-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloud-jenkins.yml
100 lines (88 loc) · 2.95 KB
/
cloud-jenkins.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
- hosts: local
connection: local
roles:
- basis
- backup
- java
- nginx
- jenkins
- checkmk
vars:
users_local: [] #some local users only specific to this node!
users: "{{ users_local + users_admin }}"
fail2ban_activate_modules:
- sshd
- nginx
mount_points:
- path: "{{ jenkins_data_location }}"
dev: /dev/sdb
jenkins_data_location: "{{ cloud_storage }}/jenkins-data"
jenkins_website:
domain: "build.{{ domain_external }}"
letsencrypt: true
state: present
owner: jenkins
port: 80
root_setup: false
index: noindex
root: noroot
options:
access_log: "/var/log/nginx/build.{{ domain_external }}-access.log"
error_log: "/var/log/nginx/build.{{ domain_external }}-error.log"
ignore_invalid_headers: "off"
pre_options: |
upstream jenkins {
keepalive 32; # keepalive connections
server 127.0.0.1:8080; # jenkins ip and port
}
# Required for Jenkins websocket agents
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
locations:
- location: '~ "^/static/[0-9a-fA-F]{8}\/(.*)$"'
options: |
rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;
- location: '/userContent'
options: |
root {{ cloud_apps }}/jenkins/web;
if (!-f $request_filename){
# this file does not exist, might be a directory or a /**view** url
rewrite (.*) /$1 last;
break;
}
sendfile on;
- location: '/'
options: |
sendfile off;
proxy_pass http://jenkins;
proxy_redirect default;
proxy_http_version 1.1;
# Required for Jenkins websocket agents
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
#this is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffering off;
proxy_request_buffering off; # Required for HTTP CLI commands
proxy_set_header Connection ""; # Clear for keepalive
# Websites
web_sites:
- "{{ jenkins_website }}"
# Backup
backup_targets:
file:
- "{{ jenkins_data_location }}"
- "/etc/letsencrypt"
vars_files:
- "group_vars/environment.yaml"