Forked from fabito/jenkins_nginx_ci.template.json
Last active
August 29, 2015 14:24
-
-
Save anothernoise/fe3ad2c636e769873220 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion" : "2010-09-09", | |
"Description" : "AWS CloudFormation template to deploy jenkins/nginx.", | |
"Parameters" : { | |
"KeyName" : { | |
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances", | |
"Type" : "String", | |
"Default" : "cd29", | |
"MinLength": "1", | |
"MaxLength": "64", | |
"AllowedPattern" : "[-_ a-zA-Z0-9]*", | |
"ConstraintDescription" : "Can contain only alphanumeric characters, spaces, dashes and underscores." | |
}, | |
"InstanceType" : { | |
"Description" : "EC2 instance type", | |
"Type" : "String", | |
"Default" : "t1.micro", | |
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"], | |
"ConstraintDescription" : "must be a valid EC2 instance type." | |
}, | |
"VolumeSize" : { | |
"Description" : "Volume size for the Jenkins workspace.", | |
"Type" : "Number", | |
"Default" : "60" | |
} | |
}, | |
"Mappings" : { | |
"AWSInstanceType2Arch" : { | |
"t1.micro" : { "Arch" : "64" }, | |
"m1.small" : { "Arch" : "64" }, | |
"m1.medium" : { "Arch" : "64" }, | |
"m1.large" : { "Arch" : "64" }, | |
"m1.xlarge" : { "Arch" : "64" }, | |
"m2.xlarge" : { "Arch" : "64" }, | |
"m2.2xlarge" : { "Arch" : "64" }, | |
"m2.4xlarge" : { "Arch" : "64" }, | |
"c1.medium" : { "Arch" : "64" }, | |
"c1.xlarge" : { "Arch" : "64" }, | |
"cc1.4xlarge" : { "Arch" : "64HVM" }, | |
"cc2.8xlarge" : { "Arch" : "64HVM" }, | |
"cg1.4xlarge" : { "Arch" : "64HVM" } | |
}, | |
"AWSRegionArch2AMI" : { | |
"us-east-1" : { "32" : "ami-31814f58", "64" : "ami-1b814f72", "64HVM" : "ami-0da96764" }, | |
"us-west-2" : { "32" : "ami-38fe7308", "64" : "ami-96ef63a6", "64HVM" : "NOT_YET_SUPPORTED" }, | |
"us-west-1" : { "32" : "ami-11d68a54", "64" : "ami-1bd68a5e", "64HVM" : "NOT_YET_SUPPORTED" }, | |
"eu-west-1" : { "32" : "ami-973b06e3", "64" : "ami-953b06e1", "64HVM" : "NOT_YET_SUPPORTED" }, | |
"ap-southeast-1" : { "32" : "ami-a2a7e7f0", "64" : "ami-a6a7e7f4", "64HVM" : "NOT_YET_SUPPORTED" }, | |
"ap-northeast-1" : { "32" : "ami-486cd349", "64" : "ami-4e6cd34f", "64HVM" : "NOT_YET_SUPPORTED" }, | |
"sa-east-1" : { "32" : "ami-e209d0ff", "64" : "ami-1e08d103", "64HVM" : "NOT_YET_SUPPORTED" } | |
} | |
}, | |
"Resources" : { | |
"CfnUser" : { | |
"Type" : "AWS::IAM::User", | |
"Properties" : { | |
"Path": "/", | |
"Policies": [{ | |
"PolicyName": "root", | |
"PolicyDocument": { "Statement":[{ | |
"Effect":"Allow", | |
"Action" : [ | |
"cloudformation:DescribeStackResource", | |
"s3:GetObject" | |
], | |
"Resource":"*" | |
}]} | |
}] | |
} | |
}, | |
"CfnKeys" : { | |
"Type" : "AWS::IAM::AccessKey", | |
"Properties" : { | |
"UserName" : {"Ref": "CfnUser"} | |
} | |
}, | |
"HostKeys" : { | |
"Type" : "AWS::IAM::AccessKey", | |
"Properties" : { | |
"UserName" : {"Ref": "CfnUser"} | |
} | |
}, | |
"WebServer": { | |
"Type": "AWS::EC2::Instance", | |
"Metadata" : { | |
"AWS::CloudFormation::Init" : { | |
"config" : { | |
"packages" : { | |
"yum" : { | |
"nginx" : [], | |
"java-1.6.0-openjdk-devel":[], | |
"git":[] | |
} | |
}, | |
"files" : { | |
"/tmp/nginx/default.conf" : { | |
"content" : { "Fn::Join" : ["", [ | |
"upstream jenkins {\n", | |
"server 127.0.0.1:8080 fail_timeout=0;\n", | |
"}\n\n", | |
"server {\n", | |
"listen 80;\n", | |
"listen [::]:80 default ipv6only=on;\n", | |
"charset utf-8;\n", | |
"location / {\n", | |
"proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n", | |
"proxy_set_header Host $http_host;\n", | |
"proxy_redirect off;\n\n", | |
"if (!-f $request_filename) {\n", | |
"proxy_pass http://jenkins;\n", | |
"break;\n", | |
"}\n", | |
"}\n", | |
"}\n" | |
]]}, | |
"mode" : "000755", | |
"owner" : "root", | |
"group" : "root" | |
} | |
}, | |
"services" : { | |
"sysvinit" : { | |
"nginx" : { "enabled" : "true", "ensureRunning" : "true", "files": ["/etc/nginx/conf.d/default.conf"] } | |
} | |
} | |
} | |
} | |
}, | |
"Properties": { | |
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" }, | |
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] }, | |
"InstanceType" : { "Ref" : "InstanceType" }, | |
"SecurityGroups" : [ {"Ref" : "WebServerSecurityGroup"} ], | |
"KeyName" : { "Ref" : "KeyName" }, | |
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [ | |
"#!/bin/bash\n", | |
"yum update -y aws-cfn-bootstrap\n", | |
"## Error reporting helper function\n", | |
"function error_exit\n", | |
"{\n", | |
" /opt/aws/bin/cfn-signal -e 1 -r \"$1\" '", { "Ref" : "WaitHandleJenkinsInstance" }, "'\n", | |
" exit 1\n", | |
"}\n", | |
"## Initialize CloudFormation bits\n", | |
"/opt/aws/bin/cfn-init -v -s ", { "Ref" : "AWS::StackName" }, " -r WebServer", | |
" --access-key ", { "Ref" : "HostKeys" }, | |
" --secret-key ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, | |
" --region ", { "Ref" : "AWS::Region" }, " > /tmp/cfn-init.log 2>&1 || error_exit $(</tmp/cfn-init.log)\n", | |
"## Waiting for EBS mounts to become available\n", | |
"while [ ! -e /dev/sdh1 ]; do echo waiting for /dev/sdh1 to attach; sleep 10; done\n", | |
"dd if=/dev/zero of=/dev/sdh1 bs=512 count=1\n", | |
"pvcreate /dev/sdh1\n", | |
"vgcreate vg0 /dev/sdh1\n", | |
"lvcreate -l 100%vg -n jenkins vg0\n", | |
"mke2fs -t ext4 -F /dev/vg0/jenkins > /tmp/mke2fs1.log 2>&1\n", | |
"mkdir /jenkins\n", | |
"echo '/dev/vg0/jenkins /jenkins ext4 defaults,auto,noatime,exec 0 0' | tee -a /etc/fstab\n", | |
"mount /jenkins > /tmp/mount1.log 2>&1\n", | |
"## Jenkins setup\n", | |
"wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo\n", | |
"rpm --import http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key\n", | |
"yum -y install jenkins> /tmp/yum-jenkins.log 2>&1\n", | |
"usermod -a -G jenkins ec2-user\n", | |
"##usermod -d /jenkins/userhome jenkins\n", | |
"sed '/JENKINS_HOME=./c JENKINS_HOME=\"/jenkins\"' /etc/sysconfig/jenkins > /etc/sysconfig/jenkins.new\n", | |
"mv /etc/sysconfig/jenkins.new /etc/sysconfig/jenkins\n", | |
"# Install Jenkins Plugins\n", | |
"wget -P /jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/git/1.1.25/git.hpi\n", | |
"wget -P /jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/s3/0.3.2/s3.hpi\n", | |
"wget -P /jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/jenkins-cloudformation-plugin/0.10/jenkins-cloudformation-plugin.hpi\n", | |
"wget -P /jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/build-pipeline-plugin/1.3.3/build-pipeline-plugin.hpi\n", | |
"wget -P /jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/dashboard-view/2.3/dashboard-view.hpi\n", | |
"chown -R jenkins:jenkins /jenkins > /tmp/chown1.log 2>&1\n", | |
"# Add jenkins user to sudoers and disable tty\n", | |
"echo \"jenkins ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers\n", | |
"echo \"Defaults:%jenkins !requiretty\" >> /etc/sudoers\n", | |
"echo \"Defaults:jenkins !requiretty\" >> /etc/sudoers\n", | |
"service jenkins start\n", | |
"## Nginx setup\n", | |
"cp /tmp/nginx/default.conf /etc/nginx/conf.d/default.conf\n", | |
"service nginx restart\n", | |
"## CloudFormation signal that setup is complete\n", | |
"/opt/aws/bin/cfn-signal -e 0 -r \"JenkinsInstance setup complete\" '", { "Ref" : "WaitHandleJenkinsInstance" }, "'\n" | |
]]}} | |
} | |
}, | |
"WebServerSecurityGroup" : { | |
"Type" : "AWS::EC2::SecurityGroup", | |
"Properties" : { | |
"GroupDescription" : "Enable HTTP access via port 80, and SSH access", | |
"SecurityGroupIngress" : [ | |
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"}, | |
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"} | |
] | |
} | |
}, | |
"JenkinsVolume1" : { | |
"Type" : "AWS::EC2::Volume", | |
"Properties" : { | |
"Size" : { "Ref" : "VolumeSize" }, | |
"AvailabilityZone" : { "Fn::GetAtt" : [ "WebServer", "AvailabilityZone" ]} | |
} | |
}, | |
"JenkinsVolumeMount1" : { | |
"Type" : "AWS::EC2::VolumeAttachment", | |
"Properties" : { | |
"InstanceId" : { "Ref" : "WebServer" }, | |
"VolumeId" : { "Ref" : "JenkinsVolume1" }, | |
"Device" : "/dev/sdh1" | |
} | |
}, | |
"WaitHandleJenkinsInstance" : { | |
"Type" : "AWS::CloudFormation::WaitConditionHandle", | |
"Properties" : {} | |
}, | |
"WaitConditionJenkinsInstance" : { | |
"Type" : "AWS::CloudFormation::WaitCondition", | |
"DependsOn" : "WebServer", | |
"Properties" : { | |
"Handle" : { "Ref" : "WaitHandleJenkinsInstance" }, | |
"Timeout" : "300" | |
} | |
} | |
}, | |
"Outputs" : { | |
"WebsiteURL" : { | |
"Value" : { "Fn::Join" : ["", ["http://", { "Fn::GetAtt" : [ "WebServer", "PublicDnsName" ]}, ""]] }, | |
"Description" : "Jenkins Installation" | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment