durable rancher setup

aguard-redgate · aguard-redgate · commit b314116784ff · 2026-03-25T09:45:29.000-05:00
diff --git a/Gitlab-Templatized/.env.example b/Gitlab-Templatized/.env.example
@@ -2,6 +2,16 @@
 # These values are for the local Docker-based GitLab instance only.
 # Copy this file to .env and fill in your values.
 
+# ── Fixed IP addresses (on gitlab-net 172.30.0.0/24) ──
+# Rancher:       172.30.0.10  →  host ports 80 / 443
+# GitLab:        172.30.0.2   →  host ports 8080 / 8443 / 2222
+# GitLab Runner: 172.30.0.3   →  no host ports
+
+# ── Rancher ──
+RANCHER_BOOTSTRAP_PASSWORD=your_rancher_password
+
+# ── GitLab ──
+GITLAB_ROOT_PASSWORD=your_gitlab_root_password
 GITLAB_RUNNER_REGISTRATION_TOKEN=your_runner_registration_token
 GITLAB_URL=http://172.30.0.2
 GITLAB_EXTERNAL_URL=http://localhost:8080
diff --git a/Gitlab-Templatized/startup-services.ps1 b/Gitlab-Templatized/startup-services.ps1
@@ -1,4 +1,13 @@
 # Simple startup script for Rancher, Docker, and GitLab
+#
+# Fixed IP addresses (on gitlab-net 172.30.0.0/24):
+#   Rancher:       172.30.0.10  →  host ports 80 / 443
+#   GitLab:        172.30.0.2   →  host ports 8080 / 8443 / 2222
+#   GitLab Runner: 172.30.0.3   →  no host ports
+#
+# Passwords are read from .env and injected on first container creation.
+# Rancher and GitLab data are stored in named Docker volumes so state
+# (including passwords) survives container recreation.
 
 # Load environment variables from .env file
 $envFile = Join-Path $PSScriptRoot ".env"
@@ -45,36 +54,88 @@ if (-not (Get-Process "Rancher Desktop" -ErrorAction SilentlyContinue)) {
     Write-Host "Docker is ready!" -ForegroundColor Green
 }
 
-# Start Rancher
+# ---------------------------------------------------------------------------
+# Helper: start an existing stopped container, or create a new one.
+# Returns $true if the container was already running.
+# ---------------------------------------------------------------------------
+function Start-OrCreate {
+    param([string]$Name)
+    $state = docker inspect --format '{{.State.Running}}' $Name 2>&1
+    if ($LASTEXITCODE -eq 0) {
+        if ($state -eq 'true') {
+            Write-Host "$Name is already running." -ForegroundColor Gray
+            return $true
+        }
+        Write-Host "Starting existing $Name container..." -ForegroundColor Cyan
+        docker start $Name | Out-Null
+        return $true
+    }
+    return $false   # container does not exist — caller will create it
+}
+
+# ---------------------------------------------------------------------------
+# Rancher  (172.30.0.10 — ports 80/443)
+# ---------------------------------------------------------------------------
 Write-Host "Starting Rancher..." -ForegroundColor Cyan
-docker run -d --restart=unless-stopped `
-    --name rancher `
-    --network gitlab-net --ip 172.30.0.10 `
-    -p 80:80 -p 443:443 `
-    --privileged `
-    rancher/rancher:latest
+if (-not (Start-OrCreate "rancher")) {
+    $rancherPw = $env:RANCHER_BOOTSTRAP_PASSWORD
+    $rancherEnv = @()
+    if ($rancherPw) { $rancherEnv = @("-e", "CATTLE_BOOTSTRAP_PASSWORD=$rancherPw") }
+
+    docker run -d --restart=unless-stopped `
+        --name rancher `
+        --network gitlab-net --ip 172.30.0.10 `
+        -p 80:80 -p 443:443 `
+        --privileged `
+        -v rancher-data:/var/lib/rancher `
+        @rancherEnv `
+        rancher/rancher:latest | Out-Null
+    if ($rancherPw) {
+        Write-Host "  Rancher bootstrap password set from .env" -ForegroundColor Green
+    }
+}
 
-# Start GitLab
+# ---------------------------------------------------------------------------
+# GitLab  (172.30.0.2 — ports 8080/8443/2222)
+# ---------------------------------------------------------------------------
 Write-Host "Starting GitLab..." -ForegroundColor Cyan
-docker run -d --restart=unless-stopped `
-    --name gitlab `
-    --network gitlab-net --ip 172.30.0.2 `
-    -p 8080:80 -p 8443:443 -p 2222:22 `
-    -v gitlab-config:/etc/gitlab `
-    -v gitlab-logs:/var/log/gitlab `
-    -v gitlab-data:/var/opt/gitlab `
-    gitlab/gitlab-ce:latest
+if (-not (Start-OrCreate "gitlab")) {
+    $gitlabPw  = $env:GITLAB_ROOT_PASSWORD
+    $gitlabUrl = $env:GITLAB_EXTERNAL_URL
+    $gitlabEnv = @()
+    if ($gitlabPw)  { $gitlabEnv += @("-e", "GITLAB_ROOT_PASSWORD=$gitlabPw") }
+    if ($gitlabUrl) { $gitlabEnv += @("-e", "GITLAB_OMNIBUS_CONFIG=external_url '$gitlabUrl'") }
 
-# Start GitLab Runner
+    docker run -d --restart=unless-stopped `
+        --name gitlab `
+        --network gitlab-net --ip 172.30.0.2 `
+        -p 8080:80 -p 8443:443 -p 2222:22 `
+        -v gitlab-config:/etc/gitlab `
+        -v gitlab-logs:/var/log/gitlab `
+        -v gitlab-data:/var/opt/gitlab `
+        @gitlabEnv `
+        gitlab/gitlab-ce:latest | Out-Null
+    if ($gitlabPw) {
+        Write-Host "  GitLab root password set from .env" -ForegroundColor Green
+    }
+}
+
+# ---------------------------------------------------------------------------
+# GitLab Runner  (172.30.0.3)
+# ---------------------------------------------------------------------------
 Write-Host "Starting GitLab Runner..." -ForegroundColor Cyan
-docker run -d --restart=unless-stopped `
-    --name gitlab-runner `
-    --network gitlab-net --ip 172.30.0.3 `
-    -v gitlab-runner-config:/etc/gitlab-runner `
-    -v //var/run/docker.sock:/var/run/docker.sock `
-    gitlab/gitlab-runner:latest
+if (-not (Start-OrCreate "gitlab-runner")) {
+    docker run -d --restart=unless-stopped `
+        --name gitlab-runner `
+        --network gitlab-net --ip 172.30.0.3 `
+        -v gitlab-runner-config:/etc/gitlab-runner `
+        -v //var/run/docker.sock:/var/run/docker.sock `
+        gitlab/gitlab-runner:latest | Out-Null
+}
 
+# ---------------------------------------------------------------------------
 # Register runner if not already registered
+# ---------------------------------------------------------------------------
 $runnerConfig = docker exec gitlab-runner cat /etc/gitlab-runner/config.toml 2>&1
 if ($runnerConfig -notmatch '\[\[runners\]\]') {
     $token = $env:GITLAB_RUNNER_REGISTRATION_TOKEN
@@ -98,6 +159,21 @@ if ($runnerConfig -notmatch '\[\[runners\]\]') {
     }
 }
 
+# ---------------------------------------------------------------------------
+# Summary
+# ---------------------------------------------------------------------------
+Write-Host ""
+Write-Host "========================================" -ForegroundColor Green
+Write-Host " All services started!" -ForegroundColor Green
+Write-Host "========================================" -ForegroundColor Green
+Write-Host "  Rancher:  https://localhost       (172.30.0.10)" -ForegroundColor White
+Write-Host "  GitLab:   http://localhost:8080   (172.30.0.2)" -ForegroundColor White
+Write-Host "  Runner:   connected on gitlab-net (172.30.0.3)" -ForegroundColor White
+Write-Host ""
+Write-Host "  GitLab user: root" -ForegroundColor White
+Write-Host "  Passwords:   see .env file" -ForegroundColor White
+Write-Host "========================================"  -ForegroundColor Green
+
 Write-Host ""
 Write-Host "Done! Services are starting up..." -ForegroundColor Green
 Write-Host ""
