-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloud-gocd.yml
69 lines (61 loc) · 1.89 KB
/
cloud-gocd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
- hosts: local
connection: local
roles:
- basis
- backup
- java
- nginx
- gocd
- checkmk
vars:
users_local: [] #some local users only specific to this node!
users: "{{ users_local + users_admin }}"
fail2ban_activate_modules:
- sshd
- nginx
mount_points:
- path: "{{ gocd_artifact_location }}"
dev: /dev/sdb
gocd_admin_user: gocd_admin
gocd_admin_pass: VeryCoolAdminPassword!
gocd_artifact_location: "{{ cloud_storage }}/gocd-artifacts"
gocd_website:
domain: "build.{{ domain_external }}"
letsencrypt: true
state: present
owner: jenkins
port: 80
root_setup: false
index: noindex
root: noroot
options:
access_log: "/var/log/nginx/build.{{ domain_external }}-access.log"
error_log: "/var/log/nginx/build.{{ domain_external }}-error.log"
pre_options: |
# Required for GoCD websocket agents
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
locations:
- location: '/'
options: |
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://localhost:8153/;
client_max_body_size 10000m;
# Websites
web_sites:
- "{{ gocd_website }}"
# Backup
backup_targets:
file:
- "{{ gocd_artifact_location }}"
- "/etc/letsencrypt"
vars_files:
- "group_vars/{{ ansible_local.preferences.ansible.environment }}.yaml"