diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d22930b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/home/bertrand/Pipeline-DevOps/1-vagrant-srv/.vagrant diff --git a/1-vagrant-srv/Vagrantfile b/1-vagrant-srv/Vagrantfile new file mode 100644 index 0000000..e9b8fbf --- /dev/null +++ b/1-vagrant-srv/Vagrantfile @@ -0,0 +1,83 @@ +# -*- mode: ruby -*- +# nano: set ft=ruby : + +Vagrant.configure("2") do |config| + # p1jenkins server + config.vm.define "p1jenkins-pipeline" do |p1jenkins| + p1jenkins.vm.box = "debian/buster64" + p1jenkins.vm.hostname = "p1jenkins-pipeline" + p1jenkins.vm.box_url = "debian/buster64" + p1jenkins.vm.network :private_network, ip: "192.168.56.2" + p1jenkins.vm.provider :virtualbox do |v| + v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] + v.customize ["modifyvm", :id, "--natdnsproxy1", "on"] + v.customize ["modifyvm", :id, "--memory", 3072] + v.customize ["modifyvm", :id, "--name", "p1jenkins-pipeline"] + v.customize ["modifyvm", :id, "--cpus", "2"] + end + config.vm.provision "shell", inline: <<-SHELL + sed -i 's/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config + service ssh restart + SHELL + p1jenkins.vm.provision "shell", path: "install_p1jenkins.sh" + end + + # serveur dev + config.vm.define "srvdev-pipeline" do |srvdev| + srvdev.vm.box = "debian/buster64" + srvdev.vm.hostname = "srvdev-pipeline" + srvdev.vm.box_url = "debian/buster64" + srvdev.vm.network :private_network, ip: "192.168.56.3" + srvdev.vm.provider :virtualbox do |v| + v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] + v.customize ["modifyvm", :id, "--natdnsproxy1", "on"] + v.customize ["modifyvm", :id, "--memory", 512] + v.customize ["modifyvm", :id, "--name", "srvdev-pipeline"] + v.customize ["modifyvm", :id, "--cpus", "1"] + end + config.vm.provision "shell", inline: <<-SHELL + sed -i 's/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config + service ssh restart + SHELL + end + + # serveur stage/recette + config.vm.define "srvstage-pipeline" do |srvstage| + srvstage.vm.box = "debian/buster64" + srvstage.vm.hostname = "srvstage-pipeline" + srvstage.vm.box_url = "debian/buster64" + srvstage.vm.network :private_network, ip: "192.168.56.7" + srvstage.vm.provider :virtualbox do |v| + v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] + v.customize ["modifyvm", :id, "--natdnsproxy1", "on"] + v.customize ["modifyvm", :id, "--memory", 512] + v.customize ["modifyvm", :id, "--name", "srvstage-pipeline"] + v.customize ["modifyvm", :id, "--cpus", "1"] + end + config.vm.provision "shell", inline: <<-SHELL + sed -i 's/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config + service ssh restart + SHELL + end + + # serveur prod + config.vm.define "srvprod-pipeline" do |srvprod| + srvprod.vm.box = "debian/buster64" + srvprod.vm.hostname = "srvprod-pipeline" + srvprod.vm.box_url = "debian/buster64" + srvprod.vm.network :private_network, ip: "192.168.56.4" + srvprod.vm.provider :virtualbox do |v| + v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] + v.customize ["modifyvm", :id, "--natdnsproxy1", "on"] + v.customize ["modifyvm", :id, "--memory", 512] + v.customize ["modifyvm", :id, "--name", "srvprod-pipeline"] + v.customize ["modifyvm", :id, "--cpus", "1"] + end + config.vm.provision "shell", inline: <<-SHELL + sed -i 's/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config + service ssh restart + SHELL + end + +end + diff --git a/1-vagrant-srv/install_p1jenkins.sh b/1-vagrant-srv/install_p1jenkins.sh new file mode 100644 index 0000000..049b922 --- /dev/null +++ b/1-vagrant-srv/install_p1jenkins.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +## install p1jenkins + +export DEBIAN_FRONTEND=noninteractive + +IP=$(hostname -I | awk '{print $2}') + +echo "START - install jenkins - "$IP + +echo "[1]: install utils & ansible" +apt-get update -qq >/dev/null # -qq = quiet // >/dev/null = renvoie les erreurs vers null +apt-get install -qq -y git sshpass wget ansible gnupg2 curl >/dev/null + + +echo "[2]: install java & jenkins" +wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add - +sudo sh -c 'echo deb https://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list' +apt-get update -qq >/dev/null +apt-get install -qq -y default-jre jenkins >/dev/null +systemctl enable jenkins +systemctl start jenkins + + +echo "[2]: ansible custom" +sed -i 's/.*pipelining.*/pipelining = True/' /etc/ansible/ansible.cfg +sed -i 's/.*allow_world_readable_tmpfiles.*/allow_world_readable_tmpfiles = True/' /etc/ansible/ansible.cfg + +echo "[3]: install docker & docker-composer" +curl -fsSL https://get.docker.com | sh; >/dev/null +usermod -aG docker jenkins # authorize docker for jenkins user +curl -sL "https://github.com/docker/compose/releases/download/2.6.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose +chmod +x /usr/local/bin/docker-compose + +echo "[4]: use registry without ssl" +echo " +{ + \"insecure-registries\" : [\"192.168.5.5:5000\"] +} +" >/etc/docker/daemon.json +systemctl daemon-reload +systemctl restart docker + +echo "END - install jenkins" +