Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Jenkins CI server install script. Read comments at top of script for details.
#!/bin/bash
## Please modify and use at your leisure!
## This script installs:
## -Jenkins CI
## -RVM
## -Ruby 1.9.3
## -Postgresql 9.2
## -Phantom JS 1.9.0
## -Redis 2.4.16
##
## It also installs Jenkins CI plugins, defaults are:
## Git plugin https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin
## Git Client https://wiki.jenkins-ci.org/display/JENKINS/Git+Client+Plugin
## Github API plugin https://wiki.jenkins-ci.org/display/JENKINS/GitHub+API+Plugin
## Github OAuth plugin https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin
## You can modify this by adding or removing from jenkinsPlugins array
##
## This will also setup basic security for the system including:
## -add deploy user
## -setup SSH key pair
## -disable ssh password auth and root login
## -create firewall settings
## -install fail2ban
##
## Due to the nature of the script and some of the commands it is minimally
## interactive, although some commands (i.e. adding users) require user
## user interaction.
##
## Since it is assumed that git will not be available before this script
## is used you need to copy the script using your favorite text editor
## then mark it executable and run it I.E:
## vim setup.sh
## paste script
## chmod +x setup.sh && ./setup.sh
## Enjoy!
# DEFAULTS
LOGFILE="/var/log/jenkins-ci-install.log"
PUBLIC_IP=`curl ifconfig.me 2>/dev/null | egrep -o "[0-9\.]*"`
FIREWALL_RULES_GIST="https://gist.github.com/jasontruluck/02eb2fcd40a088bf8cce/download"
REDIS_URL="http://redis.googlecode.com/files/redis-2.4.16.tar.gz"
PHANTOM_JS_VERSION="1.9.1"
declare -a rubyVersions=('1.9.3' '2.0.0')
RUBY_DEFAULT="1.9.3"
# Colors
ESC_SEQ="\x1b["
RESET=$ESC_SEQ"39;49;00m"
RED=$ESC_SEQ"31;01m"
GREEN=$ESC_SEQ"32;01m"
YELLOW=$ESC_SEQ"33;01m"
BLUE=$ESC_SEQ"34;01m"
MAGENTA=$ESC_SEQ"35;01m"
CYAN=$ESC_SEQ"36;01m"
# Jenkins Plugins
declare -a jenkinsPlugins=("git.hpi" "github-api.hpi" "git-client.hpi" "github-oauth.hpi")
# Create Log
echo -en "$YELLOW Creating Log: $LOGFILE$RESET"
touch $LOGFILE
echo -e "\r$GREEN Creating Log: $LOGFILE$RESET"
# Install Jenkins
echo -en "$YELLOW Installing Jenkins$RESET"
wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add - >> $LOGFILE
sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list' >> $LOGFILE
apt-get update -y >> $LOGFILE
apt-get install jenkins -y >> $LOGFILE
echo -e "\r$GREEN Installing Jenkins$RESET"
# Update apt-get
echo -en "$YELLOW Updating apt-get$RESET"
sudo apt-get update >> $LOGFILE
echo -e "\r$GREEN Updating apt-get$RESET"
# Install dependencies
echo -en "$YELLOW Install dependencies$RESET"
sudo apt-get install curl -y >> $LOGFILE
sudo apt-get install build-essential -y >> $LOGFILE
sudo apt-get install openssl -y >> $LOGFILE
sudo apt-get install libreadline6 -y >> $LOGFILE
sudo apt-get install libreadline6-dev -y >> $LOGFILE
sudo apt-get install git-core -y >> $LOGFILE
sudo apt-get install zlib1g -y >> $LOGFILE
sudo apt-get install zlib1g-dev -y >> $LOGFILE
sudo apt-get install libssl-dev -y >> $LOGFILE
sudo apt-get install libyaml-dev -y >> $LOGFILE
sudo apt-get install libsqlite3-dev -y >> $LOGFILE
sudo apt-get install sqlite3 -y >> $LOGFILE
sudo apt-get install libxml2-dev -y >> $LOGFILE
sudo apt-get install libxslt-dev -y >> $LOGFILE
sudo apt-get install autoconf -y >> $LOGFILE
sudo apt-get install libc6-dev -y >> $LOGFILE
sudo apt-get install ncurses-dev -y >> $LOGFILE
sudo apt-get install automake -y >> $LOGFILE
sudo apt-get install libtool -y >> $LOGFILE
sudo apt-get install bison -y >> $LOGFILE
sudo apt-get install subversion -y >> $LOGFILE
sudo apt-get install pkg-config -y >> $LOGFILE
sudo apt-get install python-software-properties -y >> $LOGFILE
sudo apt-get install tcl8.5 -y >> $LOGFILE
echo -e "\r$GREEN Install dependencies$RESET"
# Install ExecJS
echo -en "$YELLOW Installing Javascript Runtime$RESET"
sudo apt-get install nodejs -y >> $LOGFILE
echo -e "\r$GREEN Installing Javascript Runtime$RESET"
# Get RVM
echo -en "$YELLOW Installing RVM$RESET"
curl --silent -L get.rvm.io | bash -s stable --auto >> $LOGFILE
echo -e "\r$GREEN Installing RVM$RESET"
# Source Bash
echo -en "$YELLOW Sourcing Bash$RESET"
# Load RVM into a shell session *as a function*
if [[ -s "$HOME/.rvm/scripts/rvm" ]] ; then
# First try to load from a user install
. "$HOME/.rvm/scripts/rvm"
elif [[ -s "/usr/local/rvm/scripts/rvm" ]] ; then
# Then try to load from a root install
. "/usr/local/rvm/scripts/rvm"
else
printf "ERROR: An RVM installation was not found.\n"
fi
echo -e "\r$GREEN Sourcing Bash$RESET"
# install Ruby
for item in ${rubyVersions[@]}
do
echo -en "$YELLOW Installing Ruby $item $RESET"
rvm install $item >> $LOGFILE
echo -e "\r$GREEN Installing Ruby $item $RESET"
done
# Set default ruby
echo -en "$YELLOW Using Default Ruby: $RUBY_DEFAULT$RESET"
rvm --default use $RUBY_DEFAULT >> $LOGFILE
echo -e "\r$GREEN Using Default Ruby: $RUBY_DEFAULT$RESET"
# Add jenkins user to rvm group
echo -en "$YELLOW Adding user jenkins to RVM group$RESET"
sudo adduser jenkins rvm >> $LOGFILE
echo -e "\r$GREEN Adding user jenkins to RVM group$RESET"
# Install Postgresql
echo -en "$YELLOW Installing Postgres$RESET"
sudo add-apt-repository ppa:pitti/postgresql
sudo apt-get update >> $LOGFILE
sudo apt-get install postgresql-9.2 -y >> $LOGFILE
sudo apt-get install postgresql-client-9.2 -y >> $LOGFILE
sudo apt-get install postgresql-contrib-9.2 -y >> $LOGFILE
sudo apt-get install postgresql-server-dev-9.2 -y >> $LOGFILE
sudo apt-get install libpq-dev -y >> $LOGFILE
echo -e "\r$GREEN Installing Postgres$RESET"
# Setting Up Postgres
echo -e "$YELLOW Setting Up Postgres$RESET"
# Set a password on postgres Unix User
sudo passwd postgres
# Add a user named "jenkins" with super user privileges
sudo -u postgres psql -d template1 -U postgres -c "CREATE USER jenkins;" >> $LOGFILE
sudo -u postgres psql -d template1 -U postgres -c "ALTER USER jenkins WITH SUPERUSER;" >> $LOGFILE
# Add a user named "deploy" with super user priveleges
sudo -u postgres psql -d template1 -U postgres -c "CREATE USER deploy;" >> $LOGFILE
sudo -u postgres psql -d template1 -U postgres -c "ALTER USER deploy WITH SUPERUSER;" >> $LOGFILE
echo -e "\r$GREEN Setting Up Postgres$RESET"
echo -en "$YELLOW Installing Phantom JS$RESET"
cd /usr/local/share/
sudo wget -q http://phantomjs.googlecode.com/files/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE
sudo tar jxvf phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE
sudo ln -s /usr/local/share/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64/ /usr/local/share/phantomjs >> $LOGFILE
sudo ln -s /usr/local/share/phantomjs/bin/phantomjs /usr/local/bin/phantomjs >> $LOGFILE
echo -e "\r$GREEN Installing Phantom JS$RESET"
echo -en "$YELLOW Installing Redis (this may take a minute)$RESET"
wget -q $REDIS_URL >> $LOGFILE
tar xzf redis-2.4.16.tar.gz >> $LOGFILE
cd redis-2.4.16
make >> $LOGFILE
make test >> $LOGFILE
sudo make install >> $LOGFILE
cd utils && sudo ./install_server.sh && sudo update-rc.d redis_6379 defaults
echo -e "\r$GREEN Installing Redis (this may take a minute)$RESET"
# Install plugins
for item in ${jenkinsPlugins[@]}
do
echo -en "$YELLOW Installing plugin $item $RESET"
wget -q http://updates.jenkins-ci.org/latest/$item >> $LOGFILE
mv $item /var/lib/jenkins/plugins/
echo -e "\r$GREEN Installing plugin $item $RESET"
done
# Start Jenkins
echo -en "$YELLOW Starting Jenkins$RESET"
sudo service jenkins start >> $LOGFILE
echo -e "\r$GREEN Starting Jenkins$RESET"
#Configure Git
echo -e "$CYAN Enter a email address to associate with git$RESET"
read gitEmail
echo -e "$CYAN Enter a name to associate with git$RESET"
read gitName
git config --global user.email $gitEmail
git config --global user.name $gitName
echo -e "$GREEN Git Configured$RESET"
# Generate SSH key for integration with Github/Github plugin with Jenkins
echo -e "$GREEN Generating Jenkins Deploy SSH Key$RESET"
mkdir /var/lib/jenkins/.ssh
echo -e "$CYAN Enter the email address to associate with the SSH key (Followed by [ENTER]):$RESET"
read email
ssh-keygen -N '' -f /var/lib/jenkins/.ssh/jenkins-deploy-key -t rsa -q -C "$email"
echo -e "$CYAN Generated Jenkins Deploy SSH key, you must add this to the github project deploy keys$RESET"
echo -e "$CYAN Setting up SSH Config$RESET"
echo "Host github.com
IdentityFile ~/.ssh/jenkins-deploy-key" >> /var/lib/jenkins/.ssh/config
chown -R jenkins:nogroup /var/lib/jenkins/.ssh
echo -en "$YELLOW Adding Github to Jenkins user knownhosts$RESET"
su jenkins -c "ssh -T -oStrictHostKeyChecking=no git@github.com" >> $LOGFILE
echo -e "\r$GREEN Adding Github to Jenkins user knownhosts$RESET"
echo -e "$YELLOW Setting up deploy user$RESET"
adduser deploy
usermod -a -G sudo deploy
echo -e "\r$GREEN Setting up deploy user$RESET"
echo -e "$YELLOW Setup bash for jenkins and deploy user$RESET"
cp /root/.bashrc /var/lib/jenkins/
cp /root/.bashrc /home/deploy/
chown jenkins:nogroup /var/lib/jenkins/.bashrc
chown deploy:deploy /home/deploy/.bashrc
echo -e "\r$GREEN Setup bash for jenkins and deploy user$RESET"
echo -e "$GREEN Setting up SSH keys$RESET"
mkdir /home/deploy/.ssh
chown -R deploy:deploy /home/deploy/.ssh
echo -e "$CYAN Please transfer your local SSH key from your computer using the following command:$RESET"
echo -e "$CYAN scp ~/.ssh/id_rsa.pub deploy@$PUBLIC_IP:/home/deploy/.ssh$RESET"
echo -e "$CYAN Press [Enter] when complete$RESET"
read
mv /home/deploy/.ssh/id_rsa.pub /home/deploy/.ssh/authorized_keys
chown -R deploy:deploy /home/deploy/.ssh
chmod 700 /home/deploy/.ssh
chmod 600 /home/deploy/.ssh/authorized_keys
echo -en "$YELLOW Updating SSH config$RESET"
sudo sed -i -e 's/.*PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
sudo sed -i -e 's/.*PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config
sudo service ssh restart >> $LOGFILE
echo -e "\r$GREEN Updating SSH config$RESET"
echo -en "$YELLOW Settiing up Iptables Firewall$RESET"
wget -q -O firewall $FIREWALL_RULES_GIST >> $LOGFILE
tar --strip-components=1 -xvzf firewall >> $LOGFILE
mv iptables.firewall.rules /etc/
mv firewall /etc/network/if-pre-up.d/
sudo iptables-restore < /etc/iptables.firewall.rules
sudo chmod +x /etc/network/if-pre-up.d/firewall
echo -e "\r$GREEN Settiing up Iptables Firewall$RESET"
echo -en "$YELLOW Installing fail2ban$RESET"
sudo apt-get install fail2ban -y >> $LOGFILE
echo -e "\r$GREEN Installing fail2ban$RESET"
echo -e "$CYAN ---Result--------------------------------$RESET"
echo -e "$CYAN --Jenkins CI URL$RESET"
echo "http://$PUBLIC_IP:8080"
echo -e "$CYAN --Rvm$RESET"
rvm -v
echo -e "$CYAN --Ruby$RESET"
ruby -v
echo -e "$CYAN --Postgresql$RESET"
psql -V
echo -e "$RED You will still need to enable trust authentication if you do not have a password on your deploy PG user"
echo -e "See: bit.ly/15G94xa$RESET"
echo -e "$CYAN --PhantomJS$RESET"
phantomjs -v
echo -e "$CYAN --Redis Server$RESET"
redis-server -v
echo -e "$CYAN --Users$RESET"
awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd
echo -e "$CYAN --Firewall Settings$RESET"
sudo iptables -L
echo -e "$CYAN --Jenkins SSH Key (Add this to github)$RESET"
cat /var/lib/jenkins/.ssh/jenkins-deploy-key.pub
echo -e "$CYAN --Github Plugin Service Hook URL$RESET"
echo "http://$PUBLIC_IP:8080/github-webhook/"
@ariya

This comment has been minimized.

Copy link

commented Jul 13, 2013

Get the up-to-date PhantomJS 1.9.1 please :)

@jasontruluck

This comment has been minimized.

Copy link
Owner Author

commented Jul 15, 2013

@ariya awesome I did not even notice the update. I changed the script a bit so the version can be specified now instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.