Commit bb6c3ad5 authored by Dorota Czaplejewicz's avatar Dorota Czaplejewicz
Browse files

Silences or provides a way to silence warnings on a fresh install

parent 656f43cb
......@@ -3,8 +3,8 @@ Ansible playbooks for setting up the CI server
Installs Jenkins on a remote Debian system.
Requires
--------
Requires on host
----------------
- ansible (tested 2.4.2.0)
- ansible-galaxy
......@@ -15,15 +15,23 @@ Requires
$ ansible-galaxy install geerlingguy.jenkins geerlingguy.certbot
```
Setup
-----
Consifure
---------
Create `inventory.yml`. **Don't commit this file**, int contains site-specific config!
Running
-------
Deploy
------
```
$ ansible-playbook -i ./inventory.txt ./install_jenkins.yml
```
### From within Jenkins
-----------------------
Log in to the new instance and deal with security warnings:
- enable CSRF in config, select issuer, enable proxy compat
- disable CLI
- disable deprecated protocols (Java Web Start Agent Protocol/1 and /2) bu unchecking fields in Configure global security, Agents, Agent protocols
......@@ -21,6 +21,11 @@
certbot_create_standalone_stop_services:
- nginx
tasks:
- name: Configure Jenkins master-slave security
copy:
dest: /var/lib/jenkins/secrets/slave-to-master-security-kill-switch
content: false
notify: Restart jenkins
- name: Ensure nginx
apt: name=nginx state=present
notify: Restart nginx
......@@ -53,3 +58,5 @@
systemd: name=nginx state=restarted
- name: Reload nginx
systemd: name=nginx state=reloaded
- name: Restart jenkins
systemd: name=jenkins state=restarted
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment