Instantly share code, notes, and snippets.

@jasontruluck /jenkins-ci-install.sh
Last active Dec 19, 2015

Embed
What would you like to do?
Download ZIP
Jenkins CI server install script. Read comments at top of script for details.
Raw
jenkins-ci-install.sh
#!/bin/bash
## Please modify and use at your leisure!
## This script installs:
## -Jenkins CI
## -RVM
## -Ruby 1.9.3
## -Postgresql 9.2
## -Phantom JS 1.9.0
## -Redis 2.4.16
##
## It also installs Jenkins CI plugins, defaults are:
## Git plugin https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin
## Git Client https://wiki.jenkins-ci.org/display/JENKINS/Git+Client+Plugin
## Github API plugin https://wiki.jenkins-ci.org/display/JENKINS/GitHub+API+Plugin
## Github OAuth plugin https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin
## You can modify this by adding or removing from jenkinsPlugins array
##
## This will also setup basic security for the system including:
## -add deploy user
## -setup SSH key pair
## -disable ssh password auth and root login
## -create firewall settings
## -install fail2ban
##
## Due to the nature of the script and some of the commands it is minimally
## interactive, although some commands (i.e. adding users) require user
## user interaction.
##
## Since it is assumed that git will not be available before this script
## is used you need to copy the script using your favorite text editor
## then mark it executable and run it I.E:
## vim setup.sh
## paste script
## chmod +x setup.sh && ./setup.sh
## Enjoy!
# DEFAULTS
LOGFILE="/var/log/jenkins-ci-install.log"
PUBLIC_IP=`curl ifconfig.me 2>/dev/null | egrep -o "[0-9\.]*"`
FIREWALL_RULES_GIST="https://gist.github.com/jasontruluck/02eb2fcd40a088bf8cce/download"
REDIS_URL="http://redis.googlecode.com/files/redis-2.4.16.tar.gz"
PHANTOM_JS_VERSION="1.9.1"
declare -a rubyVersions=('1.9.3' '2.0.0')
RUBY_DEFAULT="1.9.3"
# Colors
ESC_SEQ="\x1b["
RESET=$ESC_SEQ"39;49;00m"
RED=$ESC_SEQ"31;01m"
GREEN=$ESC_SEQ"32;01m"
YELLOW=$ESC_SEQ"33;01m"
BLUE=$ESC_SEQ"34;01m"
MAGENTA=$ESC_SEQ"35;01m"
CYAN=$ESC_SEQ"36;01m"
# Jenkins Plugins
declare -a jenkinsPlugins=("git.hpi" "github-api.hpi" "git-client.hpi" "github-oauth.hpi")
# Create Log
echo -en "$YELLOW Creating Log: $LOGFILE$RESET"
touch $LOGFILE
echo -e "\r$GREEN Creating Log: $LOGFILE$RESET"
# Install Jenkins
echo -en "$YELLOW Installing Jenkins$RESET"
wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add - >> $LOGFILE
sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list' >> $LOGFILE
apt-get update -y >> $LOGFILE
apt-get install jenkins -y >> $LOGFILE
echo -e "\r$GREEN Installing Jenkins$RESET"
# Update apt-get
echo -en "$YELLOW Updating apt-get$RESET"
sudo apt-get update >> $LOGFILE
echo -e "\r$GREEN Updating apt-get$RESET"
# Install dependencies
echo -en "$YELLOW Install dependencies$RESET"
sudo apt-get install curl -y >> $LOGFILE
sudo apt-get install build-essential -y >> $LOGFILE
sudo apt-get install openssl -y >> $LOGFILE
sudo apt-get install libreadline6 -y >> $LOGFILE
sudo apt-get install libreadline6-dev -y >> $LOGFILE
sudo apt-get install git-core -y >> $LOGFILE
sudo apt-get install zlib1g -y >> $LOGFILE
sudo apt-get install zlib1g-dev -y >> $LOGFILE
sudo apt-get install libssl-dev -y >> $LOGFILE
sudo apt-get install libyaml-dev -y >> $LOGFILE
sudo apt-get install libsqlite3-dev -y >> $LOGFILE
sudo apt-get install sqlite3 -y >> $LOGFILE
sudo apt-get install libxml2-dev -y >> $LOGFILE
sudo apt-get install libxslt-dev -y >> $LOGFILE
sudo apt-get install autoconf -y >> $LOGFILE
sudo apt-get install libc6-dev -y >> $LOGFILE
sudo apt-get install ncurses-dev -y >> $LOGFILE
sudo apt-get install automake -y >> $LOGFILE
sudo apt-get install libtool -y >> $LOGFILE
sudo apt-get install bison -y >> $LOGFILE
sudo apt-get install subversion -y >> $LOGFILE
sudo apt-get install pkg-config -y >> $LOGFILE
sudo apt-get install python-software-properties -y >> $LOGFILE
sudo apt-get install tcl8.5 -y >> $LOGFILE
echo -e "\r$GREEN Install dependencies$RESET"
# Install ExecJS
echo -en "$YELLOW Installing Javascript Runtime$RESET"
sudo apt-get install nodejs -y >> $LOGFILE
echo -e "\r$GREEN Installing Javascript Runtime$RESET"
# Get RVM
echo -en "$YELLOW Installing RVM$RESET"
curl --silent -L get.rvm.io | bash -s stable --auto >> $LOGFILE
echo -e "\r$GREEN Installing RVM$RESET"
# Source Bash
echo -en "$YELLOW Sourcing Bash$RESET"
# Load RVM into a shell session *as a function*
if [[ -s "$HOME/.rvm/scripts/rvm" ]] ; then
# First try to load from a user install
. "$HOME/.rvm/scripts/rvm"
elif [[ -s "/usr/local/rvm/scripts/rvm" ]] ; then
# Then try to load from a root install
. "/usr/local/rvm/scripts/rvm"
else
printf "ERROR: An RVM installation was not found.\n"
fi
echo -e "\r$GREEN Sourcing Bash$RESET"
# install Ruby
for item in ${rubyVersions[@]}
do
echo -en "$YELLOW Installing Ruby $item $RESET"
rvm install $item >> $LOGFILE
echo -e "\r$GREEN Installing Ruby $item $RESET"
done
# Set default ruby
echo -en "$YELLOW Using Default Ruby: $RUBY_DEFAULT$RESET"
rvm --default use $RUBY_DEFAULT >> $LOGFILE
echo -e "\r$GREEN Using Default Ruby: $RUBY_DEFAULT$RESET"
# Add jenkins user to rvm group
echo -en "$YELLOW Adding user jenkins to RVM group$RESET"
sudo adduser jenkins rvm >> $LOGFILE
echo -e "\r$GREEN Adding user jenkins to RVM group$RESET"
# Install Postgresql
echo -en "$YELLOW Installing Postgres$RESET"
sudo add-apt-repository ppa:pitti/postgresql
sudo apt-get update >> $LOGFILE
sudo apt-get install postgresql-9.2 -y >> $LOGFILE
sudo apt-get install postgresql-client-9.2 -y >> $LOGFILE
sudo apt-get install postgresql-contrib-9.2 -y >> $LOGFILE
sudo apt-get install postgresql-server-dev-9.2 -y >> $LOGFILE
sudo apt-get install libpq-dev -y >> $LOGFILE
echo -e "\r$GREEN Installing Postgres$RESET"
# Setting Up Postgres
echo -e "$YELLOW Setting Up Postgres$RESET"
# Set a password on postgres Unix User
sudo passwd postgres
# Add a user named "jenkins" with super user privileges
sudo -u postgres psql -d template1 -U postgres -c "CREATE USER jenkins;" >> $LOGFILE
sudo -u postgres psql -d template1 -U postgres -c "ALTER USER jenkins WITH SUPERUSER;" >> $LOGFILE
# Add a user named "deploy" with super user priveleges
sudo -u postgres psql -d template1 -U postgres -c "CREATE USER deploy;" >> $LOGFILE
sudo -u postgres psql -d template1 -U postgres -c "ALTER USER deploy WITH SUPERUSER;" >> $LOGFILE
echo -e "\r$GREEN Setting Up Postgres$RESET"
echo -en "$YELLOW Installing Phantom JS$RESET"
cd /usr/local/share/
sudo wget -q http://phantomjs.googlecode.com/files/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE
sudo tar jxvf phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE
sudo ln -s /usr/local/share/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64/ /usr/local/share/phantomjs >> $LOGFILE
sudo ln -s /usr/local/share/phantomjs/bin/phantomjs /usr/local/bin/phantomjs >> $LOGFILE
echo -e "\r$GREEN Installing Phantom JS$RESET"
echo -en "$YELLOW Installing Redis (this may take a minute)$RESET"
wget -q $REDIS_URL >> $LOGFILE
tar xzf redis-2.4.16.tar.gz >> $LOGFILE
cd redis-2.4.16
make >> $LOGFILE
make test >> $LOGFILE
sudo make install >> $LOGFILE
cd utils && sudo ./install_server.sh && sudo update-rc.d redis_6379 defaults
echo -e "\r$GREEN Installing Redis (this may take a minute)$RESET"
# Install plugins
for item in ${jenkinsPlugins[@]}
do
echo -en "$YELLOW Installing plugin $item $RESET"
wget -q http://updates.jenkins-ci.org/latest/$item >> $LOGFILE
mv $item /var/lib/jenkins/plugins/
echo -e "\r$GREEN Installing plugin $item $RESET"
done
# Start Jenkins
echo -en "$YELLOW Starting Jenkins$RESET"
sudo service jenkins start >> $LOGFILE
echo -e "\r$GREEN Starting Jenkins$RESET"
#Configure Git
echo -e "$CYAN Enter a email address to associate with git$RESET"
read gitEmail
echo -e "$CYAN Enter a name to associate with git$RESET"
read gitName
git config --global user.email $gitEmail
git config --global user.name $gitName
echo -e "$GREEN Git Configured$RESET"
# Generate SSH key for integration with Github/Github plugin with Jenkins
echo -e "$GREEN Generating Jenkins Deploy SSH Key$RESET"
mkdir /var/lib/jenkins/.ssh
echo -e "$CYAN Enter the email address to associate with the SSH key (Followed by [ENTER]):$RESET"
read email
ssh-keygen -N '' -f /var/lib/jenkins/.ssh/jenkins-deploy-key -t rsa -q -C "$email"
echo -e "$CYAN Generated Jenkins Deploy SSH key, you must add this to the github project deploy keys$RESET"
echo -e "$CYAN Setting up SSH Config$RESET"
echo "Host github.com
IdentityFile ~/.ssh/jenkins-deploy-key" >> /var/lib/jenkins/.ssh/config
chown -R jenkins:nogroup /var/lib/jenkins/.ssh
echo -en "$YELLOW Adding Github to Jenkins user knownhosts$RESET"
su jenkins -c "ssh -T -oStrictHostKeyChecking=no git@github.com" >> $LOGFILE
echo -e "\r$GREEN Adding Github to Jenkins user knownhosts$RESET"
echo -e "$YELLOW Setting up deploy user$RESET"
adduser deploy
usermod -a -G sudo deploy
echo -e "\r$GREEN Setting up deploy user$RESET"
echo -e "$YELLOW Setup bash for jenkins and deploy user$RESET"
cp /root/.bashrc /var/lib/jenkins/
cp /root/.bashrc /home/deploy/
chown jenkins:nogroup /var/lib/jenkins/.bashrc
chown deploy:deploy /home/deploy/.bashrc
echo -e "\r$GREEN Setup bash for jenkins and deploy user$RESET"
echo -e "$GREEN Setting up SSH keys$RESET"
mkdir /home/deploy/.ssh
chown -R deploy:deploy /home/deploy/.ssh
echo -e "$CYAN Please transfer your local SSH key from your computer using the following command:$RESET"
echo -e "$CYAN scp ~/.ssh/id_rsa.pub deploy@$PUBLIC_IP:/home/deploy/.ssh$RESET"
echo -e "$CYAN Press [Enter] when complete$RESET"
read
mv /home/deploy/.ssh/id_rsa.pub /home/deploy/.ssh/authorized_keys
chown -R deploy:deploy /home/deploy/.ssh
chmod 700 /home/deploy/.ssh
chmod 600 /home/deploy/.ssh/authorized_keys
echo -en "$YELLOW Updating SSH config$RESET"
sudo sed -i -e 's/.*PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
sudo sed -i -e 's/.*PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config
sudo service ssh restart >> $LOGFILE
echo -e "\r$GREEN Updating SSH config$RESET"
echo -en "$YELLOW Settiing up Iptables Firewall$RESET"
wget -q -O firewall $FIREWALL_RULES_GIST >> $LOGFILE
tar --strip-components=1 -xvzf firewall >> $LOGFILE
mv iptables.firewall.rules /etc/
mv firewall /etc/network/if-pre-up.d/
sudo iptables-restore < /etc/iptables.firewall.rules
sudo chmod +x /etc/network/if-pre-up.d/firewall
echo -e "\r$GREEN Settiing up Iptables Firewall$RESET"
echo -en "$YELLOW Installing fail2ban$RESET"
sudo apt-get install fail2ban -y >> $LOGFILE
echo -e "\r$GREEN Installing fail2ban$RESET"
echo -e "$CYAN ---Result--------------------------------$RESET"
echo -e "$CYAN --Jenkins CI URL$RESET"
echo "http://$PUBLIC_IP:8080"
echo -e "$CYAN --Rvm$RESET"
rvm -v
echo -e "$CYAN --Ruby$RESET"
ruby -v
echo -e "$CYAN --Postgresql$RESET"
psql -V
echo -e "$RED You will still need to enable trust authentication if you do not have a password on your deploy PG user"
echo -e "See: bit.ly/15G94xa$RESET"
echo -e "$CYAN --PhantomJS$RESET"
phantomjs -v
echo -e "$CYAN --Redis Server$RESET"
redis-server -v
echo -e "$CYAN --Users$RESET"
awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd
echo -e "$CYAN --Firewall Settings$RESET"
sudo iptables -L
echo -e "$CYAN --Jenkins SSH Key (Add this to github)$RESET"
cat /var/lib/jenkins/.ssh/jenkins-deploy-key.pub
echo -e "$CYAN --Github Plugin Service Hook URL$RESET"
echo "http://$PUBLIC_IP:8080/github-webhook/"
@ariya

This comment has been minimized.

Sign in to view
Copy link

ariya commented Jul 13, 2013

Get the up-to-date PhantomJS 1.9.1 please :)
@jasontruluck

This comment has been minimized.

Sign in to view
Copy link
Owner Author

jasontruluck commented Jul 15, 2013

@ariya awesome I did not even notice the update. I changed the script a bit so the version can be specified now instead.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment