Deprecate GitLab

fighter/config/gitlab/.env

@@ -1,2 +0,0 @@
-DOCKER_DATA=/home/admin/data/gitlab
-DOCKER_CONFIG=/home/admin/docker_config/gitlab

fighter/config/gitlab/README.md

@@ -1,13 +0,0 @@
-# Updating GitLab configuration
-This gitlab instance is using the omnibus package. 
-See [GitLab Omnibus Reconfigure](https://docs.gitlab.com/ee/administration/restart_gitlab.html#omnibus-gitlab-reconfigure) for official docs on reconfiguration. 
-Here are the basic steps:
-1. Update the `GITLAB_OMNIBUS_CONFIG` environment variable in `docker-compose.yml`. Add the desired omnibus configuration lines.
-2. Run `docker exec -it gitlab_gitlab vi /etc/gitlab/gitlab.rb` to begin editing the omnibus config file. Make the necessary changes (`i` to enter insert mode), then save (`esc`, then `:wq`, enter).
-3. Run `docker exec gitlab_gitlab gitlab-ctl diff-config` to compare the new config file with the *default* config file (not previous). The lines with `+` are from the default config, and the lines with `-` are the config to be applied.
-4. Run `docker exec gitlab_gitlab gitlab-ctl reconfigure` to apply the changes. 
-5. Confirm the value set in step 1 is still correct.
-
-# View current GitLab configuration
-To get the current Gitlab config, run `docker exec gitlab_gitlab cat /etc/gitlab/gitlab.rb`.  
-You can also pipe this into `grep` to find the lines referring to a particular topic. For example: `docker exec gitlab_gitlab cat /etc/gitlab/gitlab.rb | grep registry`

fighter/config/gitlab/docker-compose.yml

@@ -1,114 +0,0 @@
-version: '3.3'
-services:
-  gitlab:
-    image: 'gitlab/gitlab-ee:16.6.0-ee.0'
-    container_name: gitlab_gitlab
-    deploy:
-      resources:
-        limits:
-          memory: 8G
-    restart: "no"
-    hostname: 'gitlab.jafner.net'
-    networks:
-      - web
-      - gitlab
-    environment:
-      GITLAB_SKIP_UNMIGRATED_DATA_CHECK: "false"
-      GITLAB_OMNIBUS_CONFIG: |
-        external_url 'https://gitlab.jafner.net'
-        gitlab_rails['gitlab_shell_ssh_port'] = 2229
-        nginx['listen_https'] = false
-        nginx['listen_port'] = 80
-        nginx['proxy_set_headers'] = {
-          "X-Forwarded-Proto" => "https",
-          "X-Forwarded-Ssl" => "on"
-        }
-        letsencrypt['enable'] = false
-        gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '192.168.1.0/24']
-        registry_external_url 'https://registry.gitlab.jafner.net'
-        gitlab_rails['registry_enabled'] = true
-        gitlab_rails['registry_host'] = "registry.gitlab.jafner.net"
-        gitlab_rails['api_url'] = 'https://registry.gitlab.jafner.net'
-        registry_nginx['enable'] = false
-        registry['registry_http_addr'] = "0.0.0.0:5000"
-        gitlab_rails['omniauth_enabled'] = true
-        gitlab_rails['omniauth_allow_single_sign_on'] = ['openid_connect']
-        gitlab_rails['omniauth_sync_email_from_provider'] = 'openid_connect'
-        gitlab_rails['omniauth_sync_profile_from_provider'] = ['openid_connect']
-        gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
-        gitlab_rails['omniauth_block_auto_created_users'] = false
-        gitlab_rails['omniauth_auto_link_saml_user'] = true
-        gitlab_rails['omniauth_providers'] = [
-          {
-            name: "openid_connect",
-            label: "Keycloak", 
-            icon: 'https://keycloak.jafner.net/resources/9tuqi/admin/keycloak.v2/favicon.svg',
-            args: {
-              name: "openid_connect",
-              scope: ["openid","profile","email"],
-              response_type: "code",
-              issuer: "https://keycloak.jafner.net/realms/Jafner.net",
-              discovery: true,
-              client_auth_method: "query",
-              uid_field: "email",
-              send_scope_to_token_endpoint: "false",
-              client_options: {
-                identifier: "gitlab.jafner.net",
-                secret: "wUJdUitu9Ch5EDYYUlyr2Ivn2oAMjeoC",
-                redirect_uri: "https://gitlab.jafner.net/users/auth/openid_connect/callback"
-              }
-            }
-          }
-        ]
-
-    ports:
-      - '2229:22'
-    volumes:
-      - '${DOCKER_DATA}/config:/etc/gitlab'
-      - '${DOCKER_DATA}/logs:/var/log/gitlab'
-      - '${DOCKER_DATA}/data:/var/opt/gitlab'
-    shm_size: '256m'
-    labels:
-      - traefik.http.routers.gitlab.rule=Host(`gitlab.jafner.net`)
-      - traefik.http.routers.gitlab.tls.certresolver=lets-encrypt
-      - traefik.http.routers.gitlab.tls.options=tls12@file
-      - traefik.http.routers.gitlab.middlewares=securityheaders@file
-      - traefik.http.routers.gitlab.service=gitlab
-      - traefik.http.services.gitlab.loadbalancer.server.port=80
-      - traefik.http.routers.gitlab-registry.rule=Host(`registry.gitlab.jafner.net`)
-      - traefik.http.routers.gitlab-registry.tls.certresolver=lets-encrypt
-      - traefik.http.routers.gitlab-registry.service=gitlab-registry
-      - traefik.http.services.gitlab-registry.loadbalancer.server.port=5000
-  
-  gitlab-runner-0:
-    image: 'gitlab/gitlab-runner:latest'
-    container_name: gitlab_runner_0
-    restart: "no"
-    networks:
-      - gitlab
-    env_file:
-      - runner.env
-    volumes:
-      - ${DOCKER_DATA}/runner-config:/etc/gitlab-runner
-      - /var/run/docker.sock:/var/run/docker.sock
-    labels:
-      - traefik.enable=false
-
-  gitlab-runner-1:
-    image: 'gitlab/gitlab-runner:latest'
-    container_name: gitlab_runner_1
-    restart: "no"
-    networks:
-      - gitlab
-    env_file:
-      - runner.env
-    volumes:
-      - ${DOCKER_DATA}/runner-config:/etc/gitlab-runner
-      - /var/run/docker.sock:/var/run/docker.sock
-    labels:
-      - traefik.enable=false
-
-networks:
-  web:
-    external: true
-  gitlab:

fighter/config/gitlab/runner.env

@@ -1 +0,0 @@
-GODEBUG="x509ignoreCN=0"

fighter/config/keycloak/README.md

@@ -22,10 +22,14 @@ We'll assume the new service is hosted at `https://web.jafner.net`.
 [Docs on Keycloak.org](https://www.keycloak.org/server/importExport)
 
 ## Export Realms
-With the docker container offline, run: `docker-compose run --entrypoint="/opt/keycloak/bin/kc.sh export --dir /opt/keycloak/data/export --users realm_file" keycloak`
+With the docker container offline, run: `docker-compose run --rm --entrypoint="/opt/keycloak/bin/kc.sh export --dir /opt/keycloak/data/import --users realm_file" keycloak`
 
-This will export the contents of each realm to a `json` file in the `export/` directory. `/opt/keycloak/data` should be the directory that is mounted to the host.
+This will export the contents of each realm to a `json` file in the `import/` directory. `/opt/keycloak/data` should be the directory that is mounted to the host.
 
 ## Import Realms
 To import realms at startup, replace the startup command with `start --import-realm`
-Additionally, you'll need to map the directory containing the files to import (e.g. `$KEYCLOAK_DATA/import`) to the `/opt/keycloak/data/import` inside the container.
+Additionally, you'll need to map the directory containing the files to import (e.g. `$KEYCLOAK_DATA/import`) to the `/opt/keycloak/data/import` inside the container.
+
+For each realm to import, run `docker-compose run --entrypoint="/opt/keycloak/bin/kc.sh import --file /opt/keycloak/data/import/{REALM_NAME}.json" keycloak` (replace `{REALM_NAME}` with the name of the realm.)
+
+https://howtodoinjava.com/devops/keycloak-script-upload-is-disabled/