Jenkins CI server install script. Read comments at top of script for details.
#!/bin/bash | |
## Please modify and use at your leisure! | |
## This script installs: | |
## -Jenkins CI | |
## -RVM | |
## -Ruby 1.9.3 | |
## -Postgresql 9.2 | |
## -Phantom JS 1.9.0 | |
## -Redis 2.4.16 | |
## | |
## It also installs Jenkins CI plugins, defaults are: | |
## Git plugin https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin | |
## Git Client https://wiki.jenkins-ci.org/display/JENKINS/Git+Client+Plugin | |
## Github API plugin https://wiki.jenkins-ci.org/display/JENKINS/GitHub+API+Plugin | |
## Github OAuth plugin https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin | |
## You can modify this by adding or removing from jenkinsPlugins array | |
## | |
## This will also setup basic security for the system including: | |
## -add deploy user | |
## -setup SSH key pair | |
## -disable ssh password auth and root login | |
## -create firewall settings | |
## -install fail2ban | |
## | |
## Due to the nature of the script and some of the commands it is minimally | |
## interactive, although some commands (i.e. adding users) require user | |
## user interaction. | |
## | |
## Since it is assumed that git will not be available before this script | |
## is used you need to copy the script using your favorite text editor | |
## then mark it executable and run it I.E: | |
## vim setup.sh | |
## paste script | |
## chmod +x setup.sh && ./setup.sh | |
## Enjoy! | |
# DEFAULTS | |
LOGFILE="/var/log/jenkins-ci-install.log" | |
PUBLIC_IP=`curl ifconfig.me 2>/dev/null | egrep -o "[0-9\.]*"` | |
FIREWALL_RULES_GIST="https://gist.github.com/jasontruluck/02eb2fcd40a088bf8cce/download" | |
REDIS_URL="http://redis.googlecode.com/files/redis-2.4.16.tar.gz" | |
PHANTOM_JS_VERSION="1.9.1" | |
declare -a rubyVersions=('1.9.3' '2.0.0') | |
RUBY_DEFAULT="1.9.3" | |
# Colors | |
ESC_SEQ="\x1b[" | |
RESET=$ESC_SEQ"39;49;00m" | |
RED=$ESC_SEQ"31;01m" | |
GREEN=$ESC_SEQ"32;01m" | |
YELLOW=$ESC_SEQ"33;01m" | |
BLUE=$ESC_SEQ"34;01m" | |
MAGENTA=$ESC_SEQ"35;01m" | |
CYAN=$ESC_SEQ"36;01m" | |
# Jenkins Plugins | |
declare -a jenkinsPlugins=("git.hpi" "github-api.hpi" "git-client.hpi" "github-oauth.hpi") | |
# Create Log | |
echo -en "$YELLOW Creating Log: $LOGFILE$RESET" | |
touch $LOGFILE | |
echo -e "\r$GREEN Creating Log: $LOGFILE$RESET" | |
# Install Jenkins | |
echo -en "$YELLOW Installing Jenkins$RESET" | |
wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add - >> $LOGFILE | |
sh -c 'echo deb http://pkg.jenkins-ci.org/debian binary/ > /etc/apt/sources.list.d/jenkins.list' >> $LOGFILE | |
apt-get update -y >> $LOGFILE | |
apt-get install jenkins -y >> $LOGFILE | |
echo -e "\r$GREEN Installing Jenkins$RESET" | |
# Update apt-get | |
echo -en "$YELLOW Updating apt-get$RESET" | |
sudo apt-get update >> $LOGFILE | |
echo -e "\r$GREEN Updating apt-get$RESET" | |
# Install dependencies | |
echo -en "$YELLOW Install dependencies$RESET" | |
sudo apt-get install curl -y >> $LOGFILE | |
sudo apt-get install build-essential -y >> $LOGFILE | |
sudo apt-get install openssl -y >> $LOGFILE | |
sudo apt-get install libreadline6 -y >> $LOGFILE | |
sudo apt-get install libreadline6-dev -y >> $LOGFILE | |
sudo apt-get install git-core -y >> $LOGFILE | |
sudo apt-get install zlib1g -y >> $LOGFILE | |
sudo apt-get install zlib1g-dev -y >> $LOGFILE | |
sudo apt-get install libssl-dev -y >> $LOGFILE | |
sudo apt-get install libyaml-dev -y >> $LOGFILE | |
sudo apt-get install libsqlite3-dev -y >> $LOGFILE | |
sudo apt-get install sqlite3 -y >> $LOGFILE | |
sudo apt-get install libxml2-dev -y >> $LOGFILE | |
sudo apt-get install libxslt-dev -y >> $LOGFILE | |
sudo apt-get install autoconf -y >> $LOGFILE | |
sudo apt-get install libc6-dev -y >> $LOGFILE | |
sudo apt-get install ncurses-dev -y >> $LOGFILE | |
sudo apt-get install automake -y >> $LOGFILE | |
sudo apt-get install libtool -y >> $LOGFILE | |
sudo apt-get install bison -y >> $LOGFILE | |
sudo apt-get install subversion -y >> $LOGFILE | |
sudo apt-get install pkg-config -y >> $LOGFILE | |
sudo apt-get install python-software-properties -y >> $LOGFILE | |
sudo apt-get install tcl8.5 -y >> $LOGFILE | |
echo -e "\r$GREEN Install dependencies$RESET" | |
# Install ExecJS | |
echo -en "$YELLOW Installing Javascript Runtime$RESET" | |
sudo apt-get install nodejs -y >> $LOGFILE | |
echo -e "\r$GREEN Installing Javascript Runtime$RESET" | |
# Get RVM | |
echo -en "$YELLOW Installing RVM$RESET" | |
curl --silent -L get.rvm.io | bash -s stable --auto >> $LOGFILE | |
echo -e "\r$GREEN Installing RVM$RESET" | |
# Source Bash | |
echo -en "$YELLOW Sourcing Bash$RESET" | |
# Load RVM into a shell session *as a function* | |
if [[ -s "$HOME/.rvm/scripts/rvm" ]] ; then | |
# First try to load from a user install | |
. "$HOME/.rvm/scripts/rvm" | |
elif [[ -s "/usr/local/rvm/scripts/rvm" ]] ; then | |
# Then try to load from a root install | |
. "/usr/local/rvm/scripts/rvm" | |
else | |
printf "ERROR: An RVM installation was not found.\n" | |
fi | |
echo -e "\r$GREEN Sourcing Bash$RESET" | |
# install Ruby | |
for item in ${rubyVersions[@]} | |
do | |
echo -en "$YELLOW Installing Ruby $item $RESET" | |
rvm install $item >> $LOGFILE | |
echo -e "\r$GREEN Installing Ruby $item $RESET" | |
done | |
# Set default ruby | |
echo -en "$YELLOW Using Default Ruby: $RUBY_DEFAULT$RESET" | |
rvm --default use $RUBY_DEFAULT >> $LOGFILE | |
echo -e "\r$GREEN Using Default Ruby: $RUBY_DEFAULT$RESET" | |
# Add jenkins user to rvm group | |
echo -en "$YELLOW Adding user jenkins to RVM group$RESET" | |
sudo adduser jenkins rvm >> $LOGFILE | |
echo -e "\r$GREEN Adding user jenkins to RVM group$RESET" | |
# Install Postgresql | |
echo -en "$YELLOW Installing Postgres$RESET" | |
sudo add-apt-repository ppa:pitti/postgresql | |
sudo apt-get update >> $LOGFILE | |
sudo apt-get install postgresql-9.2 -y >> $LOGFILE | |
sudo apt-get install postgresql-client-9.2 -y >> $LOGFILE | |
sudo apt-get install postgresql-contrib-9.2 -y >> $LOGFILE | |
sudo apt-get install postgresql-server-dev-9.2 -y >> $LOGFILE | |
sudo apt-get install libpq-dev -y >> $LOGFILE | |
echo -e "\r$GREEN Installing Postgres$RESET" | |
# Setting Up Postgres | |
echo -e "$YELLOW Setting Up Postgres$RESET" | |
# Set a password on postgres Unix User | |
sudo passwd postgres | |
# Add a user named "jenkins" with super user privileges | |
sudo -u postgres psql -d template1 -U postgres -c "CREATE USER jenkins;" >> $LOGFILE | |
sudo -u postgres psql -d template1 -U postgres -c "ALTER USER jenkins WITH SUPERUSER;" >> $LOGFILE | |
# Add a user named "deploy" with super user priveleges | |
sudo -u postgres psql -d template1 -U postgres -c "CREATE USER deploy;" >> $LOGFILE | |
sudo -u postgres psql -d template1 -U postgres -c "ALTER USER deploy WITH SUPERUSER;" >> $LOGFILE | |
echo -e "\r$GREEN Setting Up Postgres$RESET" | |
echo -en "$YELLOW Installing Phantom JS$RESET" | |
cd /usr/local/share/ | |
sudo wget -q http://phantomjs.googlecode.com/files/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE | |
sudo tar jxvf phantomjs-$PHANTOM_JS_VERSION-linux-x86_64.tar.bz2 >> $LOGFILE | |
sudo ln -s /usr/local/share/phantomjs-$PHANTOM_JS_VERSION-linux-x86_64/ /usr/local/share/phantomjs >> $LOGFILE | |
sudo ln -s /usr/local/share/phantomjs/bin/phantomjs /usr/local/bin/phantomjs >> $LOGFILE | |
echo -e "\r$GREEN Installing Phantom JS$RESET" | |
echo -en "$YELLOW Installing Redis (this may take a minute)$RESET" | |
wget -q $REDIS_URL >> $LOGFILE | |
tar xzf redis-2.4.16.tar.gz >> $LOGFILE | |
cd redis-2.4.16 | |
make >> $LOGFILE | |
make test >> $LOGFILE | |
sudo make install >> $LOGFILE | |
cd utils && sudo ./install_server.sh && sudo update-rc.d redis_6379 defaults | |
echo -e "\r$GREEN Installing Redis (this may take a minute)$RESET" | |
# Install plugins | |
for item in ${jenkinsPlugins[@]} | |
do | |
echo -en "$YELLOW Installing plugin $item $RESET" | |
wget -q http://updates.jenkins-ci.org/latest/$item >> $LOGFILE | |
mv $item /var/lib/jenkins/plugins/ | |
echo -e "\r$GREEN Installing plugin $item $RESET" | |
done | |
# Start Jenkins | |
echo -en "$YELLOW Starting Jenkins$RESET" | |
sudo service jenkins start >> $LOGFILE | |
echo -e "\r$GREEN Starting Jenkins$RESET" | |
#Configure Git | |
echo -e "$CYAN Enter a email address to associate with git$RESET" | |
read gitEmail | |
echo -e "$CYAN Enter a name to associate with git$RESET" | |
read gitName | |
git config --global user.email $gitEmail | |
git config --global user.name $gitName | |
echo -e "$GREEN Git Configured$RESET" | |
# Generate SSH key for integration with Github/Github plugin with Jenkins | |
echo -e "$GREEN Generating Jenkins Deploy SSH Key$RESET" | |
mkdir /var/lib/jenkins/.ssh | |
echo -e "$CYAN Enter the email address to associate with the SSH key (Followed by [ENTER]):$RESET" | |
read email | |
ssh-keygen -N '' -f /var/lib/jenkins/.ssh/jenkins-deploy-key -t rsa -q -C "$email" | |
echo -e "$CYAN Generated Jenkins Deploy SSH key, you must add this to the github project deploy keys$RESET" | |
echo -e "$CYAN Setting up SSH Config$RESET" | |
echo "Host github.com | |
IdentityFile ~/.ssh/jenkins-deploy-key" >> /var/lib/jenkins/.ssh/config | |
chown -R jenkins:nogroup /var/lib/jenkins/.ssh | |
echo -en "$YELLOW Adding Github to Jenkins user knownhosts$RESET" | |
su jenkins -c "ssh -T -oStrictHostKeyChecking=no git@github.com" >> $LOGFILE | |
echo -e "\r$GREEN Adding Github to Jenkins user knownhosts$RESET" | |
echo -e "$YELLOW Setting up deploy user$RESET" | |
adduser deploy | |
usermod -a -G sudo deploy | |
echo -e "\r$GREEN Setting up deploy user$RESET" | |
echo -e "$YELLOW Setup bash for jenkins and deploy user$RESET" | |
cp /root/.bashrc /var/lib/jenkins/ | |
cp /root/.bashrc /home/deploy/ | |
chown jenkins:nogroup /var/lib/jenkins/.bashrc | |
chown deploy:deploy /home/deploy/.bashrc | |
echo -e "\r$GREEN Setup bash for jenkins and deploy user$RESET" | |
echo -e "$GREEN Setting up SSH keys$RESET" | |
mkdir /home/deploy/.ssh | |
chown -R deploy:deploy /home/deploy/.ssh | |
echo -e "$CYAN Please transfer your local SSH key from your computer using the following command:$RESET" | |
echo -e "$CYAN scp ~/.ssh/id_rsa.pub deploy@$PUBLIC_IP:/home/deploy/.ssh$RESET" | |
echo -e "$CYAN Press [Enter] when complete$RESET" | |
read | |
mv /home/deploy/.ssh/id_rsa.pub /home/deploy/.ssh/authorized_keys | |
chown -R deploy:deploy /home/deploy/.ssh | |
chmod 700 /home/deploy/.ssh | |
chmod 600 /home/deploy/.ssh/authorized_keys | |
echo -en "$YELLOW Updating SSH config$RESET" | |
sudo sed -i -e 's/.*PasswordAuthentication.*/PasswordAuthentication no/g' /etc/ssh/sshd_config | |
sudo sed -i -e 's/.*PermitRootLogin.*/PermitRootLogin no/g' /etc/ssh/sshd_config | |
sudo service ssh restart >> $LOGFILE | |
echo -e "\r$GREEN Updating SSH config$RESET" | |
echo -en "$YELLOW Settiing up Iptables Firewall$RESET" | |
wget -q -O firewall $FIREWALL_RULES_GIST >> $LOGFILE | |
tar --strip-components=1 -xvzf firewall >> $LOGFILE | |
mv iptables.firewall.rules /etc/ | |
mv firewall /etc/network/if-pre-up.d/ | |
sudo iptables-restore < /etc/iptables.firewall.rules | |
sudo chmod +x /etc/network/if-pre-up.d/firewall | |
echo -e "\r$GREEN Settiing up Iptables Firewall$RESET" | |
echo -en "$YELLOW Installing fail2ban$RESET" | |
sudo apt-get install fail2ban -y >> $LOGFILE | |
echo -e "\r$GREEN Installing fail2ban$RESET" | |
echo -e "$CYAN ---Result--------------------------------$RESET" | |
echo -e "$CYAN --Jenkins CI URL$RESET" | |
echo "http://$PUBLIC_IP:8080" | |
echo -e "$CYAN --Rvm$RESET" | |
rvm -v | |
echo -e "$CYAN --Ruby$RESET" | |
ruby -v | |
echo -e "$CYAN --Postgresql$RESET" | |
psql -V | |
echo -e "$RED You will still need to enable trust authentication if you do not have a password on your deploy PG user" | |
echo -e "See: bit.ly/15G94xa$RESET" | |
echo -e "$CYAN --PhantomJS$RESET" | |
phantomjs -v | |
echo -e "$CYAN --Redis Server$RESET" | |
redis-server -v | |
echo -e "$CYAN --Users$RESET" | |
awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd | |
echo -e "$CYAN --Firewall Settings$RESET" | |
sudo iptables -L | |
echo -e "$CYAN --Jenkins SSH Key (Add this to github)$RESET" | |
cat /var/lib/jenkins/.ssh/jenkins-deploy-key.pub | |
echo -e "$CYAN --Github Plugin Service Hook URL$RESET" | |
echo "http://$PUBLIC_IP:8080/github-webhook/" |
This comment has been minimized.
This comment has been minimized.
@ariya awesome I did not even notice the update. I changed the script a bit so the version can be specified now instead. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
Get the up-to-date PhantomJS 1.9.1 please :)