Daniel Berteaud
3 years ago
parent
791b1cc88b
commit
ecf0ac71b0
11 changed files with 179 additions and 2 deletions
@ -0,0 +1,22 @@ |
||||
--- |
||||
|
||||
# version to deploy |
||||
jenkins_version: 2.332.2 |
||||
# URL of the source archive |
||||
jenkins_war_url: http://mirror.gruenehoelle.nl/jenkins/war-stable/{{ jenkins_version }}/jenkins.war |
||||
# sha1sum of the archive |
||||
jenkins_war_sha256: c7aa41378608437400922b9dbf75b34719204080f939fcdb5c5ddb24b07a117c |
||||
|
||||
# Root directory where jenkins will be installed |
||||
jenkins_root_dir: /opt/jenkins |
||||
|
||||
# User account under which jenkins will run |
||||
jenkins_user: jenkins |
||||
|
||||
# jenkins server component |
||||
jenkins_server_port: 8080 |
||||
# List of IP/CIDR having access to jenkins_server_port |
||||
jenkins_server_src_ip: [] |
||||
|
||||
# Public URL used to access jenkins |
||||
jenkins_public_url: http://{{ inventory_hostname }} |
||||
@ -0,0 +1,19 @@ |
||||
--- |
||||
|
||||
- name: start jenkins |
||||
systemd: |
||||
name: jenkins |
||||
state: started |
||||
|
||||
- name: restart jenkins |
||||
systemd: |
||||
name: jenkins |
||||
state: restarted |
||||
|
||||
- name: reload nginx |
||||
systemd: |
||||
name: nginx |
||||
state: reloaded |
||||
|
||||
- name: Reload systemd |
||||
systemd: daemon_reload=True |
||||
@ -0,0 +1,2 @@ |
||||
--- |
||||
|
||||
@ -0,0 +1,15 @@ |
||||
--- |
||||
|
||||
- name: Create needed directories |
||||
file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }} |
||||
loop: |
||||
- dir: "{{ jenkins_root_dir }}" |
||||
mode: 700 |
||||
- dir: "{{ jenkins_root_dir }}/meta" |
||||
mode: 700 |
||||
- dir: "{{ jenkins_root_dir }}/backup" |
||||
mode: 700 |
||||
- dir: "{{ jenkins_root_dir }}/archives" |
||||
mode: 700 |
||||
tags: jenkins |
||||
|
||||
@ -0,0 +1,44 @@ |
||||
--- |
||||
|
||||
- name: Install requiered |
||||
apt: |
||||
name: openjdk-11-jre |
||||
state: latest |
||||
tags: jenkins |
||||
|
||||
- name: Install nginx |
||||
apt: |
||||
name: nginx |
||||
state: latest |
||||
tags: jenkins |
||||
|
||||
- name: Deploy nginx conf |
||||
template: src=nginx.conf.j2 dest=/etc/nginx/ansible_conf.d/jenkins.conf |
||||
notify: reload nginx |
||||
tags: jenkins |
||||
|
||||
- name: Download jenkins |
||||
get_url: |
||||
url: "{{ jenkins_war_url }}" |
||||
dest: "{{ jenkins_root_dir }}" |
||||
checksum: "sha256:{{ jenkins_war_sha256 }}" |
||||
validate_certs: no |
||||
tags: jenkins |
||||
|
||||
- name: Deploy systemd unit |
||||
template: src=jenkins.service.j2 dest=/etc/systemd/system/jenkins.service |
||||
notify: Reload systemd |
||||
tags: jenkins |
||||
|
||||
- name: Flush handlers |
||||
meta: flush_handlers |
||||
tags: jenkins |
||||
|
||||
- name: Enable & start service jenkins |
||||
systemd: |
||||
name: jenkins |
||||
enabled: yes |
||||
masked: no |
||||
state: started |
||||
notify: start jenkins |
||||
|
||||
@ -0,0 +1,7 @@ |
||||
--- |
||||
|
||||
- include: user.yml |
||||
- include: directories.yml |
||||
- include: install.yml |
||||
- include: write_version.yml |
||||
|
||||
@ -0,0 +1,6 @@ |
||||
--- |
||||
|
||||
|
||||
- name: Create jenkins user account |
||||
user: name={{ jenkins_user }} home={{ jenkins_root_dir }} system=True |
||||
tags: jenkins |
||||
@ -0,0 +1,5 @@ |
||||
--- |
||||
|
||||
- name: Write installed version |
||||
copy: content={{ jenkins_version }} dest={{ jenkins_root_dir }}/meta/ansible_version |
||||
tags: jenkins |
||||
@ -0,0 +1,23 @@ |
||||
# /etc/systemd/system/jenkins.service |
||||
[Unit] |
||||
Description=Standalone Jenkins Master server |
||||
Documentation=https://www.jenkins.io/doc |
||||
|
||||
Wants=network-online.target |
||||
After=network-online.target |
||||
|
||||
[Service] |
||||
User=jenkins |
||||
Group=jenkins |
||||
Environment=HTTP_PORT={{ jenkins_server_port }} |
||||
Environment=JAVA_ARGS=-Djava.awt.headless=true |
||||
Environment=JENKINS_HOME={{ jenkins_root_dir }}/data/ |
||||
Environment=JENKINS_WAR={{ jenkins_root_dir }}/jenkins.war |
||||
Environment=LISTEN_ADDRESS=0.0.0.0 |
||||
Environment=WEBROOT={{ jenkins_root_dir }}/cache/ |
||||
WorkingDirectory={{ jenkins_root_dir }} |
||||
LimitNOFILE=8192 |
||||
ExecStart=/usr/bin/java ${JAVA_ARGS} -jar ${JENKINS_WAR} --webroot=${WEBROOT} --httpPort=${HTTP_PORT} --httpListenAddress=${LISTEN_ADDRESS} |
||||
|
||||
[Install] |
||||
WantedBy=multi-user.target |
||||
@ -0,0 +1,34 @@ |
||||
server { |
||||
listen 80; |
||||
server_name {{ jenkins_public_url | urlsplit('hostname') }}; |
||||
include /etc/nginx/ansible_conf.d/acme.inc; |
||||
root {{ jenkins_root_dir }}/client; |
||||
client_max_body_size 10M; |
||||
|
||||
if ($request_method !~ ^(GET|POST|HEAD|PUT|DELETE|PATCH)$ ) { |
||||
return 405; |
||||
} |
||||
|
||||
# Send info about the original request to the backend |
||||
proxy_set_header X-Forwarded-For "$proxy_add_x_forwarded_for"; |
||||
proxy_set_header X-Real-IP "$remote_addr"; |
||||
proxy_set_header X-Forwarded-Proto "$scheme"; |
||||
proxy_set_header X-Forwarded-Host "$host"; |
||||
proxy_set_header Host "$host"; |
||||
|
||||
location / { |
||||
try_files $uri /index.html =404; |
||||
} |
||||
location /f { |
||||
proxy_pass https://cdn.optimizely.com/; |
||||
} |
||||
location /api { |
||||
proxy_pass http://127.0.0.1:{{ jenkins_server_port }}; |
||||
} |
||||
location /oauth2 { |
||||
proxy_pass http://127.0.0.1:{{ jenkins_server_port }}; |
||||
} |
||||
location /login { |
||||
proxy_pass http://127.0.0.1:{{ jenkins_server_port }}; |
||||
} |
||||
} |
||||
Loading…
Reference in new issue