├── .gitignore ├── LICENCE ├── README.md ├── defaults └── main.yml ├── files └── jenkins-ci.org.key ├── handlers └── main.yml ├── meta ├── main.yml └── main.yml.sample ├── tasks ├── cli.yml ├── config.yml ├── dependencies_deb.yml ├── dependencies_redhat.yml ├── jenkins.yml ├── main.yml ├── plugins.yml ├── repo.debian.yml ├── repo.redhat.yml └── repo.yml ├── templates ├── etc.default.jenkins.j2 ├── hudson.tasks.Mailer.xml.j2 └── proxy.groovy └── vars └── main.yml /.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | .vagrant 3 | Vagrantfile -------------------------------------------------------------------------------- /LICENCE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2014 Ghent University 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy 4 | of this software and associated documentation files (the "Software"), to deal 5 | in the Software without restriction, including without limitation the rights 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 7 | copies of the Software, and to permit persons to whom the Software is 8 | furnished to do so, subject to the following conditions: 9 | 10 | The above copyright notice and this permission notice shall be included in 11 | all copies or substantial portions of the Software. 12 | 13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 19 | THE SOFTWARE. 20 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Readme 2 | 3 | ## Description 4 | 5 | *ansible-jenkins* is an [Ansible](http://ansible.cc) role. 6 | Use this role to install Jenkins and install/update plugins. 7 | 8 | ## Provides 9 | 10 | 1. Latest Jenkins server 11 | 2. Jenkins plugins support 12 | 13 | ## Requires 14 | 15 | 1. Ansible 2.2 or higher 16 | 2. Debian 8, Ubuntu 14, CentOS 7, FreeBSD 10 or later 17 | 3. Vagrant (optional) 18 | 19 | ## Usage 20 | 21 | ### Install from Ansible Galaxy 22 | 23 | ```bash 24 | $ ansible-galaxy install flyapen.jenkins 25 | ``` 26 | 27 | ### Or download manually 28 | 29 | ```bash 30 | $ git clone https://github.com/ICTO/ansible-jenkins.git roles 31 | ``` 32 | 33 | The code should reside in the roles directory of ansible ( See [ansible documentation](http://www.ansibleworks.com/docs/playbooks.html#roles) for more information on roles ), in a folder jenkins. 34 | 35 | ### Create a host file 36 | 37 | Following example make ansible aware of the Vagrant box reachable on localhost port 2222. 38 | 39 | ```bash 40 | $ vi ansible.host 41 | ``` 42 | 43 | with 44 | 45 | ```ini 46 | [jenkins] 47 | 127.0.0.1 ansible_ssh_port=2222 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key 48 | ``` 49 | 50 | ### Create host specific variables 51 | 52 | Make the `host_vars` directory where *ansible.host* file is located. 53 | 54 | ```bash 55 | $ mkdir host_vars 56 | ``` 57 | 58 | Create a file in the newly created directory matching your host. 59 | 60 | ```bash 61 | $ cd host_vars 62 | $ vi 127.0.0.1 63 | ``` 64 | 65 | with 66 | 67 | ```yaml 68 | --- 69 | plugins: 70 | - 'ldap' 71 | - 'github' 72 | - 'translation' 73 | - 'preSCMbuildstep' 74 | email: 75 | smtp_host: 'mail.example.com' 76 | smtp_ssl: 'true' 77 | default_email_suffix: '@example.com' 78 | #jenkins_admin_user: admin 79 | #jenkins_admin_password: admin 80 | ``` 81 | 82 | Take a look at the defaults/main.yml file which contains all possible variables. 83 | 84 | ### Run the playbook 85 | 86 | 87 | First create a playbook including the jenkins role, naming it jenkins.yml. 88 | 89 | ```yml 90 | - name: Jenkins 91 | hosts: jenkins 92 | roles: 93 | # install jenkins 94 | - { role: jenkins, become: yes, become_user: root } 95 | ``` 96 | 97 | Use *ansible.host* as inventory. Run the playbook only for the remote host *jenkins*. Use *vagrant* as the SSH user to connect to the remote host. *-k* enables the SSH password prompt. 98 | 99 | ```bash 100 | $ ansible-playbook -i ansible.host jenkins.yml 101 | ``` 102 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | placeholder: 'placeholder' 3 | port: 8080 4 | ajp_port: -1 5 | # plugins: 6 | # - 'ldap' 7 | # - 'github' 8 | # - 'translation' 9 | # - 'preSCMbuildstep' 10 | # - 'gravatar' 11 | 12 | proxy: no 13 | proxy_host: localhost 14 | proxy_port: 3128 15 | proxy_login: login 16 | proxy_password: password 17 | proxy_url: "http://{{proxy_login}}:{{proxy_password}}@{{proxy_host}}:{{proxy_port}}" 18 | __no_proxy: "localhost" 19 | proxy_env: 20 | http_proxy: "{{proxy_url}}" 21 | https_proxy: "{{proxy_url}}" 22 | no_proxy: "{{__no_proxy}}" 23 | prefix: "/" 24 | java_version: "openjdk-7" 25 | jenkins_updates_url: "https://updates.jenkins.io/current/update-center.json" 26 | # jenkins_admin_user: admin 27 | # jenkins_admin_password: recommended to be put a vault file 28 | -------------------------------------------------------------------------------- /files/jenkins-ci.org.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1.4.9 (GNU/Linux) 3 | 4 | mQGiBEmFQG0RBACXScOxb6BTV6rQE/tcJopAEWsdvmE0jNIRWjDDzB7HovX6Anrq 5 | n7+Vq4spAReSFbBVaYiiOx2cGDymj2dyx2i9NAI/9/cQXJOU+RPdDzHVlO1Edksp 6 | 5rKn0cGPWY5sLxRf8s/tO5oyKgwCVgTaB5a8gBHaoGms3nNC4YYf+lqlpwCgjbti 7 | 3u1iMIx6Rs+dG0+xw1oi5FUD/2tLJMx7vCUQHhPRupeYFPoD8vWpcbGb5nHfHi4U 8 | 8/x4qZspAIwvXtGw0UBHildGpqe9onp22Syadn/7JgMWhHoFw5Ke/rTMlxREL7pa 9 | TiXuagD2G84tjJ66oJP1FigslJzrnG61y85V7THL61OFqDg6IOP4onbsdqHby4VD 10 | zZj9A/9uQxIn5250AGLNpARStAcNPJNJbHOQuv0iF3vnG8uO7/oscB0TYb8/juxr 11 | hs9GdSN0U0BxENR+8KWy5lttpqLMKlKRknQYy34UstQiyFgAQ9Epncu9uIbVDgWt 12 | y7utnqXN033EyYkcWx5EhLAgHkC7wSzeSWABV3JSXN7CeeOif7QiS29oc3VrZSBL 13 | YXdhZ3VjaGkgPGtrQGtvaHN1a2Uub3JnPohjBBMRAgAjAhsDBgsJCAcDAgQVAggD 14 | BBYCAwECHgECF4AFAko/7vYCGQEACgkQm30y8tUFguabhgCgi54IQR4rpJZ/uUHe 15 | ZB879zUWTQwAniQDBO+Zly7Fsvm0Mcvqvl02UzxCtC1Lb2hzdWtlIEthd2FndWNo 16 | aSA8a29oc3VrZS5rYXdhZ3VjaGlAc3VuLmNvbT6IYAQTEQIAIAUCSj/qbQIbAwYL 17 | CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEJt9MvLVBYLm38gAoIGR2+TQeJaCeEa8 18 | CQhZYzDoiJkQAJ0cpmD+0VA+leOAr5LEccNVd70Z/dHNy83JARAAAQEAAAAAAAAA 19 | AAAAAAD/2P/gABBKRklGAAEBAQBgAGAAAP/hAGBFeGlmAABJSSoACAAAAAQAMQEC 20 | ABkAAAA+AAAAEFEBAAEAAAABQ5AAEVEEAAEAAAASCwAAElEEAAEAAAASCwAAAAAA 21 | AE1hY3JvbWVkaWEgRmlyZXdvcmtzIDQuMAAA/9sAQwAIBgYHBgUIBwcHCQkICgwU 22 | DQwLCwwZEhMPFB0aHx4dGhwcICQuJyAiLCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy 23 | /9sAQwEJCQkMCwwYDQ0YMiEcITIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy 24 | MjIyMjIyMjIyMjIyMjIyMjIyMjIy/8AAEQgArgCWAwEiAAIRAQMRAf/EAB8AAAEF 25 | AQEBAQEBAAAAAAAAAAABAgMEBQYHCAkKC//EALUQAAIBAwMCBAMFBQQEAAABfQEC 26 | AwAEEQUSITFBBhNRYQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkq 27 | NDU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqS 28 | k5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk 29 | 5ebn6Onq8fLz9PX29/j5+v/EAB8BAAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkK 30 | C//EALURAAIBAgQEAwQHBQQEAAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGx 31 | wQkjM1LwFWJy0QoWJDThJfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFla 32 | Y2RlZmdoaWpzdHV2d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2 33 | t7i5usLDxMXGx8jJytLT1NXW19jZ2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQAC 34 | EQMRAD8A9wEj/wB9vzpfMf8Avt+dRinCpGSeY398/nS72/vH86YKBQBJvb+8fzpd 35 | 7f3j+dMFLQA/e394/nS7j6n86ZSimA7cfU07cfU1HnFOFADtx9aXJ9TTKUUxD8n1 36 | pc+9Mp1AC5ozSUtAC0maKKADNFJ2ooAoCnCmilzWZQ6lFJSimAopaQUtAC54rOvN 37 | dsLCTZPPGrdwXAry/wCKHxXfRppND0Mq16Bie5PIi9lHdv5V8/X+rXt/O8tzcyyy 38 | MclnYkk0avYdl1PqPxT8VtH8NwqwzdXEuSkaHoB61wjftCXhlzHosBjHZpSCa8PW 39 | O7uhuAkcDueaaYbhOqMMe1L5lcvWx9U+FPjJ4f8AEU0dpdhtLvXOFWdgY3PoH6fg 40 | cV6MrZGa+EklIOJOPqK9i+G3xem0TytI8QSSXGnHCQXJO57f2Pqn6indrclq+x9G 41 | 5pwNVoLiO4hSaGRZIpFDKynIYHuKmBqyB+aWmg0uaAFopKKAFoozRQBQFLSUorMo 42 | UUtJSigB1ZHijWovD/hu+1KZlUQxErnu3YfnWsK8k+Pt60PhaxtAxAnuOQO4UE0P 43 | YaWp8/Xd1LeTz3Mzl5pnLuxPJJNa+i+HDclZZ1yp5C1Q0axa+1BEx8i8mvS7S3WG 44 | NQo6elcWLxDprljuelgsOp+/IgtdCiVFVYx07CnXHhyNgflA/Ct+1BwOKmkVq8xS 45 | m9bnr2S0sec6n4UVo2KKNw6Vx9xby2U3lSAj617NcR5J4zmua1/Q4r+1JVQJU5Ui 46 | uzD4qUXyz2OHFYWM1zR3Ol+CHj0xXX/CKajMTHKd1g7H7r94/oeo9wR3r3tWr4ht 47 | pZtNv4bmElZ7eVZUIOPmU5/pX2dpOpR6tpFnqMQxHdQpMoz03DOK9ePY8OaszUDU 48 | +oFNSg0yUOopKWgAoo6mikBRpwptLWZY4UoptLTELXin7QbD7PoiFv45Gx+Ar2uv 49 | FP2g7dfsejXOfm8x48evGf6UmNbnm3hCBls57sJuYnYg9TXSyW2uIgNpJbs5GWDj 50 | gewrP8EJu0XIHKyNV2+j1txM0MzIQV8oIQN3POSenHTg15VSV6z2+Z7dGNqKt26G 51 | hpeo6rC3lajZxKOgdG6/hW5NcoIC4HOOhrmbJb1IokuZWkfbmUsQQGz2xW5OAbAE 52 | Y3d/es5TtJo6oRbjcx7uXVryXbblIIv723JqN9PuUdLhJ2aQf6xW6OP6VBqS6jcQ 53 | sLS4aOQHCqH2qVx64znP8verWn2d/DKrPOzxbFBWQ5O7HJyOxParv7t7oxcfeasz 54 | z3xBaC01uZV4RxvAr6X+F0rv8NdCMj7iICAfQBjgV87+NYzHr6jHHlA/rX0H8LFa 55 | P4baLu3DMTHDDtvOPwr1sM7xR4mK0m/U7lTUyniqyGp1NbtHOmSUuaaDS1JQuaKS 56 | ikBTpaQUVmUOpabS0xC15f8AF7wxc+IEsJI3VI4Nyrkfxtjn6YH616hWL4ptDd6B 57 | cBTh0+cH0xUVL8j5dzSk0prm2PD/AAnYvp+ltazDbNHM6yD3BrpEiWToOKzPLktr 58 | mRiSwlO7J9atQ3bFsCvGnJSlzM+gpLlXKJcpDAegGT+ZqYgPYAgVnz3DpKW8pJW6 59 | AM2MUranci38vy4gBz/9alGF3dG0ppKzZYs0ilB4BwauOixggVlW9w8sivsWJuhC 60 | nOanmun83bimtNCZPS5g6/osOta3Zq8giRImMjeoyMAe5Oa940SxTStFsbCM/JbQ 61 | JGv0AryTTLRLzXIwwDOWVAvfGecCvZx19q9fAttPyPBzCyatuyyhqZTxVdDU612M 62 | 4ESg04GowacDUFjqKQc0UDKlLSUtZFC0UUCmAtMmiSeF4pBlHBVh7U6imI878Y+G 63 | rbTbGC7tFf5WKyFmz1rimZoy2wZJGQBXter2C6lpc9qw++vy/XtXiMoe3upLeTiS 64 | Nipry8XSUJJpaHq4Os5JpvUoC4uJr1rYIkJC7vMuGCgj2rZ/4Ry/aHzvtdltO4Ei 65 | TPTH+NUrhFlUB1yQODVB8RjyRboR6hiAfqM4rCLTPR6aSt8rktzJc2l7HZgRXLOu 66 | 4SQPkKPU1fUtu3SHJUc/WqlvGIULKo3kdhgCr+lwfb9ZtLItxLIAx9upp25pKKMq 67 | klFN3PTfDenR2mjWbtEvnsm8sVG4buevXpit1aiUAcAYHapVr6GMVGKij5iUnKTk 68 | ydKnU1ClSikwRIKcD60wU4GpLQ7PpRSUUhlaikpc1kWLRSUUxC5ozSZozTA5Txn8 69 | QtF8DxRDUDLPeTDdFaQAFyucbiTwo+vXsK8huNZHiVJddtbY2/mysfJL7iAD0JwM 70 | 1h/F+X7V8RtUKybzEUj5PTCjj8KseD2S304WbzxPJ9/CsDjcM4/DvXLjF+6TXc7M 71 | F/EafY1YNThkVcttccMpqY3trtx8ufeoJbK3acrLECPcUsmj2EUYfyw27kcmvOjY 72 | 9NuS6kc+pxp8seWc8Koq7pWox+HLiHWdQSR0gO90jALYxjAzjnmsxbnTbCXMssMK 73 | r6nk/h1rH17xLY3lpJa25dw4wWxgfrW9KnOU04owqziotSZ7r4S8daT4xFwunpcR 74 | S24DPHOoBweMjBOa6pDXzn8JNej0nxdFbSKqwX6/ZtzHG1s5U59yMfjX0SpwcGvc 75 | Wp4MlZltDUoNV42qYGpYIlFOzUYNOBqSx4opBzRSArUtNqrqWqWOj2D32pXcVrap 76 | 96WVsDPoO5PsOayNC5TXkWKJpZHVI0GWd2AVR7k9K8Z8R/HTazweHNPBHQXd4Ovu 77 | sY/9mP4V5Trvi7XPETltW1S4uVzkRM2I1+iDCj8qtRYWPfvEXxh8L6GJIrWZ9Vu1 78 | 48u1/wBWD7yHj8s15Jr/AMYfFGtyOlvdDS7c5xFZnace7n5j+n0rz1n3Hmmk4zzV 79 | KKFcdNPI7s0jM7sxZmY5LE9ST61CsrI25SQR3BwacWzwRUZX0qiblgaheq25bucH 80 | 18w086tqDrta9uCvp5hqng56UDmp5I9iueXcmDsxyzEn1JqROvNQKD7VKCqDJOas 81 | kuRuMgjp711+n/FHxVpyIsWqNPHEAojukWQEe5PP61wvnEj0B4ApykZJJ7UDPfvD 82 | Hxp0+/dLfXbYWMp4E8RLxH6jqv616laXtve26XFrPFPC/KyRsGU/iK+MBICcDitn 83 | QPFWseHbvztMv5YM/eTOUb6qeDRcXKj7CV8ing1434V+NtpezR2niC3W0Y8fa4cm 84 | PP8AtL1H1Ga9atrqG6gSe3mjmhcZSSNgysPYikTZouCiow4xRRYLmRr+tW/h7Qrv 85 | Vbkbo7dCwQHBdugUfU4r5Y8TeKtV8Tak15qlwztk+XEDiOFf7qL2H6nvXr3x01n7 86 | Po2n6SjfNcymaQf7K8D9T+leBzPuT3H8qiC0NHoNeYnvURc4phPNITmrJuLu5pSa 87 | Z3pRyKYhM80oOaaetAoAkzwKTd6Cm5pBQA8EnqTijOSeOKaT2oHSgY7cTTg1Rilp 88 | AS7/AGpc4UA96iHJApXbk0wJ0kOeDXTeGPGer+GbtZNOunWMnLwscxv9V/ya5T7q 89 | D1NOEhQYHU9/Siw0z7A8KeJ7XxToceo2ymNs7JoicmNx1HuOcg0V5j8A9RQnWNKl 90 | lVARHcruOOfut/7LRTViJaPQ5b42agbrx29uGytrAiAehPJ/nXmrNu2H14NdD481 91 | A6j401S6zkPMQPoOP6VzQOcj0OaiGxctxpNA5obqfrQKokSlWkzQDzQAMOaSnN1F 92 | JQAtFFFAAKKKO9AC0UlGaBj0HemjlvrTkOEY03vQIe7YJP4CkTBfn6mkbkA/Wkzg 93 | YHU9aYGtpl7Pau8kEzxMwwShwcUVUtWIU4oqbXLTFv3M0jSkksWJP481SU/Pk1Ym 94 | b7/1FViMY96diWKwy5+tITTm+7mo6BC0DrR2oHWgB7dBTac3SmUALS0lKOtACUua 95 | KKACm0vSk70ASLxF9TSYzznrQf8AVqKTPH40wHHHQfjTM55pTwp9+KQdKALEL7Is 96 | +poph4Cr6Cigdz//2YhgBBMRAgAgBQJKP/cgAhsDBgsJCAcDAgQVAggDBBYCAwEC 97 | HgECF4AACgkQm30y8tUFgua3awCdFQlChLgn/n4tb4jLe1RgxOxHxosAn2Cn2oNh 98 | sZ91wUb4d5JuH88TCupsuQINBEmFQG0QCADqAXWgiis4yi96os3QZmK5809ojjTT 99 | nlICgbztrT55cMVTDBc9SneyRQlC0cS+M1z4Do6lj81sNJdJiBPqTYYA1+exTFvs 100 | 5zCxPInDP3hvqXxHTP142XN1hdzt53R7smn8O0wyO+RCBUb44e9NkusvBd5UP3Je 101 | 449hnpXJ4WO3cVMFm4ghxs7ERlpAi5NTEsVVdM8dqHbZJtk8gbzdAHH0ybiAXmWy 102 | LFGZDuuKiFAkqm/Wled7id6N+cPx107dwBclwPxzfEYKEqJ1YDDHoDlyfx4012y1 103 | 53e5sGyah/IPBYrrLMfG+Wmiwr5nCX0tmwOcyukuE94hbzJCX2wBdbWLAAMGCACz 104 | l3cuM4lGt/wr5liM4gotXpZAopY+EnbLIBuOHFXXR7HnyAgST1jH/AUbafvPjyDh 105 | EkFDyUP14XtHNIAqsN1UpuyYbM90bMPAWXJxrazMsSF+Tv5yIxHiy4cc1pjoqHA2 106 | kwqIGHmTxYzOPOS19ZWQAtevoTE6pCARphY0dzpscCWaXGs/ZqNAhjL96WLYV1Oo 107 | Ut+9mTnOcs6Vuxaxp2wN2S5DK1S9gdIxWEc8wMUPiQe8CYk0OySdORIblMs3bGqD 108 | FoM5HcBAZP1YlXitPH2nIRv0DtOQGMQOCkqUWmQuQAUgKV+YO86lO4S7EhTET/GP 109 | sQb6P7efm/Cs8wbq/wyIiEkEGBECAAkFAkmFQG0CGwwACgkQm30y8tUFgua2mACe 110 | JNBW4snDC4OzjKU6QT386/GA9ssAn3vLzSwn8N1xv5MihWGr5kVzvaE2 111 | =cjdq 112 | -----END PGP PUBLIC KEY BLOCK----- 113 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | # Safe-restart Jenkins 2 | - name: Restart Jenkins 3 | become: yes 4 | command: "{{ jenkins_cli_cmd }} safe-restart --username {{ jenkins_admin_user }} --password {{ jenkins_admin_password }}" 5 | when: jenkins_admin_user is defined and jenkins_admin_password is defined 6 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: Thomas Berton 4 | description: Role to install Jenkins and install/update plugins 5 | license: MIT 6 | min_ansible_version: 2.2 7 | platforms: 8 | - name: Ubuntu 9 | versions: 10 | - trusty 11 | - name: Debian 12 | versions: 13 | - jessie 14 | - name: FreeBSD 15 | versions: 16 | - 10 17 | - name: EL 18 | - 7 19 | categories: 20 | - development 21 | 22 | dependencies: [] 23 | # List your role dependencies here, one per line. Only 24 | # dependencies available via galaxy should be listed here. 25 | # Be sure to remove the '[]' above if you add dependencies 26 | # to this list. 27 | -------------------------------------------------------------------------------- /meta/main.yml.sample: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: your name 4 | description: 5 | company: your company (optional) 6 | # Some suggested licenses: 7 | # - BSD (default) 8 | # - MIT 9 | # - GPLv2 10 | # - GPLv3 11 | # - Apache 12 | # - CC-BY 13 | license: license (GPLv2, CC-BY, etc) 14 | min_ansible_version: 1.2 15 | # 16 | # Below are all platforms currently available. Just uncomment 17 | # the ones that apply to your role. If you don't see your 18 | # platform on this list, let us know and we'll get it added! 19 | # 20 | #platforms: 21 | #- name: EL 22 | # versions: 23 | # - all 24 | # - 5 25 | # - 6 26 | # - 7 27 | #- name: GenericUNIX 28 | # versions: 29 | # - all 30 | # - any 31 | #- name: Fedora 32 | # versions: 33 | # - all 34 | # - 16 35 | # - 17 36 | # - 18 37 | # - 19 38 | # - 20 39 | #- name: opensuse 40 | # versions: 41 | # - all 42 | # - 12.1 43 | # - 12.2 44 | # - 12.3 45 | # - 13.1 46 | # - 13.2 47 | #- name: Amazon 48 | # versions: 49 | # - all 50 | # - 2013.03 51 | # - 2013.09 52 | #- name: GenericBSD 53 | # versions: 54 | # - all 55 | # - any 56 | #- name: FreeBSD 57 | # versions: 58 | # - all 59 | # - 8.0 60 | # - 8.1 61 | # - 8.2 62 | # - 8.3 63 | # - 8.4 64 | # - 9.0 65 | # - 9.1 66 | # - 9.1 67 | # - 9.2 68 | #- name: Ubuntu 69 | # versions: 70 | # - all 71 | # - lucid 72 | # - maverick 73 | # - natty 74 | # - oneiric 75 | # - precise 76 | # - quantal 77 | # - raring 78 | # - saucy 79 | # - trusty 80 | #- name: SLES 81 | # versions: 82 | # - all 83 | # - 10SP3 84 | # - 10SP4 85 | # - 11 86 | # - 11SP1 87 | # - 11SP2 88 | # - 11SP3 89 | #- name: GenericLinux 90 | # versions: 91 | # - all 92 | # - any 93 | #- name: Debian 94 | # versions: 95 | # - all 96 | # - etch 97 | # - lenny 98 | # - squeeze 99 | # - wheezy 100 | # 101 | # Below are all categories currently available. Just as with 102 | # the platforms above, uncomment those that apply to your role. 103 | # 104 | #categories: 105 | #- cloud 106 | #- cloud:ec2 107 | #- cloud:gce 108 | #- cloud:rax 109 | #- clustering 110 | #- database 111 | #- database:nosql 112 | #- database:sql 113 | #- development 114 | #- monitoring 115 | #- networking 116 | #- packaging 117 | #- system 118 | #- web 119 | dependencies: [] 120 | # List your role dependencies here, one per line. Only 121 | # dependencies available via galaxy should be listed here. 122 | # Be sure to remove the '[]' above if you add dependencies 123 | # to this list. 124 | 125 | -------------------------------------------------------------------------------- /tasks/cli.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Handle plugins 3 | - name: "{{ startup_delay_s | default(10) }}s delay while starting Jenkins" 4 | wait_for: 5 | host: localhost 6 | port: "{{ port }}" 7 | delay: "{{ startup_delay_s | default(10) }}" 8 | when: jenkins_install.changed or config_changed.changed 9 | 10 | - name: "Create Jenkins CLI destination directory: {{ jenkins_dest }}" 11 | file: 12 | path: "{{ jenkins_dest }}" 13 | state: directory 14 | 15 | - name: Get Jenkins CLI 16 | get_url: 17 | url: "{{ jenkins_api_url }}jnlpJars/jenkins-cli.jar" 18 | dest: "{{ jenkins.cli_dest }}" 19 | mode: 0440 20 | register: jenkins_local_cli 21 | until: "'OK' in jenkins_local_cli.msg or 'file already exists' in jenkins_local_cli.msg" 22 | retries: 5 23 | delay: 10 24 | 25 | - name: Get Jenkins updates 26 | get_url: 27 | url: "{{ jenkins_updates_url }}" 28 | dest: "{{ jenkins.updates_dest }}" 29 | thirsty: yes 30 | mode: 0440 31 | timeout: 30 32 | use_proxy: "{{proxy}}" 33 | environment: proxy_env 34 | register: jenkins_updates 35 | when: proxy 36 | 37 | - name: Get Jenkins updates without proxy 38 | get_url: 39 | url: "{{ jenkins_updates_url }}" 40 | dest: "{{ jenkins.updates_dest }}" 41 | thirsty: yes 42 | mode: 0440 43 | timeout: 30 44 | use_proxy: "{{proxy}}" 45 | register: jenkins_updates 46 | when: not proxy 47 | 48 | - name: Update-center Jenkins 49 | shell: "cat {{ jenkins.updates_dest }} | sed '1d;$d' | curl -X POST -H 'Accept: application/json' -d @- {{ jenkins_api_url }}updateCenter/byId/default/postBack" 50 | when: jenkins_updates.changed 51 | notify: 52 | - 'Restart Jenkins' 53 | -------------------------------------------------------------------------------- /tasks/config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Create jenkins configuration for RedHat 4 | file: 5 | path: /etc/sysconfig/jenkins 6 | state: touch 7 | when: ansible_os_family == "RedHat" 8 | 9 | - name: Configure Jenkins Port for RedHat 10 | lineinfile: 11 | dest: /etc/sysconfig/jenkins 12 | regexp: ^JENKINS_PORT= 13 | line: JENKINS_PORT={{port}} 14 | register: config_changed 15 | when: ansible_os_family == "RedHat" 16 | 17 | - name: Configure Jenkins Port for Debian 18 | template: 19 | src: etc.default.jenkins.j2 20 | dest: /etc/default/jenkins 21 | register: config_changed 22 | when: ansible_os_family == "Debian" 23 | 24 | - name: Configure Jenkins Port and Prefix for FreeBSD 25 | lineinfile: 26 | dest: /etc/rc.conf 27 | regexp: ^jenkins_args= 28 | line: jenkins_args="--webroot=/usr/local/jenkins/war --httpPort={{ port }} --prefix={{ prefix }}" 29 | register: config_changed 30 | when: ansible_os_family == "FreeBSD" 31 | 32 | - name: Restart jenkins now 33 | service: name=jenkins state=restarted 34 | when: config_changed.changed 35 | 36 | - name: Configure Jenkins Prefix for RedHat 37 | when: prefix is defined and ansible_os_family == "RedHat" 38 | lineinfile: 39 | dest: /etc/sysconfig/jenkins 40 | regexp: ^PREFIX= 41 | line: PREFIX={{prefix}} 42 | 43 | - name: Configure Jenkins E-mail 44 | when: email is defined and (ansible_os_family == "Debian" or ansible_os_family == "RedHat") 45 | template: 46 | src: hudson.tasks.Mailer.xml.j2 47 | dest: "{{ jenkins_lib }}/hudson.tasks.Mailer.xml" 48 | owner: jenkins 49 | group: jenkins 50 | mode: 0644 51 | 52 | - name: Configure Jenkins E-mail 53 | when: email is defined and ansible_os_family == "FreeBSD" 54 | template: 55 | src: hudson.tasks.Mailer.xml.j2 56 | dest: /usr/local/jenkins/hudson.tasks.Mailer.xml 57 | owner: jenkins 58 | group: jenkins 59 | mode: 0644 60 | -------------------------------------------------------------------------------- /tasks/dependencies_deb.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Debian dependencies 3 | apt: name={{ item }} state=installed 4 | with_items: "{{ jenkins.deb.dependencies }}" 5 | -------------------------------------------------------------------------------- /tasks/dependencies_redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install RedHat dependencies 4 | yum: name={{ item }} state=installed 5 | with_items: "{{ jenkins.redhat.dependencies }}" 6 | -------------------------------------------------------------------------------- /tasks/jenkins.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - include: repo.yml 4 | 5 | - name: Log in to Jenkins CLI if auth config is available 6 | # OK to ignore errors as it won't work before Jenkins is installed 7 | ignore_errors: yes 8 | command: > 9 | {{ jenkins_cli_cmd }} login --username {{ jenkins_admin_user }} --password {{ jenkins_admin_password }} 10 | when: jenkins_admin_user is defined and jenkins_admin_password is defined 11 | 12 | - include: dependencies_deb.yml 13 | when: ansible_os_family == "Debian" 14 | 15 | - include: dependencies_redhat.yml 16 | when: ansible_os_family == "RedHat" 17 | 18 | - name: Install Jenkins for Debian 19 | apt: name=jenkins state=latest 20 | register: jenkins_install 21 | when: ansible_os_family == "Debian" 22 | 23 | - name: Install Jenkins for RedHat 24 | yum: name=jenkins state=latest 25 | register: jenkins_install 26 | when: ansible_os_family == "RedHat" 27 | 28 | - name: Install Jenkins for FreeBSD 29 | pkgng: name=jenkins state=present 30 | register: jenkins_install 31 | when: ansible_os_family == "FreeBSD" 32 | 33 | - name: Ensure jenkins is running 34 | service: 35 | name: jenkins 36 | state: started 37 | when: ansible_os_family == "RedHat" or ansible_os_family == "FreeBSD" 38 | 39 | - name: Start jenkins on boot 40 | shell: chkconfig jenkins on 41 | when: ansible_os_family == "RedHat" 42 | 43 | - name: Ensure jenkins is running and starting on boot 44 | service: 45 | name: jenkins 46 | state: started 47 | enabled: yes 48 | when: ansible_os_family == "FreeBSD" 49 | 50 | - include: config.yml 51 | 52 | - include: cli.yml 53 | 54 | - include: plugins.yml 55 | 56 | #- include: config.yml 57 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - include: jenkins.yml 3 | tags: jenkins 4 | -------------------------------------------------------------------------------- /tasks/plugins.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - template: 3 | src: proxy.groovy 4 | dest: "{{ jenkins_dest }}/proxy.groovy" 5 | when: proxy|bool 6 | 7 | - name: add proxy settings configuration 8 | shell: cat {{ jenkins_dest }}/proxy.groovy | {{ jenkins_cli_cmd }} groovy = 9 | when: jenkins_admin_user is defined and jenkins_admin_password is defined and proxy|bool 10 | 11 | - name: List plugins 12 | shell: "{{ jenkins_cli_cmd }} list-plugins --username {{ jenkins_admin_user }} --password {{ jenkins_admin_password }} | cut -f 1 -d ' '" 13 | when: jenkins_admin_user is defined and jenkins_admin_password is defined and plugins is defined 14 | register: plugins_installed 15 | 16 | - name: Ensure jenkins running before requesting safe restart 17 | service: name=jenkins state=started 18 | 19 | - name: Install/update plugins 20 | shell: "{{ jenkins_cli_cmd }} install-plugin {{ item }} --username {{ jenkins_admin_user }} --password {{ jenkins_admin_password }}" 21 | when: jenkins_admin_user is defined and jenkins_admin_password is defined and plugins_installed.changed and plugins_installed.stdout.find('{{ item }}') == -1 22 | with_items: "{{ plugins }}" 23 | ignore_errors: yes 24 | notify: 25 | - 'Restart Jenkins' 26 | 27 | - name: List plugins to be updated 28 | shell: "{{ jenkins_cli_cmd }} list-plugins --username {{ jenkins_admin_user }} --password {{ jenkins_admin_password }} | grep ')$' | cut -f 1 -d ' ' | awk 1 ORS=' '" 29 | register: plugins_updates 30 | when: jenkins_admin_user is defined and jenkins_admin_password is defined and (ansible_os_family == "Debian" or ansible_os_family == "RedHat") 31 | 32 | - name: Update plugins 33 | shell: "{{ jenkins_cli_cmd }} install-plugin {{ item }} --username {{ jenkins_admin_user }} --password {{ jenkins_admin_password }}" 34 | with_items: "{{ plugins_updates.stdout.split() }}" 35 | when: jenkins_admin_user is defined and jenkins_admin_password is defined and plugins_updates.stdout != '' 36 | ignore_errors: yes 37 | notify: 38 | - 'Restart Jenkins' 39 | -------------------------------------------------------------------------------- /tasks/repo.debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install python-software-properties 4 | apt: 5 | name: python-software-properties 6 | state: installed 7 | update_cache: yes 8 | cache_valid_time: 86400 9 | 10 | - name: Install python-pycurl 11 | apt: name=python-pycurl state=installed 12 | 13 | - name: Add jenkins apt-key 14 | apt_key: data="{{ lookup('file', 'jenkins-ci.org.key') }}" state=present 15 | 16 | - name: Add Jenkins repository 17 | apt_repository: repo='{{ jenkins.deb.repo }}' state=present update_cache=yes 18 | -------------------------------------------------------------------------------- /tasks/repo.redhat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | #- name: Install python-software-properties 4 | # yum: name=python-software-properties state=installed update_cache=yes 5 | 6 | - name: Install python-pycurl 7 | yum: name=python-pycurl state=installed 8 | 9 | - name: Import jenkins key 10 | rpm_key: 11 | key: https://jenkins-ci.org/redhat/jenkins-ci.org.key 12 | state: present 13 | validate_certs: no 14 | 15 | - name: Get jenkins repo for ansible 16 | get_url: 17 | url: http://pkg.jenkins-ci.org/redhat/jenkins.repo 18 | dest: /etc/yum.repos.d/jenkins.repo 19 | -------------------------------------------------------------------------------- /tasks/repo.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install repo for Debian 4 | include: repo.debian.yml 5 | when: ansible_os_family == "Debian" 6 | 7 | - name: Install repo for RedHat 8 | include: repo.redhat.yml 9 | when: ansible_os_family == "RedHat" 10 | -------------------------------------------------------------------------------- /templates/etc.default.jenkins.j2: -------------------------------------------------------------------------------- 1 | # defaults for jenkins continuous integration server 2 | 3 | # pulled in from the init script; makes things easier. 4 | NAME=jenkins 5 | 6 | # location of java 7 | JAVA=/usr/bin/java 8 | 9 | # arguments to pass to java 10 | JAVA_ARGS="-Djava.awt.headless=true" # Allow graphs etc. to work even when an X server is present 11 | #JAVA_ARGS="-Xmx256m" 12 | #JAVA_ARGS="-Djava.net.preferIPv4Stack=true" # make jenkins listen on IPv4 address 13 | 14 | PIDFILE=/var/run/$NAME/$NAME.pid 15 | 16 | # user and group to be invoked as (default to jenkins) 17 | JENKINS_USER=$NAME 18 | JENKINS_GROUP=$NAME 19 | 20 | # location of the jenkins war file 21 | JENKINS_WAR=/usr/share/$NAME/$NAME.war 22 | 23 | # jenkins home location 24 | JENKINS_HOME=/var/lib/$NAME 25 | 26 | # set this to false if you don't want Hudson to run by itself 27 | # in this set up, you are expected to provide a servlet container 28 | # to host jenkins. 29 | RUN_STANDALONE=true 30 | 31 | # log location. this may be a syslog facility.priority 32 | JENKINS_LOG=/var/log/$NAME/$NAME.log 33 | #JENKINS_LOG=daemon.info 34 | 35 | # OS LIMITS SETUP 36 | # comment this out to observe /etc/security/limits.conf 37 | # this is on by default because http://github.com/jenkinsci/jenkins/commit/2fb288474e980d0e7ff9c4a3b768874835a3e92e 38 | # reported that Ubuntu's PAM configuration doesn't include pam_limits.so, and as a result the # of file 39 | # descriptors are forced to 1024 regardless of /etc/security/limits.conf 40 | MAXOPENFILES=8192 41 | 42 | # set the umask to control permission bits of files that Jenkins creates. 43 | # 027 makes files read-only for group and inaccessible for others, which some security sensitive users 44 | # might consider benefitial, especially if Jenkins runs in a box that's used for multiple purposes. 45 | # Beware that 027 permission would interfere with sudo scripts that run on the master (JENKINS-25065.) 46 | # 47 | # Note also that the particularly sensitive part of $JENKINS_HOME (such as credentials) are always 48 | # written without 'others' access. So the umask values only affect job configuration, build records, 49 | # that sort of things. 50 | # 51 | # If commented out, the value from the OS is inherited, which is normally 022 (as of Ubuntu 12.04, 52 | # by default umask comes from pam_umask(8) and /etc/login.defs 53 | 54 | # UMASK=027 55 | 56 | # port for HTTP connector (default 8080; disable with -1) 57 | HTTP_PORT={{ port }} 58 | 59 | 60 | # servlet context, important if you want to use apache proxying 61 | PREFIX={{ prefix }} 62 | 63 | # arguments to pass to jenkins. 64 | # --javahome=$JAVA_HOME 65 | # --httpPort=$HTTP_PORT (default 8080; disable with -1) 66 | # --httpsPort=$HTTP_PORT 67 | # --argumentsRealm.passwd.$ADMIN_USER=[password] 68 | # --argumentsRealm.roles.$ADMIN_USER=admin 69 | # --webroot=~/.jenkins/war 70 | # --prefix=$PREFIX 71 | AJP_PORT={{ ajp_port }} 72 | 73 | JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --prefix=$PREFIX" 74 | -------------------------------------------------------------------------------- /templates/hudson.tasks.Mailer.xml.j2: -------------------------------------------------------------------------------- 1 | 2 | 3 | {{ email.default_email_suffix }} 4 | {{ email.smtp_host }} 5 | {{ email.smtp_ssl }} 6 | UTF-8 7 | 8 | -------------------------------------------------------------------------------- /templates/proxy.groovy: -------------------------------------------------------------------------------- 1 | import jenkins.model.* 2 | 3 | def instance = Jenkins.getInstance() 4 | 5 | final String name = "{{proxy_host}}" 6 | final int port = {{proxy_port}} 7 | final String userName = "{{proxy_login}}" 8 | final String password = "{{proxy_password}}" 9 | final String noProxyHost = "localhost" 10 | 11 | final def pc = new hudson.ProxyConfiguration(name, port, userName, password, noProxyHost) 12 | instance.proxy = pc 13 | instance.save() 14 | println "Proxy settings updated!" 15 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | jenkins_dest: /opt/jenkins 3 | jenkins_lib: /var/lib/jenkins 4 | jenkins: 5 | deb: 6 | repo: 'deb http://pkg.jenkins.io/debian-stable binary/' # Jenkins repository 7 | dependencies: # Jenkins dependencies 8 | - '{{ java_version }}-jre' 9 | - '{{ java_version }}-jdk' 10 | - 'git' 11 | - 'curl' 12 | redhat: 13 | dependencies: 14 | - 'libselinux-python' 15 | - 'java' 16 | - 'git' 17 | - 'curl' 18 | cli_dest: '{{ jenkins_dest }}/jenkins-cli.jar' # Jenkins CLI destination 19 | updates_dest: '{{ jenkins_dest }}/updates_jenkins.json' # Jenkins updates file 20 | jenkins_api_url: "http://localhost:{{ port }}{{ prefix }}" 21 | jenkins_cli_cmd: "java -jar {{ jenkins.cli_dest }} -s {{ jenkins_api_url }}" 22 | --------------------------------------------------------------------------------