Last active
April 8, 2016 03:54
-
-
Save carlosonunez/0648988da5ca27d38624734a700e7ae6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# NOTE: This assumes a few things: | |
# * that you are running Ubuntu 14.10, | |
# * that you are using EC2 for master and slaves, | |
# * that you are using Github for source control, and | |
# * that you want to use Google Apps for logging in. | |
# 1. Set up S3FS | |
# =============== | |
sudo apt-get install build-essential git libfuse-dev libcurl4-openssl-dev libxml2-dev mime-support automake libtool | |
sudo apt-get install pkg-config libssl-dev | |
git clone https://github.com/s3fs-fuse/s3fs-fuse | |
cd s3fs-fuse/ | |
./autogen.sh | |
./configure --prefix=/usr --with-openssl | |
make | |
sudo make install | |
sudo touch "$AWS_ACCESS_KEY:$AWS_SECRET_KEY" > /etc/passwd-s3fs | |
sudo chown ubuntu:root /etc/passwd-s3fs | |
chmod 600 /etc/passwd-s3fs | |
mkdir -p ~/mnt/tmp/jenkins-work | |
s3fs $JENKINS_S3_BUCKET ~/mnt/tmp/jenkins-work | |
# 2. SET UP JENKINS | |
# ================== | |
wget -q -O - https://jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add - | |
sudo sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list' | |
sudo apt-get update | |
sudo apt-get install jenkins | |
sudo service jenkins start | |
# 3. INSTALL JENKINS-GIT, Swarm, Role Strategy, Google Login and OpenID CONNECT SUPPORT | |
# =========== | |
pushd /var/lib/jenkins && { | |
sudo wget http://updates.jenkins-ci.org/latest/ec2.hpi | |
sudo wget http://updates.jenkins-ci.org/latest/swarm.hpi | |
sudo wget http://updates.jenkins-ci.org/download/plugins/git/2.4.4/git.hpi | |
sudo wget http://updates.jenkins-ci.org/latest/openid.hpi | |
sudo wget http://updates.jenkins-ci.org/latest/google-login.hpi | |
sudo wget http://updates.jenkins-ci.org/latest/role-strategy.hpi | |
} && popd | |
sudo service jenkins restart | |
# 4. CREATE A CLIENT ID FOR JENKINS | |
# ============ | |
Login to the Google Developers Console | |
Create a new project | |
Under APIs & Auth -> Credentials, Create a new Client ID | |
The application type should be "Web Application" | |
The authorized redirect URLs should contain JENKINS_ROOT_URL/securityRealm/finishLogin | |
Enter the created Client Id and secret in the Security Realm Configuration | |
# 5. ENABLE SECURITY | |
# ================== | |
1. Click on "Manage Jenkins." | |
2. Click on "Setup Security." | |
3. Check "Enable security," then click on "Google Login" | |
4. Enter the Google Apps domain, client ID and secret returned from Google where prompted | |
5. Enable CSRF; use defaults. | |
6. At the top, check "Disable remember me" | |
7. Under "Authorization", click "Matrix-based security" to enable role-based logins. | |
8. Add the email address for the Google Apps user that will be logging into Jenkins, then give them permissions as shown. | |
9. Save. Afterwards, Jenkins should attempt to log you in with Google. Accept when prompted. | |
# 6. SET UP A NODE | |
# ================ | |
Use the EC2 Cloud plugin to do this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment