Puppet: Jenkins Installation using Puppet Program

	# @summary A short summary of the purpose of this class
	#
	# A description of what this class does
	# This class is for master node
	#
	# @example
	# include dof_jenkins
	class jenkins (
	#$list_of_plugins = undef,
	$list_of_plugins = ['msbuild', 'active-directory']
	#$bind_password = undef,
	){

	package { wget:
	ensure => present,
	}

	exec { 'sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo --no-check-certificate':
	cwd => '/var/tmp',
	path => ['/usr/bin', '/usr/sbin',],
	}

	exec { 'sudo rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key':
	cwd => '/var/tmp',
	path => ['/usr/bin', '/usr/sbin',],
	}

	$packages = ['java-11-openjdk-demo.x86_64', 'jenkins']

	package { $packages:
	ensure => present,
	}

	file {'/usr/lib/systemd/system/jenkins.service':
	ensure => present,
	mode => '0644',
	owner => 'root',
	group => 'root',
	source => 'puppet:///modules/jenkins/jenkins.service',
	#notify => Exec['/usr/bin/systemctl daemon-reload'],
	}



	file {'/var/lib/initialAdminPassword':
	ensure => present,
	mode => '0644',
	owner => 'jenkins',
	group => 'jenkins',
	source => 'puppet:///modules/jenkins/initialAdminPassword',
	}

	file {'/var/lib/jenkins/secrets/master.key':
	ensure => present,
	mode => '0644',
	owner => 'jenkins',
	group => 'jenkins',
	source => 'puppet:///modules/jenkins/master.key',
	}


	exec {'/usr/bin/systemctl daemon-reload':
	refreshonly => true,
	}



	service {'jenkins':
	ensure => running,
	enable => true,
	hasrestart => true,
	hasstatus => true,
	}



	#$file_path = '/var/lib/creds'
	#$file_exists = find_file($file_path)

	#if !$file_exists {
	#fail('Credentials file not found under /var/lib/jenkins with name creds')
	#}


	# file {'/var/lib/jenkins/proxy.xml':
	# ensure => present,
	# mode => '0644',
	# owner => 'jenkins',
	# group => 'jenkins',
	# source => 'puppet:///modules/dof_jenkins/proxy.xml',
	# notify => [Exec['/usr/bin/systemctl daemon-reload'],
	# Service['jenkins']],
	# }



	exec { 'wget http://localhost:8080/jnlpJars/jenkins-cli.jar -P /var/lib/jenkins':
	cwd => '/var/tmp',
	path => ['/usr/bin', '/usr/sbin',],
	}

	# file {'/var/lib/jenkins/jenkins.yaml':
	# ensure => present,
	# mode => '0644',
	# owner => 'jenkins',
	# group => 'jenkins',
	# source => 'puppet:///modules/dof_jenkins/Jenkins.yaml',
	# notify => [Exec['/usr/bin/systemctl daemon-reload'],
	# Service['jenkins']],
	# }

	$list_of_plugins.each \| String $plugin \| {
	exec {"${plugin}":
	command => "java -jar /var/lib/jenkins/jenkins-cli.jar -s http://localhost:8080/ -auth @/var/lib/initialAdminPassword install-plugin $plugin",
	path => '/usr/bin:/usr/sbin:/sbin',
	#onlyif => "java -jar /var/lib/jenkins/jenkins-cli.jar -s http://localhost:8080/ -auth @/var/lib/initialAdminPassword $plugin",
	creates => "/var/lib/jenkins/plugins/${plugin}*.jpi",
	}
	}

	# file {'/run/secrets/secrets.properties':
	# ensure => 'file',
	# content => template('dof_jenkins/secrets.properties.erb')
	# }
	}

view raw jenkins-puppet.pp hosted with

by GitHub

	#
	# This file is managed by systemd(1). Do NOT edit this file manually!
	# To override these settings, run:
	#
	# systemctl edit jenkins
	#
	# For more information about drop-in files, see:
	#
	# https://www.freedesktop.org/software/systemd/man/systemd.unit.html
	#

	[Unit]
	Description=Jenkins Continuous Integration Server
	Requires=network.target
	After=network.target

	[Service]
	Type=notify
	NotifyAccess=main
	ExecStart=/usr/bin/jenkins
	Restart=on-failure
	SuccessExitStatus=143

	# Configures the time to wait for start-up. If Jenkins does not signal start-up
	# completion within the configured time, the service will be considered failed
	# and will be shut down again. Takes a unit-less value in seconds, or a time span
	# value such as "5min 20s". Pass "infinity" to disable the timeout logic.
	#TimeoutStartSec=90

	# Unix account that runs the Jenkins daemon
	# Be careful when you change this, as you need to update the permissions of
	# $JENKINS_HOME, $JENKINS_LOG, and (if you have already run Jenkins)
	# $JENKINS_WEBROOT.
	User=jenkins
	Group=jenkins

	# Directory where Jenkins stores its configuration and workspaces
	Environment="JENKINS_HOME=/var/lib/jenkins"
	WorkingDirectory=/var/lib/jenkins

	# Location of the Jenkins WAR
	#Environment="JENKINS_WAR=/usr/share/java/jenkins.war"

	# Location of the exploded WAR
	Environment="JENKINS_WEBROOT=%C/jenkins/war"

	# Location of the Jenkins log. By default, systemd-journald(8) is used.
	#Environment="JENKINS_LOG=%L/jenkins/jenkins.log"

	# The Java home directory. When left empty, JENKINS_JAVA_CMD and PATH are consulted.
	#Environment="JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64"

	# The Java executable. When left empty, JAVA_HOME and PATH are consulted.
	#Environment="JENKINS_JAVA_CMD=/etc/alternatives/java"

	# Arguments for the Jenkins JVM
	Environment="JAVA_OPTS=-Djava.awt.headless=true, -Djenkins.install.runSetupWizard=false"

	# IP address to listen on for HTTP requests.
	# The default is to listen on all interfaces (0.0.0.0).
	#Environment="JENKINS_LISTEN_ADDRESS="

	# Port to listen on for HTTP requests. Set to -1 to disable.
	# To be able to listen on privileged ports (port numbers less than 1024),
	# add the CAP_NET_BIND_SERVICE capability to the AmbientCapabilities
	# directive below.
	Environment="JENKINS_PORT=8080"

	# IP address to listen on for HTTPS requests. Default is disabled.
	#Environment="JENKINS_HTTPS_LISTEN_ADDRESS="

	# Port to listen on for HTTPS requests. Default is disabled.
	# To be able to listen on privileged ports (port numbers less than 1024),
	# add the CAP_NET_BIND_SERVICE capability to the AmbientCapabilities
	# directive below.
	#Environment="JENKINS_HTTPS_PORT=443"

	# Path to the keystore in JKS format (as created by the JDK's keytool).
	# Default is disabled.
	#Environment="JENKINS_HTTPS_KEYSTORE=/path/to/keystore.jks"

	# Password to access the keystore defined in JENKINS_HTTPS_KEYSTORE.
	# Default is disabled.
	#Environment="JENKINS_HTTPS_KEYSTORE_PASSWORD=s3cR3tPa55w0rD"

	# IP address to listen on for HTTP2 requests. Default is disabled.
	#
	# Note: HTTP2 support may require additional configuration.
	# See the Winstone documentation for more information.
	#Environment="JENKINS_HTTP2_LISTEN_ADDRESS="

	# HTTP2 port to listen on. Default is disabled.
	# To be able to listen on privileged ports (port numbers less than 1024),
	# add the CAP_NET_BIND_SERVICE capability to the AmbientCapabilities
	# directive below.
	#
	# Note: HTTP2 support may require additional configuration.
	# See the Winstone documentation for more information.
	#Environment="JENKINS_HTTP2_PORT="

	# Controls which capabilities to include in the ambient capability set for the
	# executed process. Takes a whitespace-separated list of capability names, e.g.
	# CAP_SYS_ADMIN, CAP_DAC_OVERRIDE, CAP_SYS_PTRACE. Ambient capability sets are
	# useful if you want to execute a process as a non-privileged user but still
	# want to give it some capabilities. For example, add the CAP_NET_BIND_SERVICE
	# capability to be able to listen on privileged ports (port numbers less than
	# 1024).
	#AmbientCapabilities=CAP_NET_BIND_SERVICE

	# Debug level for logs. The higher the value, the more verbose. 5 is INFO.
	#Environment="JENKINS_DEBUG_LEVEL=5"

	# Set to true to enable logging to /var/log/jenkins/access_log.
	#Environment="JENKINS_ENABLE_ACCESS_LOG=false"

	# Folder for additional JAR files to add to the Jetty class loader. Default
	# is disabled. See the Winstone documentation for more information.
	#Environment="JENKINS_EXTRA_LIB_FOLDER="

	# Servlet context (important if you want to use reverse proxying)
	#Environment="JENKINS_PREFIX=/jenkins"

	# Arbitrary additional arguments to pass to Jenkins.
	# Full option list: java -jar jenkins.war --help
	#Environment="JENKINS_OPTS="

	# Maximum core file size. If unset, the value from the OS is inherited.
	#LimitCORE=infinity

	# Maximum file size. If unset, the value from the OS is inherited.
	#LimitFSIZE=infinity

	# File descriptor limit. If unset, the value from the OS is inherited.
	#LimitNOFILE=8192

view raw jenkins.service hosted with

by GitHub

Rajesh Kumar

I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I am working at Cotocus. I blog tech insights at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at I reviewed , and SEO strategies at Wizbrand.

Please find my social handles as below;

Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at PINTEREST
Rajesh Kumar at QUORA
Rajesh Kumar at WIZBRAND