--- /dev/null
+---
+
+jenkins_lts: true
+jenkins_dependencies:
+ - fontconfig
+ - openjdk-17-jre
+jenkins_plugins:
+ - active-directory
+ - ansicolor
+ - authentication-tokens
+ - build-keeper-plugin
+ - build-timeout
+ - checks-api
+ - command-launcher
+ - conditional-buildstep
+ - config-file-provider
+ - copyartifact
+ - coverage
+ - credentials
+ - dark-theme
+ - dashboard-view
+ - email-ext
+ - envinject
+ - environment-script
+ - excludeMatrixParent
+ - extended-read-permission
+ - external-monitor-job
+ - gerrit-checks-api
+ - git
+ - git-server
+ - github
+ - github-api
+ - groovy
+ - htmlpublisher
+ - image-gallery
+ - instance-identity
+ - ircbot
+ - javax-mail-api
+ - jdk-tool
+ - jobConfigHistory
+ - job-dsl
+ - junit
+ - ldap
+ - libvirt-slave
+ - mapdb-api
+ - matrix-project
+ - metrics
+ - monitoring
+ - parameterized-trigger
+ - permissive-script-security
+ - pipeline-github-lib
+ - pipeline-graph-view
+ - 'pipeline-groovy-lib' # Replaces workflow-cps
+ - pipeline-model-definition
+ - pipeline-rest-api
+ - pipeline-utility-steps
+ - plot
+ - postbuildscript
+ - PrioritySorter
+ - proc-cleaner-plugin
+ - promoted-builds
+ - publish-over-ssh
+ - purge-build-queue-plugin
+ - script-security
+ - simple-theme-plugin
+ - solarized-theme
+ - ssh-slaves
+ - tap
+ - throttle-concurrents
+ - timestamper
+ - versioncolumn
+ - warnings-ng
+ - workflow-aggregator
+ - workflow-api
+ - workflow-basic-steps
+ - workflow-job
+ - ws-cleanup
+jenkins_restart_on_change: false
--- /dev/null
+---
+- name: Systemd daemon-reload
+ ansible.builtin.systemd:
+ daemon_reload: true
+
+- name: Request Jenkins restart
+ when: jenkins_restart_on_change|default(false)
+ community.general.jenkins_script:
+ script: |
+ import jenkins.model.*
+ Jenkins.instance.safeRestart("Changes during Ansible run")
+ url: "{{jenkins_url|default('http://localhost:8080')}}"
+ user: "{{jenkins_url_username|default(lookup('community.general.bitwarden', '5b6f7c60-26ec-4066-8bd0-b05000de8c24', search='id', field='username')[0])}}"
+ password: "{{jenkins_url_password|default(lookup('community.general.bitwarden', '5b6f7c60-26ec-4066-8bd0-b05000de8c24', search='id', field='password')[0])}}"
+
--- /dev/null
+---
+
+- name: Install Jenkins keyring
+ ansible.builtin.get_url:
+ url: 'https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key'
+ dest: '/usr/share/keyrings/jenkins-keyring.asc'
+- name: Add Jenkins stable apt repository
+ ansible.builtin.apt_repository:
+ repo: "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] https://pkg.jenkins.io/debian{{'-stable' if jenkins_lts else ''}} binary/"
+- name: Install Jenkins depencies
+ ansible.builtin.package:
+ name: "{{jenkins_dependencies}}"
+- name: Install Jenkins
+ ansible.builtin.package:
+ name:
+ - jenkins
+- name: Add service override folder
+ ansible.builtin.file:
+ state: 'directory'
+ dest: '/etc/systemd/system/jenkins.service.d'
+ owner: 'root'
+ group: 'root'
+ mode: '0755'
+- name: Add service override
+ when: jenkins_systemd_service_override|default(false)
+ ansible.builtin.copy:
+ dest: '/etc/systemd/system/jenkins.service.d/override.conf'
+ content: "{{jenkins_systemd_service_override}}"
+ owner: 'root'
+ group: 'root'
+ mode: '0644'
+ notify:
+ - Systemd daemon-reload
+ - Request Jenkins restart
+- name: Jenkins service
+ ansible.builtin.service:
+ name: jenkins
+ enabled: true
+ state: started
+- name: Jenkins plugin
+ community.general.jenkins_plugin:
+ name: "{{item}}"
+ state: "{{item.state|default('present')}}"
+ url: "{{jenkins_url|default('http://localhost:8080')}}"
+ url_username: "{{jenkins_url_username}}"
+ url_password: "{{jenkins_url_password}}"
+ loop: "{{jenkins_plugins}}"
+ notify:
+ - Request Jenkins restart
+ tags:
+ - slow