diff options
Diffstat (limited to 'group_vars/jenkins_master')
| -rw-r--r-- | group_vars/jenkins_master | 31 |
1 files changed, 25 insertions, 6 deletions
diff --git a/group_vars/jenkins_master b/group_vars/jenkins_master index 171b7582..f4195183 100644 --- a/group_vars/jenkins_master +++ b/group_vars/jenkins_master @@ -2,12 +2,20 @@ hostname: "{{inventory_hostname}}" apache_user: www-data apache_modules: - - ssl - proxy - proxy_http - rewrite -ssl_cert: /etc/letsencrypt/live/{{hostname}}/fullchain.pem -ssl_key: /etc/letsencrypt/live/{{hostname}}/privkey.pem + +ssl_cert: /etc/dehydrated/certs/{{inventory_hostname}}/fullchain.pem +ssl_key: /etc/dehydrated/certs/{{inventory_hostname}}/privkey.pem +ssl_ca: "{{ssl_cert}}" + +dehydrated_http_domains: + - "{{inventory_hostname}}" +dehydrated_dns_domains: [] +dehydrated_domains_txt: | + {{inventory_hostname}} + # Firewall @@ -16,11 +24,18 @@ ufw_open_ports: - 80 - 443 - 3128 - - 2222 - - 2020 # tcwg-ssh-proxy - - 50000 + +ufw_open_docker_ports: + - "0.0.0.0/0:2020"# tcwg-ssh-proxy + - "0.0.0.0/0:2222" + - "0.0.0.0/0:2223" + - "0.0.0.0/0:2376" + - "0.0.0.0/0:8080" + - "0.0.0.0/0:50000" # Docker +docker_host: true + jenkins_master_image: 'linaro/ci-x86_64-jenkins-master-debian:lts' jenkins_master_container_name: 'jenkins' jenkins_master_data_container_name: 'jenkins_data' @@ -31,6 +46,8 @@ jenkins_master_slaves_port: '2233' jenkins_master_sshd_port: '2222' jenkins_jnlp_port: '50000' +jenkins_java_opts: "-server -Xmx8192m -XX:+AlwaysPreTouch -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/log/jenkins/heapdump.log -XX:+UseG1GC -XX:+UseStringDeduplication -XX:+ParallelRefProcEnabled -XX:+ExplicitGCInvokesConcurrent -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1 -XX:MaxMetaspaceExpansion=64M -Djenkins.model.Jenkins.logStartupPerformance=true -Djava.awt.headless=true -Dhudson.slaves.WorkspaceList='_' -Dhudson.model.ParametersAction.keepUndefinedParameters=true -Dorg.jenkinsci.plugins.gitclient.Git.timeOut=30 -Dorg.eclipse.jetty.server.Request.maxFormContentSize=1000000" + login_groups: - systems - team-builds-and-baselines @@ -39,7 +56,9 @@ sudo_groups: - systems - users +nfs_client_group: "jenkins_slaves_hetzner" nfs_exports: - name: "buildslave" path: "/var/data/nfs" options: "(rw,sync,no_subtree_check,no_root_squash)" + cleanup: "find /var/data/nfs/oe -not -path /var/data/nfs/oe/downloads -atime +40 -delete" |