jenkins.nomad (4014B)
1 job "jenkins" { 2 datacenters = ["dc1"] 3 4 vault {} 5 6 group "server" { 7 count = 1 8 9 volume "tls" { 10 type = "csi" 11 source = "certbot" 12 access_mode = "multi-node-multi-writer" 13 attachment_mode = "file-system" 14 } 15 volume "jenkins" { 16 type = "csi" 17 source = "jenkins" 18 access_mode = "multi-node-multi-writer" 19 attachment_mode = "file-system" 20 } 21 22 network { 23 port "jenkins" { 24 to = 8080 25 } 26 port "jnlp" { 27 to = 50000 28 } 29 port "https" { 30 static = 44401 31 } 32 } 33 34 # Install jenkins plugins 35 # https://www.jenkins.io/doc/book/installing/docker 36 task "install-jenkins-plugins" { 37 driver = "podman" 38 39 volume_mount { 40 volume = "jenkins" 41 destination = "/var/jenkins_home" 42 } 43 44 config { 45 image = "docker.io/jenkins/jenkins:lts-jdk21" 46 force_pull = true 47 command = "jenkins-plugin-cli" 48 args = [ 49 "--plugins", 50 "blueocean", 51 "configuration-as-code", 52 "git", 53 # https://issues.jenkins.io/browse/JENKINS-75542 54 "eddsa-api", 55 "hashicorp-vault-plugin", 56 "nomad", 57 "pipeline-utility-steps", 58 "docker-workflow", # spawn Jenkins agents in Nomad jobs 59 #"docker-plugin", # spawn Jenkins agents in Docker containers 60 "theme-manager", 61 "dark-theme", 62 "customizable-header", 63 "login-theme", 64 "--plugin-download-directory", 65 "/var/jenkins_home/plugins", 66 ] 67 } 68 69 resources { 70 memory = 512 71 memory_max = 1024 72 cpu = 300 73 } 74 75 lifecycle { 76 hook = "prestart" 77 sidecar = false 78 } 79 } 80 81 task "jenkins" { 82 driver = "podman" 83 84 template { 85 # https://github.com/GastroGee/jenkins-nomad/blob/main/jenkins-controller/nomad.yaml 86 destination = "${NOMAD_TASK_DIR}/jenkins.yaml" 87 data = file("./templates/jenkins.yaml.tmpl") 88 } 89 90 env { 91 JAVA_OPTS = "-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false -Dorg.apache.commons.jelly.tags.fmt.timeZone=Europe/Zurich -Dhudson.model.UsageStatistics.disabled=true -Dorg.jenkinsci.plugins.durabletask.BourneShellScript.LAUNCH_DIAGNOSTICS=true" 92 } 93 94 config { 95 image = "docker.io/jenkins/jenkins:lts-jdk21" 96 force_pull = true 97 ports = ["jenkins", "jnlp"] 98 volumes = [ 99 # mount the templated config from the task directory to the container 100 "local/jenkins.yaml:/var/jenkins_home/jenkins.yaml", 101 # mount the Nomad server truststore 102 "/home/jenkins/nomad-agent-ca.p12:/etc/ssl/certs/nomad-agent-ca.p12", 103 # Required to test the functionality of the socket in the settings on 104 # the Jenkins controller (only for Docker cloud, docker-plugin) 105 # https://jenkins.in0rdr.ch/manage/cloud/docker/configure 106 #"/run/user/1312/podman/podman.sock:/home/jenkins/agent/podman.sock" 107 ] 108 } 109 110 volume_mount { 111 volume = "jenkins" 112 destination = "/var/jenkins_home" 113 } 114 115 resources { 116 # https://www.jenkins.io/doc/book/installing/docker/#prerequisites 117 memory = 1024 118 memory_max = 2048 119 cpu = 500 120 } 121 } 122 123 task "nginx" { 124 driver = "podman" 125 126 config { 127 image = "docker.io/library/nginx:stable-alpine" 128 force_pull = true 129 ports = ["https"] 130 volumes = [ 131 # mount the templated config from the task directory to the container 132 "local/jenkins.conf:/etc/nginx/conf.d/jenkins.conf", 133 ] 134 } 135 136 volume_mount { 137 volume = "tls" 138 destination = "/etc/letsencrypt" 139 } 140 141 template { 142 destination = "${NOMAD_TASK_DIR}/jenkins.conf" 143 data = file("./templates/nginx.conf.tmpl") 144 } 145 146 resources { 147 memory = 50 148 memory_max = 256 149 cpu = 200 150 } 151 } 152 } 153 }