diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-04-19 22:42:52 +0200 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-04-19 22:42:52 +0200 |
| commit | 6f509903cc368562652ca21f62669c87617c3f93 (patch) | |
| tree | d69c8bd8bc08cac361580b714fef56c77939ba7b | |
| parent | Add ntp profile. (diff) | |
| download | profiles-6f509903cc368562652ca21f62669c87617c3f93.tar.gz profiles-6f509903cc368562652ca21f62669c87617c3f93.tar.xz | |
Add profile jenkins.
| -rw-r--r-- | manifests/jenkins.pp | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/manifests/jenkins.pp b/manifests/jenkins.pp new file mode 100644 index 0000000..f8432b3 --- /dev/null +++ b/manifests/jenkins.pp @@ -0,0 +1,50 @@ +# https://www.jenkins.io/doc/book/system-administration/reverse-proxy-configuration-with-jenkins/reverse-proxy-configuration-nginx/ +class profiles::jenkins ( + String $server_name, + Stdlib::Port $jenkins_port = 8090, +) { + include ::nginx + include ::profiles::certificate + + letsencrypt::domain { $server_name: + cert_name => $profiles::certificate::cert_name, + } + + nginx::resource::server { $server_name: + ipv6_enable => true, + ipv6_listen_options => true, + www_root => '/var/run/jenkins/war/', + use_default_location => false, + access_log => absent, + error_log => absent, + * => letsencrypt::conf::nginx($server_name), + } + + if $facts['letsencrypt_directory'][$server_name] { + nginx::resource::location { + default: + ; + 'jenkins static': + location => '~ "^/static/[0-9a-fA-F]{8}\/(.*)$"', + rewrite => '"^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last', + ; + 'jenkins /userContent': + root => '/var/lib/jenkins/', + sendfile => 'off', + raw_append => @(EOF) + if (!-f $request_filename) { + rewrite (.*) /$1 last; + break; + } + | EOF + ; + 'jenkins /': + location => '/', + proxy => "http://[::]:${jenkins_port}", + index_files => [], + ssl => true, + ssl_only => true, + server => $server_name, + } + } +} |