Split Jenkins into agent and server tasks

hypervisor.yml

@@ -17,4 +17,5 @@
   become: true
   roles:
     - base
+    - jenkins
     - libvirt

roles/jenkins/tasks/agent.yml

@@ -0,0 +1,46 @@
+- name: Install GnuPG
+  apt:
+    name: gnupg
+    state: present
+
+- name: Create Jenkins user
+  user:
+    name: "{{ jenkins_user }}"
+    state: present
+    shell: /bin/bash
+    skeleton: /etc/skel
+    generate_ssh_key: true
+
+- name: Set Jenkins authorized key
+  authorized_key:
+    user: jenkins
+    state: present
+    exclusive: true
+    key: "{{ jenkins_sshkey }}"
+
+- name: Give Jenkins user passwordless sudo
+  template:
+    src: jenkins_sudoers.j2
+    dest: /etc/sudoers.d/{{ jenkins_user }}
+    validate: "visudo -cf %s"
+    mode: 0440
+
+- name: Install Ansible source
+  copy:
+    src: ansible.list
+    dest: /etc/apt/sources.list.d/ansible.list
+
+- name: Add Ansible source key
+  apt_key:
+    keyserver: keyserver.ubuntu.com
+    id: 93C4A3FD7BB9C367
+
+- name: Install Ansible
+  apt:
+    name: ansible
+    state: present
+
+- name: Install Java
+  apt:
+    name: default-jre
+    state: present

roles/jenkins/tasks/main.yml

@@ -1,69 +1,5 @@
-- name: Create Jenkins user
+- import_tasks: agent.yml
-  user:
-    name: "{{ jenkins_user }}"
-    state: present
-    shell: /bin/bash
-    skeleton: /etc/skel
-    generate_ssh_key: true
-
-- name: Set Jenkins authorized key
-  authorized_key:
-    user: jenkins
-    state: present
-    exclusive: true
-    key: "{{ jenkins_sshkey }}"
   when: jenkins_sshkey is defined
 
-- name: Give Jenkins user passwordless sudo
+- import_tasks: server.yml
-  template:
+  when: jenkins_domain is defined
-    src: jenkins_sudoers.j2
-    dest: /etc/sudoers.d/{{ jenkins_user }}
-    validate: "visudo -cf %s"
-    mode: 0440
-
-- name: Install Ansible source
-  copy:
-    src: ansible.list
-    dest: /etc/apt/sources.list.d/ansible.list
-
-- name: Add Ansible source key
-  apt_key:
-    keyserver: keyserver.ubuntu.com
-    id: 93C4A3FD7BB9C367
-
-- name: Install Ansible
-  apt:
-    name: ansible
-    state: present
-
-- name: Install Java
-  apt:
-    name: default-jre
-    state: present
-
-- name: Create Jenkin's directory
-  file:
-    path: "{{ jenkins_root }}"
-    state: directory
-    owner: "1000"
-    group: "1000"
-
-- name: Start Jenkins Container
-  docker_container:
-    name: "{{ jenkins_name }}"
-    image: jenkins/jenkins:{{ jenkins_version }}
-    state: started
-    restart_policy: always
-    ports:
-      - 50000:50000
-    volumes: "{{ jenkins_root }}:/var/jenkins_home"
-    networks_cli_compatible: true
-    networks:
-      - name: traefik
-    labels:
-      traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
-      traefik.http.routers.jenkins.entrypoints: websecure
-      traefik.http.routers.jenkins.tls.certresolver: letsencrypt
-      traefik.http.routers.jenkins.middlewares: "securehttps@file"
-      traefik.docker.network: traefik
-      traefik.enable: "true"

roles/jenkins/tasks/server.yml

@@ -0,0 +1,26 @@
+- name: Create Jenkin's directory
+  file:
+    path: "{{ jenkins_root }}"
+    state: directory
+    owner: "1000"
+    group: "1000"
+
+- name: Start Jenkins Container
+  docker_container:
+    name: "{{ jenkins_name }}"
+    image: jenkins/jenkins:{{ jenkins_version }}
+    state: started
+    restart_policy: always
+    ports:
+      - 50000:50000
+    volumes: "{{ jenkins_root }}:/var/jenkins_home"
+    networks_cli_compatible: true
+    networks:
+      - name: traefik
+    labels:
+      traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
+      traefik.http.routers.jenkins.entrypoints: websecure
+      traefik.http.routers.jenkins.tls.certresolver: letsencrypt
+      traefik.http.routers.jenkins.middlewares: "securehttps@file"
+      traefik.docker.network: traefik
+      traefik.enable: "true"