jenkins.nomad (4063B)
1 job "jenkins" { 2 datacenters = ["dc1"] 3 4 vault {} 5 6 group "server" { 7 count = 1 8 9 volume "tls" { 10 type = "csi" 11 source = "certbot" 12 access_mode = "multi-node-multi-writer" 13 attachment_mode = "file-system" 14 } 15 volume "jenkins" { 16 type = "csi" 17 source = "jenkins" 18 access_mode = "multi-node-multi-writer" 19 attachment_mode = "file-system" 20 } 21 22 network { 23 port "jenkins" { 24 to = 8080 25 } 26 port "jnlp" { 27 to = 50000 28 } 29 port "https" { 30 static = 44401 31 } 32 } 33 34 # Install jenkins plugins 35 # https://www.jenkins.io/doc/book/installing/docker 36 task "install-jenkins-plugins" { 37 driver = "podman" 38 39 volume_mount { 40 volume = "jenkins" 41 destination = "/var/jenkins_home" 42 } 43 44 config { 45 image = "docker.io/jenkins/jenkins:lts-jdk21" 46 force_pull = true 47 command = "jenkins-plugin-cli" 48 args = [ 49 "--plugins", 50 "blueocean", 51 "configuration-as-code", 52 "git", 53 # https://issues.jenkins.io/browse/JENKINS-75542 54 "eddsa-api", 55 "hashicorp-vault-plugin", 56 "nomad", 57 "pipeline-utility-steps", 58 "docker-workflow", # spawn Jenkins agents in Nomad jobs 59 #"docker-plugin", # spawn Jenkins agents in Docker containers 60 "theme-manager", 61 "dark-theme", 62 "customizable-header", 63 "login-theme", 64 "--plugin-download-directory", 65 "/var/jenkins_home/plugins", 66 ] 67 } 68 69 resources { 70 memory = 512 71 memory_max = 1024 72 cpu = 300 73 } 74 75 lifecycle { 76 hook = "prestart" 77 sidecar = false 78 } 79 } 80 81 task "jenkins" { 82 driver = "podman" 83 84 template { 85 # https://github.com/GastroGee/jenkins-nomad/blob/main/jenkins-controller/nomad.yaml 86 destination = "${NOMAD_TASK_DIR}/jenkins.yaml" 87 data = file("./templates/jenkins.yaml.tmpl") 88 } 89 90 env { 91 JAVA_OPTS = "-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false -Dorg.apache.commons.jelly.tags.fmt.timeZone=Europe/Zurich -Dhudson.model.UsageStatistics.disabled=true -Dorg.jenkinsci.plugins.durabletask.BourneShellScript.LAUNCH_DIAGNOSTICS=true" 92 REMOTING_VERSION = "3327.v868139a_d00e0" 93 } 94 95 config { 96 image = "docker.io/jenkins/jenkins:lts-jdk21" 97 force_pull = true 98 ports = ["jenkins", "jnlp"] 99 volumes = [ 100 # mount the templated config from the task directory to the container 101 "local/jenkins.yaml:/var/jenkins_home/jenkins.yaml", 102 # mount the Nomad server truststore 103 "/home/jenkins/nomad-agent-ca.p12:/etc/ssl/certs/nomad-agent-ca.p12", 104 # Required to test the functionality of the socket in the settings on 105 # the Jenkins controller (only for Docker cloud, docker-plugin) 106 # https://jenkins.in0rdr.ch/manage/cloud/docker/configure 107 #"/run/user/1312/podman/podman.sock:/home/jenkins/agent/podman.sock" 108 ] 109 } 110 111 volume_mount { 112 volume = "jenkins" 113 destination = "/var/jenkins_home" 114 } 115 116 resources { 117 # https://www.jenkins.io/doc/book/installing/docker/#prerequisites 118 memory = 1024 119 memory_max = 2048 120 cpu = 500 121 } 122 } 123 124 task "nginx" { 125 driver = "podman" 126 127 config { 128 image = "docker.io/library/nginx:stable-alpine" 129 force_pull = true 130 ports = ["https"] 131 volumes = [ 132 # mount the templated config from the task directory to the container 133 "local/jenkins.conf:/etc/nginx/conf.d/jenkins.conf", 134 ] 135 } 136 137 volume_mount { 138 volume = "tls" 139 destination = "/etc/letsencrypt" 140 } 141 142 template { 143 destination = "${NOMAD_TASK_DIR}/jenkins.conf" 144 data = file("./templates/nginx.conf.tmpl") 145 } 146 147 resources { 148 memory = 50 149 memory_max = 256 150 cpu = 200 151 } 152 } 153 } 154 }