Ad meliora

Sep 22, 2021

Running a jenkins server in DigitalOcean

At work, I started playing with Azure. It is so different to AWS. More on that in subsequent posts.

We are supposed to set up a CI/CD pipeline with Jenkins as the build tool instead of Azure. The reason for that is to deploy Azure functions, the equivalent to AWS Lambda.

So I am not familiar with Jenkins. I then decided to set up Jenkins on DigitalOcean. The reason being is that DigitalOcean is my preferred Cloud prvoider for any hands-on devops work.

The steps assume that you have already followed these instructions and these instructions. The steps that I took are as follows:

  1. Upgrade everything. For me, that means running a script. The script, aptly named upgrade.sh is shown below.

    #!/bin/bash

    echo "Upgrading"

    sudo DEBIAN_FRONTEND=noninteractive apt-get -yq update

    sudo DEBIAN_FRONTEND=noninteractive apt-get -yq dist-upgrade

    echo "Cleaning up"

    sudo apt-get -yf install && sudo apt-get -y autoremove && sudo apt-get -y autoclean && sudo apt-get -y clean

  2. Install jenkins key

    wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add -

  3. Install the apt repository

    sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'

  4. Run (1)

  5. Install jre and jdk. They have to be installed before installing jenkins because jenkins depends on them to run.

    sudo apt install default-jre

    sudo apt install default-jdk

  6. Install jenkins.

    sudo apt install jenkins

  7. Start the jenkins server and allow jenkins into the firewall(ufw). The default port for jenkins is port 8080.

    sudo systemctl start jenkins

    sudo systemctl status jenkins

    sudo ufw allow 8080

    sudo ufw status

  8. Go the browser http://localhost.com:8080. Follow in the instructions in the Setup wizard and Plugins and Admin user. The url for the instance can be found here

    grep jenkinsUrl /var/lib/jenkins/*.xml

So Jenkins is setup. But it is on a http endpoint, instead of https. I wanted to set up the jenkins instance on the same droplet that hosts this website and set it up with a https endpoint. To do this, I followed this steps below:

  1. Set up a different sub-domain by following these instructions. Apparently I thought I needed to add a CNAME record. That is not needed.

  2. Create a new domain file.

    sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com

  3. Modify the domain file to look like this

    server {

    access_log /var/log/nginx/jenkins.access.log;

    error_log /var/log/nginx/jenkins.error.log;

    location / {

    include /etc/nginx/proxy_params;

    proxy_pass http://locahost:8080;

    proxy_read_timeout 90s;

    proxy_redirect http://localhost:8080 https://example.com;

    }

    }

  4. Run the config test.

    sudo nginx -t

  5. Link the domain file in sites-available to sites-enabled. It needs to be done to allow nginx to load your config

    sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled

  6. Modify the JENKINS_ARGS in /etc/default/jenkins file to look like below:

    JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=127.0.0.1"

  7. Modify the url for the jenkins instance by modifying the jenkinsUrl in the file /var/lib/jenkins/jenkins.model.JenkinsLocationConfiguration.xml to look like this:

    <jenkinsUrl>http://127.0.0.1:8080/</jenkinsUrl>

  8. Run the certbot program and enter 1 when prompted.

    sudo certbox --nginx -d example.com

posted at 14:52  ·   ·  publishing