Split Jenkins into agent and server tasks

This commit is contained in:
Kris Lamoureux 2020-09-21 21:58:42 -04:00
parent 13d1d960b7
commit e5ba0ac610
Signed by: kris
GPG Key ID: 3EDA9C3441EDA925
4 changed files with 76 additions and 67 deletions

View File

@ -17,4 +17,5 @@
become: true become: true
roles: roles:
- base - base
- jenkins
- libvirt - libvirt

View File

@ -0,0 +1,46 @@
- name: Install GnuPG
apt:
name: gnupg
state: present
- name: Create Jenkins user
user:
name: "{{ jenkins_user }}"
state: present
shell: /bin/bash
skeleton: /etc/skel
generate_ssh_key: true
- name: Set Jenkins authorized key
authorized_key:
user: jenkins
state: present
exclusive: true
key: "{{ jenkins_sshkey }}"
- name: Give Jenkins user passwordless sudo
template:
src: jenkins_sudoers.j2
dest: /etc/sudoers.d/{{ jenkins_user }}
validate: "visudo -cf %s"
mode: 0440
- name: Install Ansible source
copy:
src: ansible.list
dest: /etc/apt/sources.list.d/ansible.list
- name: Add Ansible source key
apt_key:
keyserver: keyserver.ubuntu.com
id: 93C4A3FD7BB9C367
- name: Install Ansible
apt:
name: ansible
state: present
- name: Install Java
apt:
name: default-jre
state: present

View File

@ -1,69 +1,5 @@
- name: Create Jenkins user - import_tasks: agent.yml
user:
name: "{{ jenkins_user }}"
state: present
shell: /bin/bash
skeleton: /etc/skel
generate_ssh_key: true
- name: Set Jenkins authorized key
authorized_key:
user: jenkins
state: present
exclusive: true
key: "{{ jenkins_sshkey }}"
when: jenkins_sshkey is defined when: jenkins_sshkey is defined
- name: Give Jenkins user passwordless sudo - import_tasks: server.yml
template: when: jenkins_domain is defined
src: jenkins_sudoers.j2
dest: /etc/sudoers.d/{{ jenkins_user }}
validate: "visudo -cf %s"
mode: 0440
- name: Install Ansible source
copy:
src: ansible.list
dest: /etc/apt/sources.list.d/ansible.list
- name: Add Ansible source key
apt_key:
keyserver: keyserver.ubuntu.com
id: 93C4A3FD7BB9C367
- name: Install Ansible
apt:
name: ansible
state: present
- name: Install Java
apt:
name: default-jre
state: present
- name: Create Jenkin's directory
file:
path: "{{ jenkins_root }}"
state: directory
owner: "1000"
group: "1000"
- name: Start Jenkins Container
docker_container:
name: "{{ jenkins_name }}"
image: jenkins/jenkins:{{ jenkins_version }}
state: started
restart_policy: always
ports:
- 50000:50000
volumes: "{{ jenkins_root }}:/var/jenkins_home"
networks_cli_compatible: true
networks:
- name: traefik
labels:
traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
traefik.http.routers.jenkins.entrypoints: websecure
traefik.http.routers.jenkins.tls.certresolver: letsencrypt
traefik.http.routers.jenkins.middlewares: "securehttps@file"
traefik.docker.network: traefik
traefik.enable: "true"

View File

@ -0,0 +1,26 @@
- name: Create Jenkin's directory
file:
path: "{{ jenkins_root }}"
state: directory
owner: "1000"
group: "1000"
- name: Start Jenkins Container
docker_container:
name: "{{ jenkins_name }}"
image: jenkins/jenkins:{{ jenkins_version }}
state: started
restart_policy: always
ports:
- 50000:50000
volumes: "{{ jenkins_root }}:/var/jenkins_home"
networks_cli_compatible: true
networks:
- name: traefik
labels:
traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
traefik.http.routers.jenkins.entrypoints: websecure
traefik.http.routers.jenkins.tls.certresolver: letsencrypt
traefik.http.routers.jenkins.middlewares: "securehttps@file"
traefik.docker.network: traefik
traefik.enable: "true"