From: Alfredo Deza Date: Fri, 17 Jul 2015 21:22:20 +0000 (-0400) Subject: move the ansible-jenkins to the roles dir X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=a83c1d13479b2118dcffb8be3b0879112b94d88d;p=ceph-build.git move the ansible-jenkins to the roles dir Signed-off-by: Alfredo Deza --- diff --git a/ansible/master/ansible-jenkins/.gitignore b/ansible/master/ansible-jenkins/.gitignore deleted file mode 100644 index c17966fa..00000000 --- a/ansible/master/ansible-jenkins/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -*~ -.vagrant -Vagrantfile \ No newline at end of file diff --git a/ansible/master/ansible-jenkins/defaults/main.yml b/ansible/master/ansible-jenkins/defaults/main.yml deleted file mode 100644 index c8e3ee83..00000000 --- a/ansible/master/ansible-jenkins/defaults/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -placeholder: 'placeholder' -port: 8080 -# plugins: -# - 'ldap' -# - 'github' -# - 'translation' -# - 'preSCMbuildstep' -# - 'gravatar' diff --git a/ansible/master/ansible-jenkins/files/jenkins-ci.org.key b/ansible/master/ansible-jenkins/files/jenkins-ci.org.key deleted file mode 100644 index 7a6e8128..00000000 --- a/ansible/master/ansible-jenkins/files/jenkins-ci.org.key +++ /dev/null @@ -1,112 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.9 (GNU/Linux) - -mQGiBEmFQG0RBACXScOxb6BTV6rQE/tcJopAEWsdvmE0jNIRWjDDzB7HovX6Anrq -n7+Vq4spAReSFbBVaYiiOx2cGDymj2dyx2i9NAI/9/cQXJOU+RPdDzHVlO1Edksp -5rKn0cGPWY5sLxRf8s/tO5oyKgwCVgTaB5a8gBHaoGms3nNC4YYf+lqlpwCgjbti -3u1iMIx6Rs+dG0+xw1oi5FUD/2tLJMx7vCUQHhPRupeYFPoD8vWpcbGb5nHfHi4U -8/x4qZspAIwvXtGw0UBHildGpqe9onp22Syadn/7JgMWhHoFw5Ke/rTMlxREL7pa -TiXuagD2G84tjJ66oJP1FigslJzrnG61y85V7THL61OFqDg6IOP4onbsdqHby4VD -zZj9A/9uQxIn5250AGLNpARStAcNPJNJbHOQuv0iF3vnG8uO7/oscB0TYb8/juxr -hs9GdSN0U0BxENR+8KWy5lttpqLMKlKRknQYy34UstQiyFgAQ9Epncu9uIbVDgWt -y7utnqXN033EyYkcWx5EhLAgHkC7wSzeSWABV3JSXN7CeeOif7QiS29oc3VrZSBL -YXdhZ3VjaGkgPGtrQGtvaHN1a2Uub3JnPohjBBMRAgAjAhsDBgsJCAcDAgQVAggD -BBYCAwECHgECF4AFAko/7vYCGQEACgkQm30y8tUFguabhgCgi54IQR4rpJZ/uUHe -ZB879zUWTQwAniQDBO+Zly7Fsvm0Mcvqvl02UzxCtC1Lb2hzdWtlIEthd2FndWNo -aSA8a29oc3VrZS5rYXdhZ3VjaGlAc3VuLmNvbT6IYAQTEQIAIAUCSj/qbQIbAwYL -CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEJt9MvLVBYLm38gAoIGR2+TQeJaCeEa8 -CQhZYzDoiJkQAJ0cpmD+0VA+leOAr5LEccNVd70Z/dHNy83JARAAAQEAAAAAAAAA -AAAAAAD/2P/gABBKRklGAAEBAQBgAGAAAP/hAGBFeGlmAABJSSoACAAAAAQAMQEC -ABkAAAA+AAAAEFEBAAEAAAABQ5AAEVEEAAEAAAASCwAAElEEAAEAAAASCwAAAAAA -AE1hY3JvbWVkaWEgRmlyZXdvcmtzIDQuMAAA/9sAQwAIBgYHBgUIBwcHCQkICgwU -DQwLCwwZEhMPFB0aHx4dGhwcICQuJyAiLCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy -/9sAQwEJCQkMCwwYDQ0YMiEcITIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy -MjIyMjIyMjIyMjIyMjIyMjIyMjIy/8AAEQgArgCWAwEiAAIRAQMRAf/EAB8AAAEF -AQEBAQEBAAAAAAAAAAABAgMEBQYHCAkKC//EALUQAAIBAwMCBAMFBQQEAAABfQEC -AwAEEQUSITFBBhNRYQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkq -NDU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqS -k5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk -5ebn6Onq8fLz9PX29/j5+v/EAB8BAAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkK -C//EALURAAIBAgQEAwQHBQQEAAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGx -wQkjM1LwFWJy0QoWJDThJfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFla -Y2RlZmdoaWpzdHV2d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2 -t7i5usLDxMXGx8jJytLT1NXW19jZ2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQAC -EQMRAD8A9wEj/wB9vzpfMf8Avt+dRinCpGSeY398/nS72/vH86YKBQBJvb+8fzpd -7f3j+dMFLQA/e394/nS7j6n86ZSimA7cfU07cfU1HnFOFADtx9aXJ9TTKUUxD8n1 -pc+9Mp1AC5ozSUtAC0maKKADNFJ2ooAoCnCmilzWZQ6lFJSimAopaQUtAC54rOvN -dsLCTZPPGrdwXAry/wCKHxXfRppND0Mq16Bie5PIi9lHdv5V8/X+rXt/O8tzcyyy -MclnYkk0avYdl1PqPxT8VtH8NwqwzdXEuSkaHoB61wjftCXhlzHosBjHZpSCa8PW -O7uhuAkcDueaaYbhOqMMe1L5lcvWx9U+FPjJ4f8AEU0dpdhtLvXOFWdgY3PoH6fg -cV6MrZGa+EklIOJOPqK9i+G3xem0TytI8QSSXGnHCQXJO57f2Pqn6indrclq+x9G -5pwNVoLiO4hSaGRZIpFDKynIYHuKmBqyB+aWmg0uaAFopKKAFoozRQBQFLSUorMo -UUtJSigB1ZHijWovD/hu+1KZlUQxErnu3YfnWsK8k+Pt60PhaxtAxAnuOQO4UE0P -YaWp8/Xd1LeTz3Mzl5pnLuxPJJNa+i+HDclZZ1yp5C1Q0axa+1BEx8i8mvS7S3WG -NQo6elcWLxDprljuelgsOp+/IgtdCiVFVYx07CnXHhyNgflA/Ct+1BwOKmkVq8xS -m9bnr2S0sec6n4UVo2KKNw6Vx9xby2U3lSAj617NcR5J4zmua1/Q4r+1JVQJU5Ui -uzD4qUXyz2OHFYWM1zR3Ol+CHj0xXX/CKajMTHKd1g7H7r94/oeo9wR3r3tWr4ht -pZtNv4bmElZ7eVZUIOPmU5/pX2dpOpR6tpFnqMQxHdQpMoz03DOK9ePY8OaszUDU -+oFNSg0yUOopKWgAoo6mikBRpwptLWZY4UoptLTELXin7QbD7PoiFv45Gx+Ar2uv -FP2g7dfsejXOfm8x48evGf6UmNbnm3hCBls57sJuYnYg9TXSyW2uIgNpJbs5GWDj -gewrP8EJu0XIHKyNV2+j1txM0MzIQV8oIQN3POSenHTg15VSV6z2+Z7dGNqKt26G -hpeo6rC3lajZxKOgdG6/hW5NcoIC4HOOhrmbJb1IokuZWkfbmUsQQGz2xW5OAbAE -Y3d/es5TtJo6oRbjcx7uXVryXbblIIv723JqN9PuUdLhJ2aQf6xW6OP6VBqS6jcQ -sLS4aOQHCqH2qVx64znP8verWn2d/DKrPOzxbFBWQ5O7HJyOxParv7t7oxcfeasz -z3xBaC01uZV4RxvAr6X+F0rv8NdCMj7iICAfQBjgV87+NYzHr6jHHlA/rX0H8LFa -P4baLu3DMTHDDtvOPwr1sM7xR4mK0m/U7lTUyniqyGp1NbtHOmSUuaaDS1JQuaKS -ikBTpaQUVmUOpabS0xC15f8AF7wxc+IEsJI3VI4Nyrkfxtjn6YH616hWL4ptDd6B -cBTh0+cH0xUVL8j5dzSk0prm2PD/AAnYvp+ltazDbNHM6yD3BrpEiWToOKzPLktr -mRiSwlO7J9atQ3bFsCvGnJSlzM+gpLlXKJcpDAegGT+ZqYgPYAgVnz3DpKW8pJW6 -AM2MUranci38vy4gBz/9alGF3dG0ppKzZYs0ilB4BwauOixggVlW9w8sivsWJuhC -nOanmun83bimtNCZPS5g6/osOta3Zq8giRImMjeoyMAe5Oa940SxTStFsbCM/JbQ -JGv0AryTTLRLzXIwwDOWVAvfGecCvZx19q9fAttPyPBzCyatuyyhqZTxVdDU612M -4ESg04GowacDUFjqKQc0UDKlLSUtZFC0UUCmAtMmiSeF4pBlHBVh7U6imI878Y+G -rbTbGC7tFf5WKyFmz1rimZoy2wZJGQBXter2C6lpc9qw++vy/XtXiMoe3upLeTiS -Nipry8XSUJJpaHq4Os5JpvUoC4uJr1rYIkJC7vMuGCgj2rZ/4Ry/aHzvtdltO4Ei -TPTH+NUrhFlUB1yQODVB8RjyRboR6hiAfqM4rCLTPR6aSt8rktzJc2l7HZgRXLOu -4SQPkKPU1fUtu3SHJUc/WqlvGIULKo3kdhgCr+lwfb9ZtLItxLIAx9upp25pKKMq -klFN3PTfDenR2mjWbtEvnsm8sVG4buevXpit1aiUAcAYHapVr6GMVGKij5iUnKTk -ydKnU1ClSikwRIKcD60wU4GpLQ7PpRSUUhlaikpc1kWLRSUUxC5ozSZozTA5Txn8 -QtF8DxRDUDLPeTDdFaQAFyucbiTwo+vXsK8huNZHiVJddtbY2/mysfJL7iAD0JwM -1h/F+X7V8RtUKybzEUj5PTCjj8KseD2S304WbzxPJ9/CsDjcM4/DvXLjF+6TXc7M -F/EafY1YNThkVcttccMpqY3trtx8ufeoJbK3acrLECPcUsmj2EUYfyw27kcmvOjY -9NuS6kc+pxp8seWc8Koq7pWox+HLiHWdQSR0gO90jALYxjAzjnmsxbnTbCXMssMK -r6nk/h1rH17xLY3lpJa25dw4wWxgfrW9KnOU04owqziotSZ7r4S8daT4xFwunpcR -S24DPHOoBweMjBOa6pDXzn8JNej0nxdFbSKqwX6/ZtzHG1s5U59yMfjX0SpwcGvc -Wp4MlZltDUoNV42qYGpYIlFOzUYNOBqSx4opBzRSArUtNqrqWqWOj2D32pXcVrap -96WVsDPoO5PsOayNC5TXkWKJpZHVI0GWd2AVR7k9K8Z8R/HTazweHNPBHQXd4Ovu -sY/9mP4V5Trvi7XPETltW1S4uVzkRM2I1+iDCj8qtRYWPfvEXxh8L6GJIrWZ9Vu1 -48u1/wBWD7yHj8s15Jr/AMYfFGtyOlvdDS7c5xFZnace7n5j+n0rz1n3Hmmk4zzV -KKFcdNPI7s0jM7sxZmY5LE9ST61CsrI25SQR3BwacWzwRUZX0qiblgaheq25bucH -18w086tqDrta9uCvp5hqng56UDmp5I9iueXcmDsxyzEn1JqROvNQKD7VKCqDJOas -kuRuMgjp711+n/FHxVpyIsWqNPHEAojukWQEe5PP61wvnEj0B4ApykZJJ7UDPfvD -Hxp0+/dLfXbYWMp4E8RLxH6jqv616laXtve26XFrPFPC/KyRsGU/iK+MBICcDitn -QPFWseHbvztMv5YM/eTOUb6qeDRcXKj7CV8ing1434V+NtpezR2niC3W0Y8fa4cm -PP8AtL1H1Ga9atrqG6gSe3mjmhcZSSNgysPYikTZouCiow4xRRYLmRr+tW/h7Qrv -Vbkbo7dCwQHBdugUfU4r5Y8TeKtV8Tak15qlwztk+XEDiOFf7qL2H6nvXr3x01n7 -Po2n6SjfNcymaQf7K8D9T+leBzPuT3H8qiC0NHoNeYnvURc4phPNITmrJuLu5pSa -Z3pRyKYhM80oOaaetAoAkzwKTd6Cm5pBQA8EnqTijOSeOKaT2oHSgY7cTTg1Rilp -AS7/AGpc4UA96iHJApXbk0wJ0kOeDXTeGPGer+GbtZNOunWMnLwscxv9V/ya5T7q -D1NOEhQYHU9/Siw0z7A8KeJ7XxToceo2ymNs7JoicmNx1HuOcg0V5j8A9RQnWNKl -lVARHcruOOfut/7LRTViJaPQ5b42agbrx29uGytrAiAehPJ/nXmrNu2H14NdD481 -A6j401S6zkPMQPoOP6VzQOcj0OaiGxctxpNA5obqfrQKokSlWkzQDzQAMOaSnN1F -JQAtFFFAAKKKO9AC0UlGaBj0HemjlvrTkOEY03vQIe7YJP4CkTBfn6mkbkA/Wkzg -YHU9aYGtpl7Pau8kEzxMwwShwcUVUtWIU4oqbXLTFv3M0jSkksWJP481SU/Pk1Ym -b7/1FViMY96diWKwy5+tITTm+7mo6BC0DrR2oHWgB7dBTac3SmUALS0lKOtACUua -KKACm0vSk70ASLxF9TSYzznrQf8AVqKTPH40wHHHQfjTM55pTwp9+KQdKALEL7Is -+poph4Cr6Cigdz//2YhgBBMRAgAgBQJKP/cgAhsDBgsJCAcDAgQVAggDBBYCAwEC -HgECF4AACgkQm30y8tUFgua3awCdFQlChLgn/n4tb4jLe1RgxOxHxosAn2Cn2oNh -sZ91wUb4d5JuH88TCupsuQINBEmFQG0QCADqAXWgiis4yi96os3QZmK5809ojjTT -nlICgbztrT55cMVTDBc9SneyRQlC0cS+M1z4Do6lj81sNJdJiBPqTYYA1+exTFvs -5zCxPInDP3hvqXxHTP142XN1hdzt53R7smn8O0wyO+RCBUb44e9NkusvBd5UP3Je -449hnpXJ4WO3cVMFm4ghxs7ERlpAi5NTEsVVdM8dqHbZJtk8gbzdAHH0ybiAXmWy -LFGZDuuKiFAkqm/Wled7id6N+cPx107dwBclwPxzfEYKEqJ1YDDHoDlyfx4012y1 -53e5sGyah/IPBYrrLMfG+Wmiwr5nCX0tmwOcyukuE94hbzJCX2wBdbWLAAMGCACz -l3cuM4lGt/wr5liM4gotXpZAopY+EnbLIBuOHFXXR7HnyAgST1jH/AUbafvPjyDh -EkFDyUP14XtHNIAqsN1UpuyYbM90bMPAWXJxrazMsSF+Tv5yIxHiy4cc1pjoqHA2 -kwqIGHmTxYzOPOS19ZWQAtevoTE6pCARphY0dzpscCWaXGs/ZqNAhjL96WLYV1Oo -Ut+9mTnOcs6Vuxaxp2wN2S5DK1S9gdIxWEc8wMUPiQe8CYk0OySdORIblMs3bGqD -FoM5HcBAZP1YlXitPH2nIRv0DtOQGMQOCkqUWmQuQAUgKV+YO86lO4S7EhTET/GP -sQb6P7efm/Cs8wbq/wyIiEkEGBECAAkFAkmFQG0CGwwACgkQm30y8tUFgua2mACe -JNBW4snDC4OzjKU6QT386/GA9ssAn3vLzSwn8N1xv5MihWGr5kVzvaE2 -=cjdq ------END PGP PUBLIC KEY BLOCK----- diff --git a/ansible/master/ansible-jenkins/files/jenkins.conf b/ansible/master/ansible-jenkins/files/jenkins.conf deleted file mode 100644 index e6da1478..00000000 --- a/ansible/master/ansible-jenkins/files/jenkins.conf +++ /dev/null @@ -1,23 +0,0 @@ -# {{ ansible_managed }} - -server { - - listen 80; - # FIXME - #server_name jenkins.domain.tld; - - location / { - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # Fix the "It appears that your reverse proxy set up is broken" error. - proxy_pass http://127.0.0.1:8080; - proxy_read_timeout 90; - - # FIXME - #proxy_redirect http://127.0.0.1:8080 https://jenkins.domain.tld; - } - } diff --git a/ansible/master/ansible-jenkins/files/jenkins.repo b/ansible/master/ansible-jenkins/files/jenkins.repo deleted file mode 100644 index fa351457..00000000 --- a/ansible/master/ansible-jenkins/files/jenkins.repo +++ /dev/null @@ -1,6 +0,0 @@ -# {{ ansible_managed }} - -[jenkins] -name=Jenkins -baseurl=http://pkg.jenkins-ci.org/redhat -gpgcheck=1 diff --git a/ansible/master/ansible-jenkins/files/jobs/jenkins-job-builder/config.xml b/ansible/master/ansible-jenkins/files/jobs/jenkins-job-builder/config.xml deleted file mode 100644 index 336b140a..00000000 --- a/ansible/master/ansible-jenkins/files/jobs/jenkins-job-builder/config.xml +++ /dev/null @@ -1,70 +0,0 @@ - - - <!-- Managed by Jenkins Job Builder --> - false - false - Jenkins Job Builder - false - false - true - 5 - trusty - false - 3 - - - 2 - - - origin - +refs/heads/*:refs/remotes/origin/* - https://github.com/ceph/ceph-build.git - - - - - master - - - - - false - false - false - false - true - false - false - Default - - - - - - false - - false - false - - - 20 - - - - - http://github.com/ceph/ceph-build.git - - - - - 0 */3 * * * - - - - - bash jjb/config/config - - - - - diff --git a/ansible/master/ansible-jenkins/files/ssh/jenkins_build.pub b/ansible/master/ansible-jenkins/files/ssh/jenkins_build.pub deleted file mode 100644 index e4c92628..00000000 --- a/ansible/master/ansible-jenkins/files/ssh/jenkins_build.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDI0tHxJQ7n+uMiLpsoR6CKAVd0xatgVQuqp/gmnGpZU0kE54a29vPNnEt7/aLitbfyhc57rrbHOT09H3ov74GZKkoVBSbMJUSsK3drbN+58wcuk+HK0htRewmwCfcfi9AkrVbyw6pbPXW/pbjxnxLep52fKmpJJnImZ5eHRV5le9OSAcLA1LHYR4y9R3IOrTp7jgpE205UxZi5OopAx7gkyTsmfydvmq4MjaSwbVOJ7aW/Fdt5FVxNJP3Zl/OrvDoo/1WovoRIDbVQH8JFpLikMSnCqtBVIHDeW6imAKl6dpn9Gf4FxD94+OcurhXo2p0pvSzC4Strg4d2Sxqh4wph jenkins-build diff --git a/ansible/master/ansible-jenkins/handlers/main.yml b/ansible/master/ansible-jenkins/handlers/main.yml deleted file mode 100644 index 728f7189..00000000 --- a/ansible/master/ansible-jenkins/handlers/main.yml +++ /dev/null @@ -1,9 +0,0 @@ -# Safe-restart Jenkins -- name: restart jenkins - sudo: yes - command: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} safe-restart - -- name: restart nginx - sudo: yes - action: service name=nginx state=restarted - #command: service nginx restart diff --git a/ansible/master/ansible-jenkins/tasks/config.yml b/ansible/master/ansible-jenkins/tasks/config.yml deleted file mode 100644 index f32c8819..00000000 --- a/ansible/master/ansible-jenkins/tasks/config.yml +++ /dev/null @@ -1,129 +0,0 @@ ---- - -- name: Configure Jenkins Port - lineinfile: - dest: /etc/sysconfig/jenkins - regexp: ^HTTP_PORT= - line: HTTP_PORT={{port}} - backrefs: yes - register: config_changed - -- name: ensure TTY is disabled for admin user - lineinfile: - dest: /etc/sudoers - state: present - regexp: '^{{ ansible_ssh_user }} ALL\=' - regexp: '^Defaults requiretty' - line: '#Defaults requiretty' - validate: 'visudo -cf %s' - backrefs: yes - -- name: ensure ssh user can sudo without prompts - lineinfile: - dest: /etc/sudoers - state: present - regexp: '^{{ ansible_ssh_user }} ALL\=' - line: '%{{ ansible_ssh_user }} ALL=(ALL) NOPASSWD:ALL' - validate: 'visudo -cf %s' - backrefs: yes - -- name: Configure Jenkins Prefix - when: prefix is defined - lineinfile: - dest: /etc/sysconfig/jenkins - regexp: ^PREFIX= - line: PREFIX={{prefix}} - backrefs: yes - -- name: Set the amount of RAM - when: xmx is defined - lineinfile: - dest: /etc/sysconfig/jenkins - regexp: ^JENKINS_JAVA_OPTIONS - line: 'JENKINS_JAVA_OPTIONS="-Xmx{{xmx}}m -Djava.awt.headless=true"' - backrefs: yes - -- name: Configure Jenkins E-mail - when: email is defined - template: - src: hudson.tasks.Mailer.xml.j2 - dest: '{{ jenkins_lib }}/hudson.tasks.Mailer.xml' - owner: jenkins - group: jenkins - mode: 0644 - -- name: Tell SELinux that we should allow Nginx to talk to Jenkins - seboolean: name=httpd_can_network_connect state=yes persistent=yes - -- name: copy JJB config file to {{ jenkins_jobs }} - synchronize: - src: jobs/jenkins-job-builder - dest: '{{ jenkins_jobs }}' - owner: no - group: no - -- name: ensure correct ownership of {{ jenkins_jobs }} - file: - path: '{{ jenkins_jobs }}' - state: directory - owner: jenkins - group: jenkins - recurse: yes - notify: - - restart jenkins - -# Handle plugins -- name: "{{ startup_delay_s | default(10) }}s delay while starting Jenkins" - wait_for: - host: localhost - port: '{{ port }}' - delay: '{{ startup_delay_s | default(10) }}' - when: jenkins_install.changed or config_changed.changed - -- name: "Create Jenkins CLI destination directory: {{ jenkins_dest }}" - file: - path: '{{ jenkins_dest }}' - state: directory - -- name: Get Jenkins CLI - get_url: - url: http://localhost:{{ port }}/jnlpJars/jenkins-cli.jar - dest: '{{ jenkins.cli_dest }}' - mode: 0440 - register: jenkins_local_cli - until: "'OK' in jenkins_local_cli.msg or 'file already exists' in jenkins_local_cli.msg" - #retries: 5 - #delay: 10 - ignore_errors: true - -- name: Get Jenkins updates - get_url: - url: http://updates.jenkins-ci.org/update-center.json - dest: '{{ jenkins.updates_dest }}' - thirsty: yes - mode: 0440 - timeout: 30 - register: jenkins_updates - -- name: Update-center Jenkins - shell: "cat {{ jenkins.updates_dest }} | sed '1d;$d' | curl -X POST -H 'Accept: application/json' -d @- http://localhost:{{ port }}/updateCenter/byId/default/postBack" - when: jenkins_updates.changed - notify: - - 'restart jenkins' - -- name: create a jenkins-build user - user: - name: jenkins-build - comment: "Jenkins Build Slave User" - -- name: Create .ssh directory - file: - path: /home/jenkins-build/.ssh - state: directory - -- name: set the authorized keys '{{ playbook_dir }}/ansible-jenkins/files/ssh/keys/jenkins_build.pub' - authorized_key: - user: jenkins-build - key: "{{ lookup('file', 'ssh/keys/jenkins_build.pub') }}" - tags: fix - diff --git a/ansible/master/ansible-jenkins/tasks/dependencies_yum.yml b/ansible/master/ansible-jenkins/tasks/dependencies_yum.yml deleted file mode 100644 index 9e4350c2..00000000 --- a/ansible/master/ansible-jenkins/tasks/dependencies_yum.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -- name: epel-release install - yum: name=epel-release - state=present -- name: Install dependencies - yum: name={{ item }} state=installed - with_items: jenkins.yum.dependencies - -- name: Enable Nginx service - service: name=nginx enabled=yes state=started diff --git a/ansible/master/ansible-jenkins/tasks/jenkins.yml b/ansible/master/ansible-jenkins/tasks/jenkins.yml deleted file mode 100644 index 596c0c11..00000000 --- a/ansible/master/ansible-jenkins/tasks/jenkins.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- include: repo.yml - -- include: dependencies_yum.yml - -- include: nginx.yml - -- name: Install Jenkins - yum: name=jenkins state=present - register: jenkins_install - -- include: config.yml - -- include: plugins.yml - -- include: config.yml diff --git a/ansible/master/ansible-jenkins/tasks/main.yml b/ansible/master/ansible-jenkins/tasks/main.yml deleted file mode 100644 index 0fcf0b17..00000000 --- a/ansible/master/ansible-jenkins/tasks/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- include: jenkins.yml tags=jenkins diff --git a/ansible/master/ansible-jenkins/tasks/nginx.yml b/ansible/master/ansible-jenkins/tasks/nginx.yml deleted file mode 100644 index e7ec900e..00000000 --- a/ansible/master/ansible-jenkins/tasks/nginx.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- - - - name: ensure sites-available for nginx - file: path=/etc/nginx/sites-available state=directory - - - name: ensure sites-enable for nginx - file: path=/etc/nginx/sites-enabled state=directory - - - name: remove default nginx site - action: file path=/etc/nginx/sites-enabled/default state=absent - - - name: write nginx.conf - action: template src=../templates/nginx.conf dest=/etc/nginx/nginx.conf - - - name: create nginx site config - action: template src=../templates/jenkins.conf dest=/etc/nginx/sites-available/jenkins.conf - notify: - - restart nginx - - - name: link nginx config - action: file src=/etc/nginx/sites-available/jenkins.conf dest=/etc/nginx/sites-enabled/jenkins.conf state=link diff --git a/ansible/master/ansible-jenkins/tasks/plugins.yml b/ansible/master/ansible-jenkins/tasks/plugins.yml deleted file mode 100644 index af68e6d9..00000000 --- a/ansible/master/ansible-jenkins/tasks/plugins.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- name: List plugins - shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} list-plugins | cut -f 1 -d ' ' - when: plugins is defined - register: plugins_installed - -- name: Install/update plugins - shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} install-plugin {{ item }} - when: plugins_installed.changed and plugins_installed.stdout.find('{{ item }}') == -1 - with_items: plugins - notify: - - 'restart jenkins' - -- name: List plugins to be updated - shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} list-plugins | grep ')$' | cut -f 1 -d ' ' | sed ':a;N;$!ba;s/\n/ /g' - register: plugins_updates - -- name: Update plugins - shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} install-plugin {{ item }} - with_items: plugins_updates.stdout.split() - when: plugins_updates.stdout != '' - ignore_errors: yes - notify: - - 'restart jenkins' diff --git a/ansible/master/ansible-jenkins/tasks/repo.yml b/ansible/master/ansible-jenkins/tasks/repo.yml deleted file mode 100644 index d6e40664..00000000 --- a/ansible/master/ansible-jenkins/tasks/repo.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: Install python-devel - yum: name=python-devel state=present - -- name: Install python-pycurl - yum: name=python-pycurl state=present - -- name: Add Jenkins GPG Key - rpm_key: state=present key=https://jenkins-ci.org/redhat/jenkins-ci.org.key - -- name: Create the repo file for Jenkins - copy: src=jenkins.repo - dest=/etc/yum.repos.d/ - owner=root - group=root - mode=0644 diff --git a/ansible/master/ansible-jenkins/templates/hudson.tasks.Mailer.xml.j2 b/ansible/master/ansible-jenkins/templates/hudson.tasks.Mailer.xml.j2 deleted file mode 100644 index e30c16df..00000000 --- a/ansible/master/ansible-jenkins/templates/hudson.tasks.Mailer.xml.j2 +++ /dev/null @@ -1,7 +0,0 @@ - - - {{ email.default_email_suffix }} - {{ email.smtp_host }} - {{ email.smtp_ssl }} - UTF-8 - diff --git a/ansible/master/ansible-jenkins/templates/jenkins.conf b/ansible/master/ansible-jenkins/templates/jenkins.conf deleted file mode 100644 index b01e34de..00000000 --- a/ansible/master/ansible-jenkins/templates/jenkins.conf +++ /dev/null @@ -1,22 +0,0 @@ -# {{ ansible_managed }} - -server { - listen 80; - - # FIXME - server_name localhost; - - access_log /var/log/nginx/jenkins_access.log; - error_log /var/log/nginx/jenkins_error.log; - - location / { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_pass http://127.0.0.1:8080; - proxy_read_timeout 90; - - } -} diff --git a/ansible/master/ansible-jenkins/templates/nginx.conf b/ansible/master/ansible-jenkins/templates/nginx.conf deleted file mode 100644 index 1ab526ef..00000000 --- a/ansible/master/ansible-jenkins/templates/nginx.conf +++ /dev/null @@ -1,69 +0,0 @@ -# {{ ansible_managed }} -user nginx; -worker_processes {{ nginx_processor_count }}; -worker_rlimit_nofile 8192; - -pid /var/run/nginx.pid; - -events { - worker_connections {{ nginx_connections }} ; - # multi_accept on; -} - -http { - - ## - # Basic Settings - ## - - #sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - server_tokens off; - - # server_names_hash_bucket_size 64; - # server_name_in_redirect off; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # Logging Settings - ## - - access_log /var/log/nginx/access.log; - error_log /var/log/nginx/error.log; - - ## - # Gzip Settings - ## - - gzip on; - gzip_disable "msie6"; - - # gzip_vary on; - # gzip_proxied any; - # gzip_comp_level 6; - # gzip_buffers 16 8k; - # gzip_http_version 1.1; - # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; - - ## - # If HTTPS, then set a variable so it can be passed along. - ## - - map $scheme $server_https { - default off; - https on; - } - - ## - # Virtual Host Configs - ## - - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; -} - diff --git a/ansible/master/ansible-jenkins/vars/main.yml b/ansible/master/ansible-jenkins/vars/main.yml deleted file mode 100644 index de34459a..00000000 --- a/ansible/master/ansible-jenkins/vars/main.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -jenkins_dest: /opt/jenkins -jenkins_lib: /var/lib/jenkins -jenkins_jobs: '{{ jenkins_lib }}/jobs' -jenkins: - yum: - #repo: 'deb http://pkg.jenkins-ci.org/debian binary/' # Jenkins repository - dependencies: # Jenkins dependencies - #- 'openjdk-7-jre' - - 'java-1.7.0-openjdk' - - 'git' - - 'curl' - - 'nginx' - cli_dest: '{{ jenkins_dest }}/jenkins-cli.jar' # Jenkins CLI destination - updates_dest: '{{ jenkins_dest }}/updates_jenkins.json' # Jenkins updates file diff --git a/ansible/roles/ansible-jenkins/.gitignore b/ansible/roles/ansible-jenkins/.gitignore new file mode 100644 index 00000000..c17966fa --- /dev/null +++ b/ansible/roles/ansible-jenkins/.gitignore @@ -0,0 +1,3 @@ +*~ +.vagrant +Vagrantfile \ No newline at end of file diff --git a/ansible/roles/ansible-jenkins/defaults/main.yml b/ansible/roles/ansible-jenkins/defaults/main.yml new file mode 100644 index 00000000..c8e3ee83 --- /dev/null +++ b/ansible/roles/ansible-jenkins/defaults/main.yml @@ -0,0 +1,9 @@ +--- +placeholder: 'placeholder' +port: 8080 +# plugins: +# - 'ldap' +# - 'github' +# - 'translation' +# - 'preSCMbuildstep' +# - 'gravatar' diff --git a/ansible/roles/ansible-jenkins/files/jenkins-ci.org.key b/ansible/roles/ansible-jenkins/files/jenkins-ci.org.key new file mode 100644 index 00000000..7a6e8128 --- /dev/null +++ b/ansible/roles/ansible-jenkins/files/jenkins-ci.org.key @@ -0,0 +1,112 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.9 (GNU/Linux) + +mQGiBEmFQG0RBACXScOxb6BTV6rQE/tcJopAEWsdvmE0jNIRWjDDzB7HovX6Anrq +n7+Vq4spAReSFbBVaYiiOx2cGDymj2dyx2i9NAI/9/cQXJOU+RPdDzHVlO1Edksp +5rKn0cGPWY5sLxRf8s/tO5oyKgwCVgTaB5a8gBHaoGms3nNC4YYf+lqlpwCgjbti +3u1iMIx6Rs+dG0+xw1oi5FUD/2tLJMx7vCUQHhPRupeYFPoD8vWpcbGb5nHfHi4U +8/x4qZspAIwvXtGw0UBHildGpqe9onp22Syadn/7JgMWhHoFw5Ke/rTMlxREL7pa +TiXuagD2G84tjJ66oJP1FigslJzrnG61y85V7THL61OFqDg6IOP4onbsdqHby4VD +zZj9A/9uQxIn5250AGLNpARStAcNPJNJbHOQuv0iF3vnG8uO7/oscB0TYb8/juxr +hs9GdSN0U0BxENR+8KWy5lttpqLMKlKRknQYy34UstQiyFgAQ9Epncu9uIbVDgWt +y7utnqXN033EyYkcWx5EhLAgHkC7wSzeSWABV3JSXN7CeeOif7QiS29oc3VrZSBL +YXdhZ3VjaGkgPGtrQGtvaHN1a2Uub3JnPohjBBMRAgAjAhsDBgsJCAcDAgQVAggD +BBYCAwECHgECF4AFAko/7vYCGQEACgkQm30y8tUFguabhgCgi54IQR4rpJZ/uUHe +ZB879zUWTQwAniQDBO+Zly7Fsvm0Mcvqvl02UzxCtC1Lb2hzdWtlIEthd2FndWNo +aSA8a29oc3VrZS5rYXdhZ3VjaGlAc3VuLmNvbT6IYAQTEQIAIAUCSj/qbQIbAwYL +CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEJt9MvLVBYLm38gAoIGR2+TQeJaCeEa8 +CQhZYzDoiJkQAJ0cpmD+0VA+leOAr5LEccNVd70Z/dHNy83JARAAAQEAAAAAAAAA +AAAAAAD/2P/gABBKRklGAAEBAQBgAGAAAP/hAGBFeGlmAABJSSoACAAAAAQAMQEC +ABkAAAA+AAAAEFEBAAEAAAABQ5AAEVEEAAEAAAASCwAAElEEAAEAAAASCwAAAAAA +AE1hY3JvbWVkaWEgRmlyZXdvcmtzIDQuMAAA/9sAQwAIBgYHBgUIBwcHCQkICgwU +DQwLCwwZEhMPFB0aHx4dGhwcICQuJyAiLCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy +/9sAQwEJCQkMCwwYDQ0YMiEcITIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy +MjIyMjIyMjIyMjIyMjIyMjIyMjIy/8AAEQgArgCWAwEiAAIRAQMRAf/EAB8AAAEF +AQEBAQEBAAAAAAAAAAABAgMEBQYHCAkKC//EALUQAAIBAwMCBAMFBQQEAAABfQEC +AwAEEQUSITFBBhNRYQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkq +NDU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqS +k5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk +5ebn6Onq8fLz9PX29/j5+v/EAB8BAAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkK +C//EALURAAIBAgQEAwQHBQQEAAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGx +wQkjM1LwFWJy0QoWJDThJfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFla +Y2RlZmdoaWpzdHV2d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2 +t7i5usLDxMXGx8jJytLT1NXW19jZ2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQAC +EQMRAD8A9wEj/wB9vzpfMf8Avt+dRinCpGSeY398/nS72/vH86YKBQBJvb+8fzpd +7f3j+dMFLQA/e394/nS7j6n86ZSimA7cfU07cfU1HnFOFADtx9aXJ9TTKUUxD8n1 +pc+9Mp1AC5ozSUtAC0maKKADNFJ2ooAoCnCmilzWZQ6lFJSimAopaQUtAC54rOvN +dsLCTZPPGrdwXAry/wCKHxXfRppND0Mq16Bie5PIi9lHdv5V8/X+rXt/O8tzcyyy +MclnYkk0avYdl1PqPxT8VtH8NwqwzdXEuSkaHoB61wjftCXhlzHosBjHZpSCa8PW +O7uhuAkcDueaaYbhOqMMe1L5lcvWx9U+FPjJ4f8AEU0dpdhtLvXOFWdgY3PoH6fg +cV6MrZGa+EklIOJOPqK9i+G3xem0TytI8QSSXGnHCQXJO57f2Pqn6indrclq+x9G +5pwNVoLiO4hSaGRZIpFDKynIYHuKmBqyB+aWmg0uaAFopKKAFoozRQBQFLSUorMo +UUtJSigB1ZHijWovD/hu+1KZlUQxErnu3YfnWsK8k+Pt60PhaxtAxAnuOQO4UE0P +YaWp8/Xd1LeTz3Mzl5pnLuxPJJNa+i+HDclZZ1yp5C1Q0axa+1BEx8i8mvS7S3WG +NQo6elcWLxDprljuelgsOp+/IgtdCiVFVYx07CnXHhyNgflA/Ct+1BwOKmkVq8xS +m9bnr2S0sec6n4UVo2KKNw6Vx9xby2U3lSAj617NcR5J4zmua1/Q4r+1JVQJU5Ui +uzD4qUXyz2OHFYWM1zR3Ol+CHj0xXX/CKajMTHKd1g7H7r94/oeo9wR3r3tWr4ht +pZtNv4bmElZ7eVZUIOPmU5/pX2dpOpR6tpFnqMQxHdQpMoz03DOK9ePY8OaszUDU ++oFNSg0yUOopKWgAoo6mikBRpwptLWZY4UoptLTELXin7QbD7PoiFv45Gx+Ar2uv +FP2g7dfsejXOfm8x48evGf6UmNbnm3hCBls57sJuYnYg9TXSyW2uIgNpJbs5GWDj +gewrP8EJu0XIHKyNV2+j1txM0MzIQV8oIQN3POSenHTg15VSV6z2+Z7dGNqKt26G +hpeo6rC3lajZxKOgdG6/hW5NcoIC4HOOhrmbJb1IokuZWkfbmUsQQGz2xW5OAbAE +Y3d/es5TtJo6oRbjcx7uXVryXbblIIv723JqN9PuUdLhJ2aQf6xW6OP6VBqS6jcQ +sLS4aOQHCqH2qVx64znP8verWn2d/DKrPOzxbFBWQ5O7HJyOxParv7t7oxcfeasz +z3xBaC01uZV4RxvAr6X+F0rv8NdCMj7iICAfQBjgV87+NYzHr6jHHlA/rX0H8LFa +P4baLu3DMTHDDtvOPwr1sM7xR4mK0m/U7lTUyniqyGp1NbtHOmSUuaaDS1JQuaKS +ikBTpaQUVmUOpabS0xC15f8AF7wxc+IEsJI3VI4Nyrkfxtjn6YH616hWL4ptDd6B +cBTh0+cH0xUVL8j5dzSk0prm2PD/AAnYvp+ltazDbNHM6yD3BrpEiWToOKzPLktr +mRiSwlO7J9atQ3bFsCvGnJSlzM+gpLlXKJcpDAegGT+ZqYgPYAgVnz3DpKW8pJW6 +AM2MUranci38vy4gBz/9alGF3dG0ppKzZYs0ilB4BwauOixggVlW9w8sivsWJuhC +nOanmun83bimtNCZPS5g6/osOta3Zq8giRImMjeoyMAe5Oa940SxTStFsbCM/JbQ +JGv0AryTTLRLzXIwwDOWVAvfGecCvZx19q9fAttPyPBzCyatuyyhqZTxVdDU612M +4ESg04GowacDUFjqKQc0UDKlLSUtZFC0UUCmAtMmiSeF4pBlHBVh7U6imI878Y+G +rbTbGC7tFf5WKyFmz1rimZoy2wZJGQBXter2C6lpc9qw++vy/XtXiMoe3upLeTiS +Nipry8XSUJJpaHq4Os5JpvUoC4uJr1rYIkJC7vMuGCgj2rZ/4Ry/aHzvtdltO4Ei +TPTH+NUrhFlUB1yQODVB8RjyRboR6hiAfqM4rCLTPR6aSt8rktzJc2l7HZgRXLOu +4SQPkKPU1fUtu3SHJUc/WqlvGIULKo3kdhgCr+lwfb9ZtLItxLIAx9upp25pKKMq +klFN3PTfDenR2mjWbtEvnsm8sVG4buevXpit1aiUAcAYHapVr6GMVGKij5iUnKTk +ydKnU1ClSikwRIKcD60wU4GpLQ7PpRSUUhlaikpc1kWLRSUUxC5ozSZozTA5Txn8 +QtF8DxRDUDLPeTDdFaQAFyucbiTwo+vXsK8huNZHiVJddtbY2/mysfJL7iAD0JwM +1h/F+X7V8RtUKybzEUj5PTCjj8KseD2S304WbzxPJ9/CsDjcM4/DvXLjF+6TXc7M +F/EafY1YNThkVcttccMpqY3trtx8ufeoJbK3acrLECPcUsmj2EUYfyw27kcmvOjY +9NuS6kc+pxp8seWc8Koq7pWox+HLiHWdQSR0gO90jALYxjAzjnmsxbnTbCXMssMK +r6nk/h1rH17xLY3lpJa25dw4wWxgfrW9KnOU04owqziotSZ7r4S8daT4xFwunpcR +S24DPHOoBweMjBOa6pDXzn8JNej0nxdFbSKqwX6/ZtzHG1s5U59yMfjX0SpwcGvc +Wp4MlZltDUoNV42qYGpYIlFOzUYNOBqSx4opBzRSArUtNqrqWqWOj2D32pXcVrap +96WVsDPoO5PsOayNC5TXkWKJpZHVI0GWd2AVR7k9K8Z8R/HTazweHNPBHQXd4Ovu +sY/9mP4V5Trvi7XPETltW1S4uVzkRM2I1+iDCj8qtRYWPfvEXxh8L6GJIrWZ9Vu1 +48u1/wBWD7yHj8s15Jr/AMYfFGtyOlvdDS7c5xFZnace7n5j+n0rz1n3Hmmk4zzV +KKFcdNPI7s0jM7sxZmY5LE9ST61CsrI25SQR3BwacWzwRUZX0qiblgaheq25bucH +18w086tqDrta9uCvp5hqng56UDmp5I9iueXcmDsxyzEn1JqROvNQKD7VKCqDJOas +kuRuMgjp711+n/FHxVpyIsWqNPHEAojukWQEe5PP61wvnEj0B4ApykZJJ7UDPfvD +Hxp0+/dLfXbYWMp4E8RLxH6jqv616laXtve26XFrPFPC/KyRsGU/iK+MBICcDitn +QPFWseHbvztMv5YM/eTOUb6qeDRcXKj7CV8ing1434V+NtpezR2niC3W0Y8fa4cm +PP8AtL1H1Ga9atrqG6gSe3mjmhcZSSNgysPYikTZouCiow4xRRYLmRr+tW/h7Qrv +Vbkbo7dCwQHBdugUfU4r5Y8TeKtV8Tak15qlwztk+XEDiOFf7qL2H6nvXr3x01n7 +Po2n6SjfNcymaQf7K8D9T+leBzPuT3H8qiC0NHoNeYnvURc4phPNITmrJuLu5pSa +Z3pRyKYhM80oOaaetAoAkzwKTd6Cm5pBQA8EnqTijOSeOKaT2oHSgY7cTTg1Rilp +AS7/AGpc4UA96iHJApXbk0wJ0kOeDXTeGPGer+GbtZNOunWMnLwscxv9V/ya5T7q +D1NOEhQYHU9/Siw0z7A8KeJ7XxToceo2ymNs7JoicmNx1HuOcg0V5j8A9RQnWNKl +lVARHcruOOfut/7LRTViJaPQ5b42agbrx29uGytrAiAehPJ/nXmrNu2H14NdD481 +A6j401S6zkPMQPoOP6VzQOcj0OaiGxctxpNA5obqfrQKokSlWkzQDzQAMOaSnN1F +JQAtFFFAAKKKO9AC0UlGaBj0HemjlvrTkOEY03vQIe7YJP4CkTBfn6mkbkA/Wkzg +YHU9aYGtpl7Pau8kEzxMwwShwcUVUtWIU4oqbXLTFv3M0jSkksWJP481SU/Pk1Ym +b7/1FViMY96diWKwy5+tITTm+7mo6BC0DrR2oHWgB7dBTac3SmUALS0lKOtACUua +KKACm0vSk70ASLxF9TSYzznrQf8AVqKTPH40wHHHQfjTM55pTwp9+KQdKALEL7Is ++poph4Cr6Cigdz//2YhgBBMRAgAgBQJKP/cgAhsDBgsJCAcDAgQVAggDBBYCAwEC +HgECF4AACgkQm30y8tUFgua3awCdFQlChLgn/n4tb4jLe1RgxOxHxosAn2Cn2oNh +sZ91wUb4d5JuH88TCupsuQINBEmFQG0QCADqAXWgiis4yi96os3QZmK5809ojjTT +nlICgbztrT55cMVTDBc9SneyRQlC0cS+M1z4Do6lj81sNJdJiBPqTYYA1+exTFvs +5zCxPInDP3hvqXxHTP142XN1hdzt53R7smn8O0wyO+RCBUb44e9NkusvBd5UP3Je +449hnpXJ4WO3cVMFm4ghxs7ERlpAi5NTEsVVdM8dqHbZJtk8gbzdAHH0ybiAXmWy +LFGZDuuKiFAkqm/Wled7id6N+cPx107dwBclwPxzfEYKEqJ1YDDHoDlyfx4012y1 +53e5sGyah/IPBYrrLMfG+Wmiwr5nCX0tmwOcyukuE94hbzJCX2wBdbWLAAMGCACz +l3cuM4lGt/wr5liM4gotXpZAopY+EnbLIBuOHFXXR7HnyAgST1jH/AUbafvPjyDh +EkFDyUP14XtHNIAqsN1UpuyYbM90bMPAWXJxrazMsSF+Tv5yIxHiy4cc1pjoqHA2 +kwqIGHmTxYzOPOS19ZWQAtevoTE6pCARphY0dzpscCWaXGs/ZqNAhjL96WLYV1Oo +Ut+9mTnOcs6Vuxaxp2wN2S5DK1S9gdIxWEc8wMUPiQe8CYk0OySdORIblMs3bGqD +FoM5HcBAZP1YlXitPH2nIRv0DtOQGMQOCkqUWmQuQAUgKV+YO86lO4S7EhTET/GP +sQb6P7efm/Cs8wbq/wyIiEkEGBECAAkFAkmFQG0CGwwACgkQm30y8tUFgua2mACe +JNBW4snDC4OzjKU6QT386/GA9ssAn3vLzSwn8N1xv5MihWGr5kVzvaE2 +=cjdq +-----END PGP PUBLIC KEY BLOCK----- diff --git a/ansible/roles/ansible-jenkins/files/jenkins.conf b/ansible/roles/ansible-jenkins/files/jenkins.conf new file mode 100644 index 00000000..e6da1478 --- /dev/null +++ b/ansible/roles/ansible-jenkins/files/jenkins.conf @@ -0,0 +1,23 @@ +# {{ ansible_managed }} + +server { + + listen 80; + # FIXME + #server_name jenkins.domain.tld; + + location / { + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # Fix the "It appears that your reverse proxy set up is broken" error. + proxy_pass http://127.0.0.1:8080; + proxy_read_timeout 90; + + # FIXME + #proxy_redirect http://127.0.0.1:8080 https://jenkins.domain.tld; + } + } diff --git a/ansible/roles/ansible-jenkins/files/jenkins.repo b/ansible/roles/ansible-jenkins/files/jenkins.repo new file mode 100644 index 00000000..fa351457 --- /dev/null +++ b/ansible/roles/ansible-jenkins/files/jenkins.repo @@ -0,0 +1,6 @@ +# {{ ansible_managed }} + +[jenkins] +name=Jenkins +baseurl=http://pkg.jenkins-ci.org/redhat +gpgcheck=1 diff --git a/ansible/roles/ansible-jenkins/files/jobs/jenkins-job-builder/config.xml b/ansible/roles/ansible-jenkins/files/jobs/jenkins-job-builder/config.xml new file mode 100644 index 00000000..336b140a --- /dev/null +++ b/ansible/roles/ansible-jenkins/files/jobs/jenkins-job-builder/config.xml @@ -0,0 +1,70 @@ + + + <!-- Managed by Jenkins Job Builder --> + false + false + Jenkins Job Builder + false + false + true + 5 + trusty + false + 3 + + + 2 + + + origin + +refs/heads/*:refs/remotes/origin/* + https://github.com/ceph/ceph-build.git + + + + + master + + + + + false + false + false + false + true + false + false + Default + + + + + + false + + false + false + + + 20 + + + + + http://github.com/ceph/ceph-build.git + + + + + 0 */3 * * * + + + + + bash jjb/config/config + + + + + diff --git a/ansible/roles/ansible-jenkins/files/ssh/jenkins_build.pub b/ansible/roles/ansible-jenkins/files/ssh/jenkins_build.pub new file mode 100644 index 00000000..e4c92628 --- /dev/null +++ b/ansible/roles/ansible-jenkins/files/ssh/jenkins_build.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDI0tHxJQ7n+uMiLpsoR6CKAVd0xatgVQuqp/gmnGpZU0kE54a29vPNnEt7/aLitbfyhc57rrbHOT09H3ov74GZKkoVBSbMJUSsK3drbN+58wcuk+HK0htRewmwCfcfi9AkrVbyw6pbPXW/pbjxnxLep52fKmpJJnImZ5eHRV5le9OSAcLA1LHYR4y9R3IOrTp7jgpE205UxZi5OopAx7gkyTsmfydvmq4MjaSwbVOJ7aW/Fdt5FVxNJP3Zl/OrvDoo/1WovoRIDbVQH8JFpLikMSnCqtBVIHDeW6imAKl6dpn9Gf4FxD94+OcurhXo2p0pvSzC4Strg4d2Sxqh4wph jenkins-build diff --git a/ansible/roles/ansible-jenkins/handlers/main.yml b/ansible/roles/ansible-jenkins/handlers/main.yml new file mode 100644 index 00000000..728f7189 --- /dev/null +++ b/ansible/roles/ansible-jenkins/handlers/main.yml @@ -0,0 +1,9 @@ +# Safe-restart Jenkins +- name: restart jenkins + sudo: yes + command: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} safe-restart + +- name: restart nginx + sudo: yes + action: service name=nginx state=restarted + #command: service nginx restart diff --git a/ansible/roles/ansible-jenkins/tasks/config.yml b/ansible/roles/ansible-jenkins/tasks/config.yml new file mode 100644 index 00000000..f32c8819 --- /dev/null +++ b/ansible/roles/ansible-jenkins/tasks/config.yml @@ -0,0 +1,129 @@ +--- + +- name: Configure Jenkins Port + lineinfile: + dest: /etc/sysconfig/jenkins + regexp: ^HTTP_PORT= + line: HTTP_PORT={{port}} + backrefs: yes + register: config_changed + +- name: ensure TTY is disabled for admin user + lineinfile: + dest: /etc/sudoers + state: present + regexp: '^{{ ansible_ssh_user }} ALL\=' + regexp: '^Defaults requiretty' + line: '#Defaults requiretty' + validate: 'visudo -cf %s' + backrefs: yes + +- name: ensure ssh user can sudo without prompts + lineinfile: + dest: /etc/sudoers + state: present + regexp: '^{{ ansible_ssh_user }} ALL\=' + line: '%{{ ansible_ssh_user }} ALL=(ALL) NOPASSWD:ALL' + validate: 'visudo -cf %s' + backrefs: yes + +- name: Configure Jenkins Prefix + when: prefix is defined + lineinfile: + dest: /etc/sysconfig/jenkins + regexp: ^PREFIX= + line: PREFIX={{prefix}} + backrefs: yes + +- name: Set the amount of RAM + when: xmx is defined + lineinfile: + dest: /etc/sysconfig/jenkins + regexp: ^JENKINS_JAVA_OPTIONS + line: 'JENKINS_JAVA_OPTIONS="-Xmx{{xmx}}m -Djava.awt.headless=true"' + backrefs: yes + +- name: Configure Jenkins E-mail + when: email is defined + template: + src: hudson.tasks.Mailer.xml.j2 + dest: '{{ jenkins_lib }}/hudson.tasks.Mailer.xml' + owner: jenkins + group: jenkins + mode: 0644 + +- name: Tell SELinux that we should allow Nginx to talk to Jenkins + seboolean: name=httpd_can_network_connect state=yes persistent=yes + +- name: copy JJB config file to {{ jenkins_jobs }} + synchronize: + src: jobs/jenkins-job-builder + dest: '{{ jenkins_jobs }}' + owner: no + group: no + +- name: ensure correct ownership of {{ jenkins_jobs }} + file: + path: '{{ jenkins_jobs }}' + state: directory + owner: jenkins + group: jenkins + recurse: yes + notify: + - restart jenkins + +# Handle plugins +- name: "{{ startup_delay_s | default(10) }}s delay while starting Jenkins" + wait_for: + host: localhost + port: '{{ port }}' + delay: '{{ startup_delay_s | default(10) }}' + when: jenkins_install.changed or config_changed.changed + +- name: "Create Jenkins CLI destination directory: {{ jenkins_dest }}" + file: + path: '{{ jenkins_dest }}' + state: directory + +- name: Get Jenkins CLI + get_url: + url: http://localhost:{{ port }}/jnlpJars/jenkins-cli.jar + dest: '{{ jenkins.cli_dest }}' + mode: 0440 + register: jenkins_local_cli + until: "'OK' in jenkins_local_cli.msg or 'file already exists' in jenkins_local_cli.msg" + #retries: 5 + #delay: 10 + ignore_errors: true + +- name: Get Jenkins updates + get_url: + url: http://updates.jenkins-ci.org/update-center.json + dest: '{{ jenkins.updates_dest }}' + thirsty: yes + mode: 0440 + timeout: 30 + register: jenkins_updates + +- name: Update-center Jenkins + shell: "cat {{ jenkins.updates_dest }} | sed '1d;$d' | curl -X POST -H 'Accept: application/json' -d @- http://localhost:{{ port }}/updateCenter/byId/default/postBack" + when: jenkins_updates.changed + notify: + - 'restart jenkins' + +- name: create a jenkins-build user + user: + name: jenkins-build + comment: "Jenkins Build Slave User" + +- name: Create .ssh directory + file: + path: /home/jenkins-build/.ssh + state: directory + +- name: set the authorized keys '{{ playbook_dir }}/ansible-jenkins/files/ssh/keys/jenkins_build.pub' + authorized_key: + user: jenkins-build + key: "{{ lookup('file', 'ssh/keys/jenkins_build.pub') }}" + tags: fix + diff --git a/ansible/roles/ansible-jenkins/tasks/dependencies_yum.yml b/ansible/roles/ansible-jenkins/tasks/dependencies_yum.yml new file mode 100644 index 00000000..9e4350c2 --- /dev/null +++ b/ansible/roles/ansible-jenkins/tasks/dependencies_yum.yml @@ -0,0 +1,11 @@ +--- + +- name: epel-release install + yum: name=epel-release + state=present +- name: Install dependencies + yum: name={{ item }} state=installed + with_items: jenkins.yum.dependencies + +- name: Enable Nginx service + service: name=nginx enabled=yes state=started diff --git a/ansible/roles/ansible-jenkins/tasks/jenkins.yml b/ansible/roles/ansible-jenkins/tasks/jenkins.yml new file mode 100644 index 00000000..596c0c11 --- /dev/null +++ b/ansible/roles/ansible-jenkins/tasks/jenkins.yml @@ -0,0 +1,16 @@ +--- +- include: repo.yml + +- include: dependencies_yum.yml + +- include: nginx.yml + +- name: Install Jenkins + yum: name=jenkins state=present + register: jenkins_install + +- include: config.yml + +- include: plugins.yml + +- include: config.yml diff --git a/ansible/roles/ansible-jenkins/tasks/main.yml b/ansible/roles/ansible-jenkins/tasks/main.yml new file mode 100644 index 00000000..0fcf0b17 --- /dev/null +++ b/ansible/roles/ansible-jenkins/tasks/main.yml @@ -0,0 +1,2 @@ +--- +- include: jenkins.yml tags=jenkins diff --git a/ansible/roles/ansible-jenkins/tasks/nginx.yml b/ansible/roles/ansible-jenkins/tasks/nginx.yml new file mode 100644 index 00000000..e7ec900e --- /dev/null +++ b/ansible/roles/ansible-jenkins/tasks/nginx.yml @@ -0,0 +1,21 @@ +--- + + - name: ensure sites-available for nginx + file: path=/etc/nginx/sites-available state=directory + + - name: ensure sites-enable for nginx + file: path=/etc/nginx/sites-enabled state=directory + + - name: remove default nginx site + action: file path=/etc/nginx/sites-enabled/default state=absent + + - name: write nginx.conf + action: template src=../templates/nginx.conf dest=/etc/nginx/nginx.conf + + - name: create nginx site config + action: template src=../templates/jenkins.conf dest=/etc/nginx/sites-available/jenkins.conf + notify: + - restart nginx + + - name: link nginx config + action: file src=/etc/nginx/sites-available/jenkins.conf dest=/etc/nginx/sites-enabled/jenkins.conf state=link diff --git a/ansible/roles/ansible-jenkins/tasks/plugins.yml b/ansible/roles/ansible-jenkins/tasks/plugins.yml new file mode 100644 index 00000000..af68e6d9 --- /dev/null +++ b/ansible/roles/ansible-jenkins/tasks/plugins.yml @@ -0,0 +1,24 @@ +--- +- name: List plugins + shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} list-plugins | cut -f 1 -d ' ' + when: plugins is defined + register: plugins_installed + +- name: Install/update plugins + shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} install-plugin {{ item }} + when: plugins_installed.changed and plugins_installed.stdout.find('{{ item }}') == -1 + with_items: plugins + notify: + - 'restart jenkins' + +- name: List plugins to be updated + shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} list-plugins | grep ')$' | cut -f 1 -d ' ' | sed ':a;N;$!ba;s/\n/ /g' + register: plugins_updates + +- name: Update plugins + shell: java -jar {{ jenkins.cli_dest }} -s http://localhost:{{ port }} install-plugin {{ item }} + with_items: plugins_updates.stdout.split() + when: plugins_updates.stdout != '' + ignore_errors: yes + notify: + - 'restart jenkins' diff --git a/ansible/roles/ansible-jenkins/tasks/repo.yml b/ansible/roles/ansible-jenkins/tasks/repo.yml new file mode 100644 index 00000000..d6e40664 --- /dev/null +++ b/ansible/roles/ansible-jenkins/tasks/repo.yml @@ -0,0 +1,16 @@ +--- +- name: Install python-devel + yum: name=python-devel state=present + +- name: Install python-pycurl + yum: name=python-pycurl state=present + +- name: Add Jenkins GPG Key + rpm_key: state=present key=https://jenkins-ci.org/redhat/jenkins-ci.org.key + +- name: Create the repo file for Jenkins + copy: src=jenkins.repo + dest=/etc/yum.repos.d/ + owner=root + group=root + mode=0644 diff --git a/ansible/roles/ansible-jenkins/templates/hudson.tasks.Mailer.xml.j2 b/ansible/roles/ansible-jenkins/templates/hudson.tasks.Mailer.xml.j2 new file mode 100644 index 00000000..e30c16df --- /dev/null +++ b/ansible/roles/ansible-jenkins/templates/hudson.tasks.Mailer.xml.j2 @@ -0,0 +1,7 @@ + + + {{ email.default_email_suffix }} + {{ email.smtp_host }} + {{ email.smtp_ssl }} + UTF-8 + diff --git a/ansible/roles/ansible-jenkins/templates/jenkins.conf b/ansible/roles/ansible-jenkins/templates/jenkins.conf new file mode 100644 index 00000000..b01e34de --- /dev/null +++ b/ansible/roles/ansible-jenkins/templates/jenkins.conf @@ -0,0 +1,22 @@ +# {{ ansible_managed }} + +server { + listen 80; + + # FIXME + server_name localhost; + + access_log /var/log/nginx/jenkins_access.log; + error_log /var/log/nginx/jenkins_error.log; + + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_pass http://127.0.0.1:8080; + proxy_read_timeout 90; + + } +} diff --git a/ansible/roles/ansible-jenkins/templates/nginx.conf b/ansible/roles/ansible-jenkins/templates/nginx.conf new file mode 100644 index 00000000..1ab526ef --- /dev/null +++ b/ansible/roles/ansible-jenkins/templates/nginx.conf @@ -0,0 +1,69 @@ +# {{ ansible_managed }} +user nginx; +worker_processes {{ nginx_processor_count }}; +worker_rlimit_nofile 8192; + +pid /var/run/nginx.pid; + +events { + worker_connections {{ nginx_connections }} ; + # multi_accept on; +} + +http { + + ## + # Basic Settings + ## + + #sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # Logging Settings + ## + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + ## + # Gzip Settings + ## + + gzip on; + gzip_disable "msie6"; + + # gzip_vary on; + # gzip_proxied any; + # gzip_comp_level 6; + # gzip_buffers 16 8k; + # gzip_http_version 1.1; + # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; + + ## + # If HTTPS, then set a variable so it can be passed along. + ## + + map $scheme $server_https { + default off; + https on; + } + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} + diff --git a/ansible/roles/ansible-jenkins/vars/main.yml b/ansible/roles/ansible-jenkins/vars/main.yml new file mode 100644 index 00000000..de34459a --- /dev/null +++ b/ansible/roles/ansible-jenkins/vars/main.yml @@ -0,0 +1,15 @@ +--- +jenkins_dest: /opt/jenkins +jenkins_lib: /var/lib/jenkins +jenkins_jobs: '{{ jenkins_lib }}/jobs' +jenkins: + yum: + #repo: 'deb http://pkg.jenkins-ci.org/debian binary/' # Jenkins repository + dependencies: # Jenkins dependencies + #- 'openjdk-7-jre' + - 'java-1.7.0-openjdk' + - 'git' + - 'curl' + - 'nginx' + cli_dest: '{{ jenkins_dest }}/jenkins-cli.jar' # Jenkins CLI destination + updates_dest: '{{ jenkins_dest }}/updates_jenkins.json' # Jenkins updates file