This repository contains a working example of a Jenkins server set up to manage a Drupal multisite installation on a separate server.
Prerequisites:
- Install Docker
Guide:
- Run
docker-compose up -d
- Run
docker exec --tty drupal-jenkins bash -c /etc/ansible/playbook/scripts/run-playbook.sh
After the playbook completes, visit http://localhost/
. The default login is admin
:admin
.
For production, this project uses Ansible Vault to store an encrypted copy of the Jenkins admin password (so even developers with access to this repository would still not be able to access the Jenkins super administrator account unless you explicitly give them access!).
In this example, we'll install Jenkins on a DigitalOcean Droplet (a VPS), but you can use this playbook anywhere that hosts VPSes—Linode, AWS EC2, Hertzner, etc.
Prerequisites:
- Install Ansible
- Set up your Ansible Vault secrets:
- Create a file at
~/.ansible/drupal-jenkins-vault-password.txt
and put in a unique, random, securely-generated password (e.g.MZjDUcMsUeKpq9vaXoCyYDwFNrMF3E
). - Run the command:
ansible-vault create vars/secrets.yml --vault-password-file=~/.ansible/drupal-jenkins-vault-password.txt
, and save the file that is generated (it's okay if it's empty right now).
- Create a file at
Guide:
-
Create a VPS somewhere to which you have root SSH access; choose Ubuntu 16.04 for the OS.
-
Create an prod inventory file (e.g.
inventory/prod
) containing the IP address or domain name of the VPS:[jenkins] drupal-jenkins-multisite.example.com [jenkins:vars] ansible_ssh_user=root
-
Edit the
vars/secrets.yml
file (with the same command as earlier, but withedit
instead ofcreate
), and add the following:jenkins_admin_password: [generate a secure random password] nginx_proxy_vhostname: "drupal-jenkins-multisite.example.com" certbot_admin_email: https@example.com certbot_certs: - email: "https@example.com" domains: - "{{ nginx_proxy_vhostname }}"
-
Install dependencies:
ansible-galaxy install -r requirements.yml
-
Run the command:
ansible-playbook -i inventory/prod main.yml --vault-password-file=~/.ansible/drupal-jenkins-vault-password.txt --extra-vars "{certbot_create_standalone_stop_services: []}"
After the playbook completes, you should be able to access the Jenkins server at the IP address or hostname of the server (e.g. https://drupal-jenkins-multisite.jeffgeerling.com/ in the example above).
Note: In the future, run the same
ansible-playbook
command to update the server or update configurations—but leave off the--extra-vars
(that setting is only necessary on the first run).
BSD / MIT
This repository was created in 2018 by Jeff Geerling in support of the MidCamp 2018 session Jenkins or: How I learned to stop worrying and love automation.