diff options
| author | Tharre <tharre3@gmail.com> | 2018-06-15 17:37:25 +0200 |
|---|---|---|
| committer | Tharre <tharre3@gmail.com> | 2018-06-15 17:37:25 +0200 |
| commit | ceb1f54a7c2519cab700bb5e5cdb6e01e364e46a (patch) | |
| tree | be844c793d4d03277f2fccd210715ecb590829c3 /roles | |
| parent | 9a3c2777012a2d73c7b4afe7ed443a2bdc9f9d44 (diff) | |
| download | infrastructure-ceb1f54a7c2519cab700bb5e5cdb6e01e364e46a.tar.gz infrastructure-ceb1f54a7c2519cab700bb5e5cdb6e01e364e46a.tar.xz infrastructure-ceb1f54a7c2519cab700bb5e5cdb6e01e364e46a.zip | |
Add jenkins to nyarlathotep
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/jenkins/meta/main.yml | 4 | ||||
| -rw-r--r-- | roles/jenkins/tasks/main.yml | 16 | ||||
| -rw-r--r-- | roles/jenkins/templates/jenkins_nginx.conf.j2 | 43 |
3 files changed, 63 insertions, 0 deletions
diff --git a/roles/jenkins/meta/main.yml b/roles/jenkins/meta/main.yml new file mode 100644 index 0000000..5938332 --- /dev/null +++ b/roles/jenkins/meta/main.yml @@ -0,0 +1,4 @@ +--- + +dependencies: + - { role: nginx } diff --git a/roles/jenkins/tasks/main.yml b/roles/jenkins/tasks/main.yml new file mode 100644 index 0000000..b9ecbe7 --- /dev/null +++ b/roles/jenkins/tasks/main.yml @@ -0,0 +1,16 @@ +--- + +- name: Install jenkins + package: + name: jenkins + state: present + +- name: Copy nginx conf file + template: + src: jenkins_nginx.conf.j2 + dest: /etc/nginx/nginx.d/jenkins.conf + mode: 0644 + owner: "root" + group: "root" + notify: + - reload nginx diff --git a/roles/jenkins/templates/jenkins_nginx.conf.j2 b/roles/jenkins/templates/jenkins_nginx.conf.j2 new file mode 100644 index 0000000..765eba0 --- /dev/null +++ b/roles/jenkins/templates/jenkins_nginx.conf.j2 @@ -0,0 +1,43 @@ +# {{ ansible_managed }} + +server { + listen 80; + listen [::]:80; + server_name {{ jenkins_subdomain }}; + + include snippets/letsencrypt.conf; + + location / { + return 301 https://$host$request_uri; + } +} + +upstream jenkins { + server 127.0.0.1:8090 fail_timeout=0; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name {{ jenkins_subdomain }}; + + root /srv/http; + index index.html index.htm; + + ssl_certificate /etc/letsencrypt/live/{{ jenkins_subdomain }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ jenkins_subdomain }}/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/{{ jenkins_subdomain }}/chain.pem; + + location / { + proxy_set_header Host $host:$server_port; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_redirect http:// https://; + proxy_pass http://jenkins; + # Required for new HTTP-based CLI + proxy_http_version 1.1; + proxy_request_buffering off; + proxy_buffering off; # Required for HTTP-based CLI to work over SSL + } +} |