mozmeao / ee-infra-jenkins

Ansible playbook to install JenkinsCI. Used by Engagement Engineering
7 stars 10 forks source link

Jenkins-CI

This is an ansible playbook to install and configure Jenkins-CI.

The playbook will install NGINX, configure SSL, Docker, a local-only SMTP server and Jenkins. It will also install Docker-maintenance cron jobs and Jenkins-backup scripts to S3.

Used in combination with Deis for Docker-based Continuous Delivery of Websites. See also webprod-deis.

Build your own

  1. Add your SSL certificates in ssl/ folder. Files ssl/ssl.key and ssl/ssl.crt are needed. These will be copied to your server. You can use a self-signed certificate. Search 'generate self signed SSL certificate` on instructions on how to create one.

  2. Copy local_variables-dist.yml to local_variables.yml and adjust to your preferences.

  3. Add your host in hosts. Example hosts

[jenkins]
127.0.0.1
  1. Run the playbook:

    ansible-playbook -i hosts site.yml

  2. Yay!

GitHub Webhooks

This playbook installs two GitHub plugins, GitHub and GitHub Pull Request Builder. Read the instructions on how to enable these. In some cases, the plugins fail to install their hooks, but you can still add them manually.

For GitHub

For GitHub Pull Request Builder

Jenkins backups

This playbook expects that you use the ThinBackup Jenkins plugin and that you save backups in /var/lib/jenkins/backups.

Disaster recovery

In case of a disaster follow these steps:

  1. Create a new server based on Ubuntu 16.04.
  2. Run this playbook against the server created in step 1.
  3. Copy the ThinBackup backups from S3 to the new server under /var/lib/jenkins/backups.
  4. Go to your new Jenkins management interface -> Plugins -> Install ThinBackup. Restart Jenkins.
  5. Configure ThinBackup to store backups in /var/lib/jenkins/backups. Restart Jenkins.
  6. ThinBackup Restore should list all your backups. Restore the latest. This should restore all Jenkins jobs and all configurations.
  7. Run jobs to verify that everything is OK. Drink relaxing tea, you earned it.

Note that environment passwords used in jobs will not be restored and you will have to do this manually.