/jenkins-ci-install.sh
Last active Dec 19, 2015
Jenkins CI server install script. Read comments at top of script for details.
| #!/bin/bash | |
| ## Please modify and use at your leisure! | |
| ## This script installs: | |
| ## -Jenkins CI | |
| ## -RVM | |
| ## -Ruby 1.9.3 | |
| ## -Postgresql 9.2 | |
| ## -Phantom JS 1.9.0 | |
| ## -Redis 2.4.16 | |
| ## | |
| ## It also installs Jenkins CI plugins, defaults are: | |
| ## Git plugin https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin | |
| ## Git Client https://wiki.jenkins-ci.org/display/JENKINS/Git+Client+Plugin | |
| ## Github API plugin https://wiki.jenkins-ci.org/display/JENKINS/GitHub+API+Plugin | |
| ## Github OAuth plugin https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin | |
| ## You can modify this by adding or removing from jenkinsPlugins array | |
| ## | |
| ## This will also setup basic security for the system including: | |
| ## -add deploy user | |
| ## -setup SSH key pair | |
| ## -disable ssh password auth and root login | |
| ## -create firewall settings | |
| ## -install fail2ban | |
| ## | |
| ## Due to the nature of the script and some of the commands it is minimally | |
| ## interactive, although some commands (i.e. adding users) require user | |
| ## user interaction. | |
| ## | |
| ## Since it is assumed that git will not be available before this script | |
| ## is used you need to copy the script using your favorite text editor | |
| ## then mark it executable and run it I.E: | |
| ## vim setup.sh | |
| ## paste script | |
| ## chmod +x setup.sh && ./setup.sh | |
| ## Enjoy! | |
| # DEFAULTS | |
| LOGFILE="/var/log/jenkins-ci-install.log" | |
| PUBLIC_IP=`curl ifconfig.me 2>/dev/null | egrep -o "[0-9\.]*"` | |
| FIREWALL_RULES_GIST="https://gist.github.com/jasontruluck/02eb2fcd40a088bf8cce/download" | |
| REDIS_URL="http://redis.googlecode.com/files/redis-2.4.16.tar.gz" | |
| PHANTOM_JS_VERSION="1.9.1" | |
| declare -a rubyVersions=('1.9.3' '2.0.0') | |
| RUBY_DEFAULT="1.9.3" | |
| # Colors | |
| ESC_SEQ="\x1b[" | |
| RESET=$ESC_SEQ"39;49;00m" | |
| RED=$ESC_SEQ"31;01m" | |
| GREEN=$ESC_SEQ"32;01m" | |
| YELLOW=$ESC_SEQ"33;01m" | |
| BLUE=$ESC_SEQ"34;01m" | |
| MAGENTA=$ESC_SEQ"35;01m" | |
| CYAN=$ESC_SEQ"36;01m" | |
| # Jenkins Plugins | |
| declare -a jenkinsPlugins=("git.hpi" "github-api.hpi" "git-client.hpi" "github-oauth.hpi") | |
| # Create Log | |
| echo -en "$YELLOW Creating Log: $LOGFILE$RESET" | |
| touch $LOGFILE | |
| echo -e "\r$GREEN Creating Log: $LOGFILE$RESET" | |
| # Install Jenkins | |
| echo -en "$YELLOW Installing Jenkins$RESET" | |
| wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add - >> $LOGFILE | |
| sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list' >> $LOGFILE | |
| apt-get update -y >> $LOGFILE | |
| apt-get install jenkins -y >> $LOGFILE | |
| echo -e "\r$GREEN Installing Jenkins$RESET" | |
| # Update apt-get | |
| echo -en "$YELLOW Updating apt-get$RESET" | |
| sudo apt-get update >> $LOGFILE | |
| echo -e "\r$GREEN Updating apt-get$RESET" | |
| # Install dependencies | |
| echo -en "$YELLOW Install dependencies$RESET" | |
| sudo apt-get install curl -y >> $LOGFILE | |
| sudo apt-get install build-essential -y >> $LOGFILE | |
| sudo apt-get install openssl -y >> $LOGFILE | |
| sudo apt-get install libreadline6 -y >> $LOGFILE | |
| sudo apt-get install libreadline6-dev -y >> $LOGFILE | |
| sudo apt-get install git-core -y >> $LOGFILE | |
| sudo apt-get install zlib1g -y >> $LOGFILE | |
| sudo apt-get install zlib1g-dev -y >> $LOGFILE | |
| sudo apt-get install libssl-dev -y >> $LOGFILE | |
| sudo apt-get install libyaml-dev -y >> $LOGFILE | |
| sudo apt-get install libsqlite3-dev -y >> $LOGFILE | |
| sudo apt-get install sqlite3 -y >> $LOGFILE | |
| sudo apt-get install libxml2-dev -y >> $LOGFILE | |
| sudo apt-get install libxslt-dev -y >> $LOGFILE | |
| sudo apt-get install autoconf -y >> $LOGFILE | |
| sudo apt-get install libc6-dev -y >> $LOGFILE | |
| sudo apt-get install ncurses-dev -y >> $LOGFILE | |
| sudo apt-get install automake -y >> $LOGFILE | |
| sudo apt-get install libtool -y >> $LOGFILE | |
| sudo apt-get install bison -y >> $LOGFILE | |
| sudo apt-get install subversion -y >> $LOGFILE | |
| sudo apt-get install pkg-config -y >> $LOGFILE | |
| sudo apt-get install python-software-properties -y >> $LOGFILE | |
| sudo apt-get install tcl8.5 -y >> $LOGFILE | |
| echo -e "\r$GREEN Install dependencies$RESET" | |
| # Install ExecJS | |
| echo -en "$YELLOW Installing Javascript Runtime$RESET" | |
| sudo apt-get install nodejs -y >> $LOGFILE | |
| echo -e "\r$GREEN Installing Javascript Runtime$RESET" | |
| # Get RVM | |
| echo -en "$YELLOW Installing RVM$RESET" | |
| curl --silent -L get.rvm.io | bash -s stable --auto >> $LOGFILE | |
| echo -e "\r$GREEN Installing RVM$RESET" | |
| # Source Bash | |
| echo -en "$YELLOW Sourcing Bash$RESET" | |
| # Load RVM into a shell session *as a function* | |
| if [[ -s "$HOME/.rvm/scripts/rvm" ]] ; then | |
| # First try to load from a user install | |
| . "$HOME/.rvm/scripts/rvm" | |
| elif [[ -s "/usr/local/rvm/scripts/rvm" ]] ; then | |
| # Then try to load from a root install | |
| . "/usr/local/rvm/scripts/rvm" | |
| else | |
| printf "ERROR: An RVM installation was not found.\n" | |
| fi | |
| echo -e "\r$GREEN Sourcing Bash$RESET" | |
| # install Ruby | |
| for item in ${rubyVersions[@]} | |
| do | |
| echo -en "$YELLOW Installing Ruby $item $RESET" | |
| rvm install $item >> $LOGFILE | |
| echo -e "\r$GREEN Installing Ruby $item $RESET" | |
| done | |
| # Set default ruby | |
| echo -en "$YELLOW Using Default Ruby: $RUBY_DEFAULT$RESET" | |
| rvm --default use $RUBY_DEFAULT >> $LOGFILE | |
| echo -e "\r$GREEN Using Default Ruby: $RUBY_DEFAULT$RESET" | |
| # Add jenkins user to rvm group | |
| echo -en "$YELLOW Adding user jenkins to RVM group$RESET" | |
| sudo adduser jenkins rvm >> $LOGFILE | |
| echo -e "\r$GREEN Adding user jenkins to RVM group$RESET" | |
| # Install Postgresql | |
| echo -en "$YELLOW Installing Postgres$RESET" | |
| sudo add-apt-repository ppa:pitti/postgresql | |
| sudo apt-get update >> $LOGFILE | |
| sudo apt-get install postgresql-9.2 -y >> $LOGFILE | |
| sudo apt-get install postgresql-client-9.2 -y >> $LOGFILE | |
| sudo apt-get install postgresql-contrib-9.2 -y >> $LOGFILE | |
| sudo apt-get install postgresql-server-dev-9.2 -y >> $LOGFILE | |
| sudo apt-get install libpq-dev -y >> $LOGFILE | |
| echo -e "\r$GREEN Installing Postgres$RESET" | |
| # Setting Up Postgres | |
| echo -e "$YELLOW Setting Up Postgres$RESET" | |
| # Set a password on postgres Unix User | |
| sudo passwd postgres | |
| # Add a user named "jenkins" with super user privileges | |
| sudo -u postgres psql -d template1 -U postgres -c "CREATE USER jenkins;" >> $LOGFILE | |
| sudo -u postgres psql -d template1 -U postgres -c "ALTER USER jenkins WITH SUPERUSER;" >> $LOGFILE | |
| # Add a user named "deploy" with super user priveleges | |
| sudo -u postgres psql -d template1 -U postgres -c "CREATE USER deploy;" >> $LOGFILE | |
| sudo -u postgres psql -d template1 -U postgres -c "ALTER USER deploy WITH SUPERUSER;" >> $LOGFILE | |
| echo -e "\r$GREEN Setting Up Postgres$RESET" | |
| echo -en "$YELLOW Installing Phantom JS$RESET" | |
| cd /usr/local/share/ | |
| sudo wget -q http://phantomjs.googlecode.com/files/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE | |
| sudo tar jxvf phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE | |
| sudo ln -s /usr/local/share/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64/ /usr/local/share/phantomjs >> $LOGFILE | |
| sudo ln -s /usr/local/share/phantomjs/bin/phantomjs /usr/local/bin/phantomjs >> $LOGFILE | |
| echo -e "\r$GREEN Installing Phantom JS$RESET" | |
| echo -en "$YELLOW Installing Redis (this may take a minute)$RESET" | |
| wget -q $REDIS_URL >> $LOGFILE | |
| tar xzf redis-2.4.16.tar.gz >> $LOGFILE | |
| cd redis-2.4.16 | |
| make >> $LOGFILE | |
| make test >> $LOGFILE | |
| sudo make install >> $LOGFILE | |
| cd utils && sudo ./install_server.sh && sudo update-rc.d redis_6379 defaults | |
| echo -e "\r$GREEN Installing Redis (this may take a minute)$RESET" | |
| # Install plugins | |
| for item in ${jenkinsPlugins[@]} | |
| do | |
| echo -en "$YELLOW Installing plugin $item $RESET" | |
| wget -q http://updates.jenkins-ci.org/latest/$item >> $LOGFILE | |
| mv $item /var/lib/jenkins/plugins/ | |
| echo -e "\r$GREEN Installing plugin $item $RESET" | |
| done | |
| # Start Jenkins | |
| echo -en "$YELLOW Starting Jenkins$RESET" | |
| sudo service jenkins start >> $LOGFILE | |
| echo -e "\r$GREEN Starting Jenkins$RESET" | |
| #Configure Git | |
| echo -e "$CYAN Enter a email address to associate with git$RESET" | |
| read gitEmail | |
| echo -e "$CYAN Enter a name to associate with git$RESET" | |
| read gitName | |
| git config --global user.email $gitEmail | |
| git config --global user.name $gitName | |
| echo -e "$GREEN Git Configured$RESET" | |
| # Generate SSH key for integration with Github/Github plugin with Jenkins | |
| echo -e "$GREEN Generating Jenkins Deploy SSH Key$RESET" | |
| mkdir /var/lib/jenkins/.ssh | |
| echo -e "$CYAN Enter the email address to associate with the SSH key (Followed by [ENTER]):$RESET" | |
| read email | |
| ssh-keygen -N '' -f /var/lib/jenkins/.ssh/jenkins-deploy-key -t rsa -q -C "$email" | |
| echo -e "$CYAN Generated Jenkins Deploy SSH key, you must add this to the github project deploy keys$RESET" | |
| echo -e "$CYAN Setting up SSH Config$RESET" | |
| echo "Host github.com | |
| IdentityFile ~/.ssh/jenkins-deploy-key" >> /var/lib/jenkins/.ssh/config | |
| chown -R jenkins:nogroup /var/lib/jenkins/.ssh | |
| echo -en "$YELLOW Adding Github to Jenkins user knownhosts$RESET" | |
| su jenkins -c "ssh -T -oStrictHostKeyChecking=no git@github.com" >> $LOGFILE | |
| echo -e "\r$GREEN Adding Github to Jenkins user knownhosts$RESET" | |
| echo -e "$YELLOW Setting up deploy user$RESET" | |
| adduser deploy | |
| usermod -a -G sudo deploy | |
| echo -e "\r$GREEN Setting up deploy user$RESET" | |
| echo -e "$YELLOW Setup bash for jenkins and deploy user$RESET" | |
| cp /root/.bashrc /var/lib/jenkins/ | |
| cp /root/.bashrc /home/deploy/ | |
| chown jenkins:nogroup /var/lib/jenkins/.bashrc | |
| chown deploy:deploy /home/deploy/.bashrc | |
| echo -e "\r$GREEN Setup bash for jenkins and deploy user$RESET" | |
| echo -e "$GREEN Setting up SSH keys$RESET" | |
| mkdir /home/deploy/.ssh | |
| chown -R deploy:deploy /home/deploy/.ssh | |
| echo -e "$CYAN Please transfer your local SSH key from your computer using the following command:$RESET" | |
| echo -e "$CYAN scp ~/.ssh/id_rsa.pub deploy@$PUBLIC_IP:/home/deploy/.ssh$RESET" | |
| echo -e "$CYAN Press [Enter] when complete$RESET" | |
| read | |
| mv /home/deploy/.ssh/id_rsa.pub /home/deploy/.ssh/authorized_keys | |
| chown -R deploy:deploy /home/deploy/.ssh | |
| chmod 700 /home/deploy/.ssh | |
| chmod 600 /home/deploy/.ssh/authorized_keys | |
| echo -en "$YELLOW Updating SSH config$RESET" | |
| sudo sed -i -e 's/.*PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config | |
| sudo sed -i -e 's/.*PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config | |
| sudo service ssh restart >> $LOGFILE | |
| echo -e "\r$GREEN Updating SSH config$RESET" | |
| echo -en "$YELLOW Settiing up Iptables Firewall$RESET" | |
| wget -q -O firewall $FIREWALL_RULES_GIST >> $LOGFILE | |
| tar --strip-components=1 -xvzf firewall >> $LOGFILE | |
| mv iptables.firewall.rules /etc/ | |
| mv firewall /etc/network/if-pre-up.d/ | |
| sudo iptables-restore < /etc/iptables.firewall.rules | |
| sudo chmod +x /etc/network/if-pre-up.d/firewall | |
| echo -e "\r$GREEN Settiing up Iptables Firewall$RESET" | |
| echo -en "$YELLOW Installing fail2ban$RESET" | |
| sudo apt-get install fail2ban -y >> $LOGFILE | |
| echo -e "\r$GREEN Installing fail2ban$RESET" | |
| echo -e "$CYAN ---Result--------------------------------$RESET" | |
| echo -e "$CYAN --Jenkins CI URL$RESET" | |
| echo "http://$PUBLIC_IP:8080" | |
| echo -e "$CYAN --Rvm$RESET" | |
| rvm -v | |
| echo -e "$CYAN --Ruby$RESET" | |
| ruby -v | |
| echo -e "$CYAN --Postgresql$RESET" | |
| psql -V | |
| echo -e "$RED You will still need to enable trust authentication if you do not have a password on your deploy PG user" | |
| echo -e "See: bit.ly/15G94xa$RESET" | |
| echo -e "$CYAN --PhantomJS$RESET" | |
| phantomjs -v | |
| echo -e "$CYAN --Redis Server$RESET" | |
| redis-server -v | |
| echo -e "$CYAN --Users$RESET" | |
| awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd | |
| echo -e "$CYAN --Firewall Settings$RESET" | |
| sudo iptables -L | |
| echo -e "$CYAN --Jenkins SSH Key (Add this to github)$RESET" | |
| cat /var/lib/jenkins/.ssh/jenkins-deploy-key.pub | |
| echo -e "$CYAN --Github Plugin Service Hook URL$RESET" | |
| echo "http://$PUBLIC_IP:8080/github-webhook/" |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment
Hide comment
ariya
commented
Jul 13, 2013
|
Get the up-to-date PhantomJS 1.9.1 please :) |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment
Hide comment
jasontruluck
Jul 15, 2013
@ariya awesome I did not even notice the update. I changed the script a bit so the version can be specified now instead.
|
@ariya awesome I did not even notice the update. I changed the script a bit so the version can be specified now instead. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Get the up-to-date PhantomJS 1.9.1 please :)