GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → GSA → jenkins-deploy

GSA / jenkins-deploy

Licence: other
deploy Jenkins to AWS with Terraform and Ansible

Programming Languages

HCL
1544 projects
Makefile
30231 projects
groovy
2714 projects

Jenkins Bootstrap CircleCI

This repository is reusable deployment code/configuration of Jenkins, which gets you up and running with a production-grade Jenkins quickly.

Integration

See the documentation.

Reusable pieces

Terraform modules

See the documentation.

Ansible role

Requirements

None.

Role variables

For any variables marked sensitive, you are strongly encouraged to store the values in an Ansible Vault.

Required

  • jenkins_admin_password - store in a Vault

  • jenkins_external_hostname

  • SSH key - information about how to generate in Usage section below.

    • jenkins_ssh_key_passphrase (sensitive)
    • jenkins_ssh_private_key_data (sensitive)
    • jenkins_ssh_public_key_data

  • SSL configuration (sensitive)

Optional

See defaults/main.yml.

Dependencies

Usage

  1. Generate an SSH key.

    ssh-keygen -t rsa -b 4096 -f temp.key -C "[email protected]"
# enter a passphrase - store in Vault as vault_jenkins_ssh_key_passphrase

cat temp.key
# store in Vault as vault_jenkins_ssh_private_key_data

cat temp.key.pub
# store as jenkins_ssh_public_key_data

rm temp.key*

  2. Include the role and required variables. Example:

    # requirements.yml
- src: https://github.com/GSA/jenkins-deploy
  name: gsa.jenkins

# group_vars/all/vars.yml
jenkins_ssh_user: jenkins
jenkins_ssh_public_key_data: |
  ssh-rsa ... [email protected]

# group_vars/jenkins/vars.yml
jenkins_external_hostname: ...
jenkins_ssh_key_passphrase: "{{ vault_jenkins_ssh_key_passphrase }}"
jenkins_ssh_private_key_data: "{{ vault_jenkins_ssh_private_key_data }}"
ssl_certs_local_cert_data: "{{ vault_ssl_certs_local_cert_data }}"
ssl_certs_local_privkey_data: "{{ vault_ssl_certs_local_privkey_data }}"

# group_vars/jenkins/vault.yml (encrypted)
vault_jenkins_ssh_key_passphrase: ...
vault_jenkins_ssh_private_key_data: |
  -----BEGIN RSA PRIVATE KEY-----
  ...
  -----END RSA PRIVATE KEY-----
vault_ssl_certs_local_cert_data: |
  -----BEGIN CERTIFICATE-----
  ...
  -----END CERTIFICATE-----
vault_ssl_certs_local_privkey_data: |
  -----BEGIN RSA PRIVATE KEY-----
  ...
  -----END RSA PRIVATE KEY-----

# playbooks/jenkins.yml
- hosts: jenkins
  become: true
  roles:
    - gsa.jenkins

# playbooks/other.yml
# hosts that Jenkins is going to run playbooks against
- hosts: other
  become: true
  tasks:
    - name: Create Jenkins user
      user:
        name: "{{ jenkins_ssh_user }}"
        group: wheel
    - name: Set up SSH key for Jenkins
      authorized_key:
        user: "{{ jenkins_ssh_user }}"
        key: "{{ jenkins_ssh_public_key_data }}"
    # ...other host setup tasks...

  3. Run the Terraform (if applicable) and the playbook.

  4. Ensure you can log into Jenkins (at jenkins_external_hostname).

  5. Follow the manual configuration steps

License

CC0

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].