
+gitlab_smtp_enable_starttls_auto: true
+gitlab_smtp_tls: false
 gitlab_smtp_openssl_verify_mode: "none"
 gitlab_smtp_ca_path: "/etc/ssl/certs"
 gitlab_smtp_ca_file: "/etc/ssl/certs/ca-certificates.crt"
@@ -63,19 +63,19 @@ gitlab_download_validate_certs: true
 gitlab_default_theme: '2'
 
 # Email configuration.
-gitlab_email_enabled: "false"
+gitlab_email_enabled: false
 gitlab_email_from: "[email protected]"
 gitlab_email_display_name: "Gitlab"
 gitlab_email_reply_to: "[email protected]"
 
 # Registry configuration.
-gitlab_registry_enable: "false"
+gitlab_registry_enable: false
 gitlab_registry_external_url: "https://gitlab.example.com:4567"
 gitlab_registry_nginx_ssl_certificate: "/etc/gitlab/ssl/gitlab.crt"
 gitlab_registry_nginx_ssl_certificate_key: "/etc/gitlab/ssl/gitlab.key"
 
 # LetsEncrypt configuration.
-gitlab_letsencrypt_enable: "false"
+gitlab_letsencrypt_enable: false
 gitlab_letsencrypt_contact_emails: ["[email protected]"]
 gitlab_letsencrypt_auto_renew_hour: 1
 gitlab_letsencrypt_auto_renew_minute: 30

templates/gitlab.rb.j2

@@ -4,8 +4,8 @@ external_url "{{ gitlab_external_url }}"
 # gitlab.yml configuration
 gitlab_rails['time_zone'] = "{{ gitlab_time_zone }}"
 gitlab_rails['backup_keep_time'] = {{ gitlab_backup_keep_time }}
-gitlab_rails['gitlab_email_enabled'] = {{ gitlab_email_enabled }}
-{% if gitlab_email_enabled == "true" %}
+gitlab_rails['gitlab_email_enabled'] = {{ gitlab_email_enabled | lower }}
+{% if gitlab_email_enabled %}
 gitlab_rails['gitlab_email_from'] = "{{ gitlab_email_from }}"
 gitlab_rails['gitlab_email_display_name'] = "{{ gitlab_email_display_name }}"
 gitlab_rails['gitlab_email_reply_to'] = "{{ gitlab_email_reply_to }}"
@@ -15,17 +15,17 @@ gitlab_rails['gitlab_email_reply_to'] = "{{ gitlab_email_reply_to }}"
 gitlab_rails['gitlab_default_theme'] = "{{ gitlab_default_theme }}"
 
 # Whether to redirect http to https.
-nginx['redirect_http_to_https'] = {{ gitlab_redirect_http_to_https }}
+nginx['redirect_http_to_https'] = {{ gitlab_redirect_http_to_https | lower }}
 nginx['ssl_certificate'] = "{{ gitlab_ssl_certificate }}"
 nginx['ssl_certificate_key'] = "{{ gitlab_ssl_certificate_key }}"
 
-letsencrypt['enable'] = "{{ gitlab_letsencrypt_enable }}"
+letsencrypt['enable'] = {{ gitlab_letsencrypt_enable | lower }}
 {% if gitlab_letsencrypt_enable %}
-letsencrypt['contact_emails'] = "{{ gitlab_letsencrypt_contact_emails | to_json }}"
+letsencrypt['contact_emails'] = {{ gitlab_letsencrypt_contact_emails | to_json }}
 letsencrypt['auto_renew_hour'] = "{{ gitlab_letsencrypt_auto_renew_hour }}"
 letsencrypt['auto_renew_minute'] = "{{ gitlab_letsencrypt_auto_renew_minute }}"
 letsencrypt['auto_renew_day_of_month'] = "{{ gitlab_letsencrypt_auto_renew_day_of_month }}"
-letsencrypt['auto_renew'] = "{{ gitlab_letsencrypt_auto_renew }}"
+letsencrypt['auto_renew'] = {{ gitlab_letsencrypt_auto_renew | lower }}
 {% endif %}
 
 # The directory where Git repositories will be stored.
@@ -36,8 +36,8 @@ gitlab_rails['backup_path'] = "{{ gitlab_backup_path }}"
 
 # These settings are documented in more detail at
 # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example#L118
-gitlab_rails['ldap_enabled'] = {{ gitlab_ldap_enabled }}
-{% if gitlab_ldap_enabled == "true" %}
+gitlab_rails['ldap_enabled'] = {{ gitlab_ldap_enabled | lower }}
+{% if gitlab_ldap_enabled %}
 gitlab_rails['ldap_host'] = '{{ gitlab_ldap_host }}'
 gitlab_rails['ldap_port'] = {{ gitlab_ldap_port }}
 gitlab_rails['ldap_uid'] = '{{ gitlab_ldap_uid }}'
@@ -54,14 +54,14 @@ gitlab_rails['ldap_base'] = '{{ gitlab_ldap_base }}'
 nginx['listen_port'] = "{{ gitlab_nginx_listen_port }}"
 {% endif %}
 {% if gitlab_nginx_listen_https is defined %}
-nginx['listen_https'] = {{ gitlab_nginx_listen_https }}
+nginx['listen_https'] = {{ gitlab_nginx_listen_https | lower }}
 {% endif %}
 
 # Use smtp instead of sendmail/postfix
 # More details and example configuration at
 # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/smtp.md
-gitlab_rails['smtp_enable'] = {{ gitlab_smtp_enable }}
-{% if gitlab_smtp_enable == "true" %}
+gitlab_rails['smtp_enable'] = {{ gitlab_smtp_enable | lower }}
+{% if gitlab_smtp_enable %}
 gitlab_rails['smtp_address'] = '{{ gitlab_smtp_address }}'
 gitlab_rails['smtp_port'] = {{ gitlab_smtp_port }}
 {% if gitlab_smtp_user_name %}
@@ -74,8 +74,8 @@ gitlab_rails['smtp_domain'] = '{{ gitlab_smtp_domain }}'
 {% if gitlab_smtp_authentication %}
 gitlab_rails['smtp_authentication'] = '{{ gitlab_smtp_authentication }}'
 {% endif %}
-gitlab_rails['smtp_enable_starttls_auto'] = {{ gitlab_smtp_enable_starttls_auto }}
-gitlab_rails['smtp_tls'] = {{ gitlab_smtp_tls }}
+gitlab_rails['smtp_enable_starttls_auto'] = {{ gitlab_smtp_enable_starttls_auto | lower }}
+gitlab_rails['smtp_tls'] = {{ gitlab_smtp_tls | lower }}
 gitlab_rails['smtp_openssl_verify_mode'] = '{{ gitlab_smtp_openssl_verify_mode }}'
 gitlab_rails['smtp_ca_path'] = '{{ gitlab_smtp_ca_path }}'
 gitlab_rails['smtp_ca_file'] = '{{ gitlab_smtp_ca_file }}'
@@ -90,8 +90,8 @@ nginx['ssl_client_certificate'] = "{{ gitlab_nginx_ssl_client_certificate }}"
 {% endif %}
 
 # GitLab registry.
-registry['enable'] = {{ gitlab_registry_enable }}
-{% if gitlab_registry_enable == "true" %}
+registry['enable'] = {{ gitlab_registry_enable | lower }}
+{% if gitlab_registry_enable %}
 registry_external_url "{{ gitlab_registry_external_url }}"
 registry_nginx['ssl_certificate'] = "{{ gitlab_registry_nginx_ssl_certificate }}"
 registry_nginx['ssl_certificate_key'] = "{{ gitlab_registry_nginx_ssl_certificate_key }}"