This cookbook installs the latest version of jenkins
CentOS 6.x
- 'srr_iptables' - srr_jenkins needs srr_iptables to redirect port 80 and 443.
- 'srr_jdk' - srr_jenkins needs srr_jdk to install and configure java
- 'srr_deploy' - srr_jenkins needs srr_deploy to give access to the standard deploy account
TODO: List your cookbook attributes here.
e.g.
| ['srr_jenkins']['version'] | String | THIS DOES NOT WORK AT THIS TIME. Version of Jenkins to install. | "1.599-1.1" |
|---|---|---|---|
| ['srr_jenkins']['use_ssl'] | String | whether to setup SSL | "true" |
| ['srr_jenkins']['ssl']['country'] | String | The country for the SSL certificate | "US" |
| ['srr_jenkins']['ssl']['state'] | String | The state for the SSL certificate | "Kentucky" |
| ['srr_jenkins']['ssl']['locality'] | String | The city or town for the SSL certificate | "Lexington" |
| ['srr_jenkins']['ssl']['organization'] | String | The organization for the SSL certificate | "My Organization" |
| ['srr_jenkins']['ssl']['unit'] | String | The business unit for the SSL certificate | "My Business Unit" |
| ['srr_jenkins']['ssl']['email'] | String | The email for the SSL certificate | "" |
| ['srr_jenkins']['ssl']['keypassword'] | String | The password for the key SSL certificate | "jenkins" |
| ['srr_jenkins']['ssl']['storepassword'] | String | The password for the key store p12 file and jks file | "jenkins" |
| ['srr_jenkins']['ssl']['sslfilepath'] | String | The path for the SSL certificate files | "/var/lib/jenkins/ssl" |
| ['srr_iptables']['rules'] | String | The rules for iptables. Includes redirects for ports 80 and 443 | "*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
#Tomcat -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8005 -j ACCEPT #Tomcat JMX monitoring -A INPUT -m state --state NEW -m tcp -p tcp --dport 10080 -j ACCEPT #Tomcat multicast -A INPUT -m state --state NEW -m tcp -p tcp --dport 45564 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 45564 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 4000:4100 -j ACCEPT #Zabbix agent -A INPUT -m state --state NEW -m tcp -p tcp --dport 10050 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 10051 -j ACCEPT #Jenkins -A INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8009 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited #-N LOGGING #-A INPUT -j LOGGING #-A LOGGING -m limit --limit 20/min -j LOG --log-prefix "IPTables-Dropped: " #--log-level 4 #-A LOGGING -j DROP COMMIT *nat :PREROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] #Redirects for jenkins -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443 -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 COMMIT " |
In your metadata.rb: add the line 'depends srr_jenkins' In your recipes/default.rb: add the line 'include_recipe srr_jenkins' In your attributes/default.rb: Override any attributes you like.
Or just include srr_jenkins in your node's run_list:
{
"name":"my_node",
"run_list": [
"recipe[srr_jenkins]"
]
}Authors: Steven Riggs