This repository contains a working example of a Jenkins server set up to manage a Drupal multisite installation on a separate server.

Prerequisites:

• Install Docker

Guide:

1. Run docker-compose up -d
2. Run docker exec --tty drupal-jenkins bash -c /etc/ansible/playbook/scripts/run-playbook.sh

After the playbook completes, visit http://localhost/. The default login is admin:admin.

For production, this project uses Ansible Vault to store an encrypted copy of the Jenkins admin password (so even developers with access to this repository would still not be able to access the Jenkins super administrator account unless you explicitly give them access!).

In this example, we'll install Jenkins on a DigitalOcean Droplet (a VPS), but you can use this playbook anywhere that hosts VPSes—Linode, AWS EC2, Hertzner, etc.

Prerequisites:

• Install Ansible
• Set up your Ansible Vault secrets:
  1. Create a file at ~/.ansible/drupal-jenkins-vault-password.txt and put in a unique, random, securely-generated password (e.g. MZjDUcMsUeKpq9vaXoCyYDwFNrMF3E).
  2. Run the command: ansible-vault create vars/secrets.yml --vault-password-file=~/.ansible/drupal-jenkins-vault-password.txt, and save the file that is generated (it's okay if it's empty right now).

Guide:

1. Create a VPS somewhere to which you have root SSH access; choose Ubuntu 16.04 for the OS.

2. Create an prod inventory file (e.g. inventory/prod) containing the IP address or domain name of the VPS:

   [jenkins]
   drupal-jenkins-multisite.example.com
   
   [jenkins:vars]
   ansible_ssh_user=root
   

3. Edit the vars/secrets.yml file (with the same command as earlier, but with edit instead of create), and add the following:

   jenkins_admin_password: [generate a secure random password]
   nginx_proxy_vhostname: "drupal-jenkins-multisite.example.com"
   certbot_admin_email: https@example.com
   certbot_certs:
     - email: "https@example.com"
       domains:
         - "{{ nginx_proxy_vhostname }}"
   

4. Install dependencies: ansible-galaxy install -r requirements.yml

5. Run the command: ansible-playbook -i inventory/prod main.yml --vault-password-file=~/.ansible/drupal-jenkins-vault-password.txt --extra-vars "{certbot_create_standalone_stop_services: []}"

After the playbook completes, you should be able to access the Jenkins server at the IP address or hostname of the server (e.g. https://drupal-jenkins-multisite.jeffgeerling.com/ in the example above).

Note: In the future, run the same ansible-playbook command to update the server or update configurations—but leave off the --extra-vars (that setting is only necessary on the first run).

BSD / MIT

This repository was created in 2018 by Jeff Geerling in support of the MidCamp 2018 session Jenkins or: How I learned to stop worrying and love automation.