matt/jenkinsfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init commit

Browse Source
This commit is contained in:
phermeys
2025-09-14 14:33:41 -07:00
commit ed077e7ba0
25 changed files with 2204 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
Jenkinsfile.behemoth_containers Normal file
View File

@ -0,0 +1,58 @@
pipeline {
agent any
environment {
ANSIBLE_FORCE_COLOR = '1'
host_ip = "172.25.1.15"
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${env.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${env.host_ip}
hash=\$(echo -n ${env.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/behemoth-containers.yaml --ssh-common-args='-o StrictHostKeyChecking=no'
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${env.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

70
Jenkinsfile.cd-to-iso Normal file
View File

@ -0,0 +1,70 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
booleanParam(name: 'eject_drive', defaultValue: false, description: 'Check this option to eject disk at appropriate times')
booleanParam(name: 'create_iso', defaultValue: false, description: 'Check this option to perform the extraction, leave unchecked for a test run')
string(name: 'disk_drive', defaultValue: '/dev/sr0', description: 'Local DVD Drive device path')
string(name: 'destination_path', defaultValue: '/mnt', description: 'Path to store ISO files')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cd-to-iso.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "disk_drive=${params.disk_drive} eject_drive=${params.eject_drive} \
destination_path=${params.destination_path} create_iso=${params.create_iso}"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

72
Jenkinsfile.cifs-mount Normal file
View File

@ -0,0 +1,72 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'server_path', defaultValue: '//server/share', description: 'SMB Share Path')
string(name: 'target_path', defaultValue: '/folder/share', description: 'Target folder for mounting')
choice(name: 'cifs_choice', choices: ['TERRA_BEHEMOTH_SMB'], description: 'Choose stored server credentials here')
// booleanParam(name: 'validate_share', defaultValue: false, description: 'Check this option to test the share first')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
CIFS_CREDENTIALS = credentials("${params.cifs_choice}")
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cifs-mount.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "CIFS_USERNAME=${env.CIFS_CREDENTIALS_USR} CIFS_PASSWORD=${env.CIFS_CREDENTIALS_PSW} \
server_path=${params.server_path} target_path=${params.target_path} validate_share=${params.validate_share} \
CIFS_CREDENTIALS=${env.CIFS_CREDENTIALS} CIFS_CHOICE=${params.cifs_choice}"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

85
Jenkinsfile.cosmos-base Normal file
View File

@ -0,0 +1,85 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'new_hostname', description: 'Update Hostname')
// reference for later
// choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to')
booleanParam(name: 'rename_host', defaultValue: true, description: 'When checked hostname will be renamed')
booleanParam(name: 'config_matt', defaultValue: true, description: 'config matt profile')
booleanParam(name: 'install_LDAP', defaultValue: false, description: 'install LDAP')
booleanParam(name: 'remove_default_vpn', defaultValue: true, description: 'Remove default OpenVPN profile')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
APPS_LIST = 'cosmos-base'
LINUX_LDAP_PWD = credentials('LINUX_LDAP')
MATT_PASSWORD = credentials('MATT_PASSWORD')
matt_public_key = credentials('matt_public_key')
matt_private_key = credentials('matt_private_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cosmos-base.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=${params.new_hostname}.home.cosmos saturn_behemoth=${env.SATURN_BEHEMOTH} rename_host=${params.rename_host} \
reboot_host=${params.reboot_host} config_matt=${params.config_matt} docker_full=true \
kde_full=true apps_list=${env.APPS_LIST} linux_ldap_pwd=${env.LINUX_LDAP_PWD} \
install_LDAP=${params.install_LDAP} MATT_PASSWORD=${env.MATT_PASSWORD} remove_default_vpn=${params.remove_default_vpn} \
matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

85
Jenkinsfile.cosmos-console Normal file
View File

@ -0,0 +1,85 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'new_hostname', description: 'Update Hostname')
booleanParam(name: 'rename_endpoint', defaultValue: true, description: 'Uncheck to skip renaming of endpoint')
// reference for later
// choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to')
choice(name: 'console_type', choices: ['game boy', 'snes', 'n64'], description: 'Choose special server install if desired')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
APPS_LIST = 'cosmos-base'
LINUX_LDAP_PWD = credentials('LINUX_LDAP')
pxe_proxy_password = credentials('pxe_proxy_password')
PXE_API_KEY = credentials('PXE_API_KEY')
matt_public_key = credentials('matt_public_key')
matt_private_key = credentials('matt_private_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cosmos-console.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=${params.new_hostname}.home.cosmos saturn_behemoth=${SATURN_BEHEMOTH} \
docker_full=false rename_host=${params.rename_endpoint} \
linux_ldap_pwd=${LINUX_LDAP_PWD} install_docker=false \
install_LDAP=false console_type=${params.console_type} \
refresh_special=${params.refresh_special} pxe_proxy_password=${pxe_proxy_password} \
PXE_API_KEY=${PXE_API_KEY} \
matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

63
Jenkinsfile.cosmos-nvidia Normal file
View File

@ -0,0 +1,63 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cosmos-nvidia.yaml --ssh-common-args='-o StrictHostKeyChecking=no'
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

77
Jenkinsfile.cosmos-public Normal file
View File

@ -0,0 +1,77 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'new_hostname', description: 'Update Hostname')
// reference for later
// choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to')
booleanParam(name: 'rename_host', defaultValue: true, description: 'When checked hostname will be renamed')
string(name: 'local_username', description: 'New local username for public account')
booleanParam(name: 'reset_user', defaultValue: false, description: 'When checked local user will be purged')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
APPS_LIST = 'cosmos-public'
matt_public_key = credentials('matt_public_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cosmos-public.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=${params.new_hostname} rename_host=${params.rename_host} reboot_host=${params.reboot_host} \
local_username=${params.local_username} kde_full=false apps_list=${APPS_LIST} docker_full=true \
reset_user=${params.reset_user} public_deploy=true matt_public_key='${env.matt_public_key}'\
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

155
Jenkinsfile.cosmos-server Normal file
View File

@ -0,0 +1,155 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'new_hostname', description: 'Update Hostname')
booleanParam(name: 'rename_endpoint', defaultValue: true, description: 'Uncheck to skip renaming of endpoint')
booleanParam(name: 'add_domain', defaultValue: true, description: 'When checked hostname will have home.cosmos appended')
// reference for later
// choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to')
booleanParam(name: 'install_docker', defaultValue: true, description: 'When checked docker packages are installed and portainer started on 9100')
booleanParam(name: 'install_LDAP', defaultValue: false, description: 'When checked LDAP integration is installed with NSLCD')
choice(name: 'special_server', choices: ['none', 'Octoprint', 'Kodi', 'Timelapse', 'Build ISO', 'Jenkins VPN', 'Net Bridge', 'Carputer', 'VCR Capture'], description: 'Choose special server install if desired')
booleanParam(name: 'refresh_special', defaultValue: false, description: 'When checked only the special server step is run')
booleanParam(name: 'no_vpn', defaultValue: false, description: 'Check this option to remove default cosmos VPN')
booleanParam(name: 'public_deploy', defaultValue: true, description: 'Uncheck this option to deploy private SSH key')
booleanParam(name: 'onboard_pi', defaultValue: false, description: 'Check this option to onboard a new FriendlyElec Device')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
APPS_LIST = 'cosmos-base'
LINUX_LDAP_PWD = credentials('LINUX_LDAP')
pxe_proxy_password = credentials('pxe_proxy_password')
PXE_API_KEY = credentials('PXE_API_KEY')
matt_public_key = credentials('matt_public_key')
matt_private_key = credentials('matt_private_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
jenkins_public_key = credentials('jenkins_public_key')
tesla_api_key = credentials('tesla_api_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Inject Auth Key') {
when {
expression { params.onboard_pi }
}
steps {
script{
// clear ssh keys
echo "Target IP: ${params.host_ip}"
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
}
script{
sh """
echo Copy public key to pi home dir
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo ${env.jenkins_public_key} > /home/pi/authorized_keys"
"""
}
script{
sh """
echo Make sure /root/.ssh exists
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mkdir -p /root/.ssh/"
"""
}
script{
sh """
echo Move public key to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mv /home/pi/authorized_keys /root/.ssh/authorized_keys"
"""
}
script{
sh """
echo Restrict permissions on file
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chmod -R 600 /root/.ssh/"
"""
}
script{
sh """
echo Set owner to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chown -R root:root /root/.ssh/"
"""
}
}
}
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cosmos-server.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=${params.new_hostname} saturn_behemoth=${SATURN_BEHEMOTH} \
docker_full=false rename_host=${params.rename_endpoint} onboard_pi=${params.onboard_pi} \
linux_ldap_pwd=${LINUX_LDAP_PWD} install_docker=${params.install_docker} \
install_LDAP=${params.install_LDAP} special_server='${params.special_server}' \
refresh_special=${params.refresh_special} pxe_proxy_password=${pxe_proxy_password} \
PXE_API_KEY=${PXE_API_KEY} no_vpn=${params.no_vpn} add_domain=${params.add_domain} \
matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \
tesla_api_key='${tesla_api_key}' public_deploy=${params.public_deploy}"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

133
Jenkinsfile.deb_init Normal file
View File

@ -0,0 +1,133 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'admin_username', defaultValue: 'pi', description: 'Admin Username')
password(name: 'admin_password', defaultValue: 'pi', description: 'Admin Password')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
jenkins_public_key = credentials('jenkins_public_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Inject Auth Key') {
steps {
script{
// clear ssh keys
echo "Target IP: ${params.host_ip}"
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Copy public key to pi home dir
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${env.jenkins_public_key} > /home/${params.admin_username}/authorized_keys"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Make sure /root/.ssh exists
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mkdir -p /root/.ssh/"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Move public key to root
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mv /home/${params.admin_username}/authorized_keys /root/.ssh/authorized_keys"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Restrict permissions on file
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chmod -R 600 /root/.ssh/"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Set owner to root
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chown -R root:root /root/.ssh/"
"""
}
}
}
}
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Check') {
steps {
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/pi-init.yaml --ssh-common-args='-o StrictHostKeyChecking=no'
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

85
Jenkinsfile.jenkins_vpn Normal file
View File

@ -0,0 +1,85 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
matt_private_key = credentials('matt_private_key')
matt_public_key = credentials('matt_public_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
echo 'echo Hello World' > /var/jenkins_home/ansible/.inv/vpn_check.sh
chmod +x /var/jenkins_home/ansible/.inv/vpn_check.sh
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/jenkins_vpn.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=${params.new_hostname}.home.cosmos vpn_endpoint='${params.vpn_endpoint}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \
matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' "
"""
}
}
stage('Ping new VPN host') {
steps {
// Generate the dynamic inventory file
sh """
/var/jenkins_home/ansible/.inv/vpn_check.sh
"""
}
}
}
post {
always {
// Remove dynamic Inventory file and ping file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
rm /var/jenkins_home/ansible/.inv/vpn_check.sh
"""
}
}
}

67
Jenkinsfile.lldp-scanner Normal file
View File

@ -0,0 +1,67 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', defaultValue: '10.250.128.10', description: 'Target System Address')
string(name: 'chrome_resolution', defaultValue: '720,1000', description: 'Chrome App Resolution')
// reference for later
// choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to')
booleanParam(name: 'run_test', defaultValue: false, description: 'Check this to run a test LLDP scan')
booleanParam(name: 'refresh_only', defaultValue: false, description: 'Check this to re-run on existing LLDP Scan device')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
matt_public_key = credentials('matt_public_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/generate_inventory.sh
/var/jenkins_home/ansible/inventory/generate_inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
cd /var/jenkins_home/ansible
ansible-playbook -i /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml \
/var/jenkins_home/ansible/playbooks/lldp-scan.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=MC-LLDP fixed_size='--window-size=${params.chrome_resolution}' \
run_test=${params.run_test} rename_host=true refresh_only=${params.refresh_only} \
public_deploy=true remove_default_vpn=true matt_public_key='${env.matt_public_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh "rm /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml"
}
}
}

55
Jenkinsfile.matt-profile-capture Normal file
View File

@ -0,0 +1,55 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SSH_CREDENTIALS_ID = 'jenkins-ssh-key'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/generate_inventory.sh
/var/jenkins_home/ansible/inventory/generate_inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Pipeline') {
steps {
//Run the cosmos-base ansible playbook
sh """
cd /var/jenkins_home/ansible
ansible-playbook -i /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml \
/var/jenkins_home/ansible/playbooks/matt-capture.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "saturn_behemoth=${SATURN_BEHEMOTH} "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh "rm /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml"
}
}
}

55
Jenkinsfile.mattgpt-capture Normal file
View File

@ -0,0 +1,55 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SSH_CREDENTIALS_ID = 'jenkins-ssh-key'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/generate_inventory.sh
/var/jenkins_home/ansible/inventory/generate_inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Pipeline') {
steps {
//Run the cosmos-base ansible playbook
sh """
cd /var/jenkins_home/ansible
ansible-playbook -i /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml \
/var/jenkins_home/ansible/playbooks/mattgpt-capture.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "saturn_behemoth=${SATURN_BEHEMOTH} "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh "rm /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml"
}
}
}

187
Jenkinsfile.mc_vpn Normal file
View File

@ -0,0 +1,187 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
choice(name: 'new_hostname', choices: ['MC-Friendly', 'MC-NanoPi2a', 'MC-NanoPi2b', 'MC-NanoPi2c', 'MC-ZeroPi2', 'MC-RickyPi' ], description: 'Select Hostname for VPN config')
// string(name: 'new_hostname', description: 'New Hostname, must match valid CN for VPN')
booleanParam(name: 'onboard_pi', defaultValue: true, description: 'Check this option to onboard a new FriendlyElec Device')
booleanParam(name: 'redirect_all', defaultValue: false, description: 'Redirect all traffic through VPN')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
matt_public_key = credentials('matt_public_key')
jenkins_public_key = credentials('jenkins_public_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Inject Auth Key') {
when {
expression { params.onboard_pi }
}
steps {
script{
// clear ssh keys
echo "Target IP: ${params.host_ip}"
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
sh """
echo Copy public key to pi home dir
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo ${env.jenkins_public_key} > /home/pi/authorized_keys"
"""
sh """
echo Make sure /root/.ssh exists
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mkdir -p /root/.ssh/"
"""
sh """
echo Move public key to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mv /home/pi/authorized_keys /root/.ssh/authorized_keys"
"""
sh """
echo Restrict permissions on file
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chmod -R 600 /root/.ssh/"
"""
sh """
echo Set owner to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chown -R root:root /root/.ssh/"
"""
}
}
}
stage('Generate Inventory Files') {
steps {
// Generate the dynamic inventory files
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
vpn_ip=\$(cat /var/jenkins_home/ansible/roles/puck_vpn/vars/endpoints/${params.new_hostname}.yaml | grep remote_gateway | cut -d '"' -f 2)
/var/jenkins_home/ansible/inventory/inventory.sh \$vpn_ip
"""
}
}
stage('Check for VPN') {
steps {
script {
def ip = sh(script: "cat /var/jenkins_home/ansible/roles/puck_vpn/vars/endpoints/${params.new_hostname}.yaml | grep remote_gateway | cut -d '\"' -f 2", returnStdout: true).trim()
echo "Detected IP: ${ip}"
// Set it as an environment variable for later use
env.TARGET_IP = ip
def pingResult = sh(script: "ping -W .1 -i .1 -c 1 ${TARGET_IP}", returnStatus: true)
// Set a variable in current build context
currentBuild.description = (pingResult == 0) ? "Host is up" : "Host is down"
env.HOST_UP = (pingResult == 0) ? "true" : "false"
}
}
}
stage('Ansible Playbook Pre-VPN') {
when {
expression {
return env.HOST_UP != 'true'
}
}
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file /var/jenkins_home/ansible/playbooks/puck_vpn.yaml \
--ssh-common-args='-o StrictHostKeyChecking=no' --extra-vars \
"new_hostname=${params.new_hostname} matt_public_key='${env.matt_public_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \
redirect_all=${params.redirect_all} "
"""
}
}
stage('Ansible Playbook Post-VPN') {
steps {
script {
echo "Waiting for reboot"
def ip = sh(script: "cat /var/jenkins_home/ansible/roles/puck_vpn/vars/endpoints/${params.new_hostname}.yaml | grep remote_gateway | cut -d '\"' -f 2", returnStdout: true).trim()
echo "Detected IP: ${ip}"
def timeoutSeconds = 300 // Total timeout: 5 minutes
def waitInterval = 5 // Wait 5 seconds between pings
def startTime = System.currentTimeMillis()
def responded = false
while ((System.currentTimeMillis() - startTime) < (timeoutSeconds * 1000)) {
def status = sh(script: "ping -c 1 ${ip}", returnStatus: true)
if (status == 0) {
responded = true
echo "IP ${ip} is now responding to ping."
break
}
// echo "Waiting for ${ip} to respond to ping..."
sleep(waitInterval)
}
}
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
vpn_ip=\$(cat /var/jenkins_home/ansible/roles/puck_vpn/vars/endpoints/${params.new_hostname}.yaml | grep remote_gateway | cut -d '"' -f 2)
echo \$vpn_ip
hash=\$(echo -n \$vpn_ip | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file /var/jenkins_home/ansible/playbooks/puck_routing.yaml \
--ssh-common-args='-o StrictHostKeyChecking=no'
"""
}
}
}
post {
always {
// Remove dynamic Inventory files
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
vpn_ip=\$(cat /var/jenkins_home/ansible/roles/puck_vpn/vars/endpoints/${params.new_hostname}.yaml | grep remote_gateway | cut -d '"' -f 2)
hash=\$(echo -n "\$vpn_ip" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file || true
"""
}
}
}

158
Jenkinsfile.pi-top Normal file
View File

@ -0,0 +1,158 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address, single IP Only')
choice(name: 'function', choices: ['lldp', 'purge-defaults', 'none'], description: 'Choose Pi-Top Function')
booleanParam(name: 'inject_ssh', defaultValue: true, description: 'Inject Jenkins SSH key')
string(name: 'admin_username', defaultValue: 'pi', description: 'Admin Username')
password(name: 'admin_password', defaultValue: 'pi-top', description: 'Admin Password')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
jenkins_public_key = credentials('jenkins_public_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Purge SSH Keys') {
steps {
script{
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
}
}
}
stage('Inject Auth Key') {
when {
expression {
return params.function != 'none' && params.inject_ssh
}
}
steps {
script{
// clear ssh keys
echo "Target IP: ${params.host_ip}"
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Copy public key to pi home dir
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${env.jenkins_public_key} > /home/${params.admin_username}/authorized_keys"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Make sure /root/.ssh exists
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mkdir -p /root/.ssh/"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Move public key to root
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mv /home/${params.admin_username}/authorized_keys /root/.ssh/authorized_keys"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Restrict permissions on file
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chmod -R 600 /root/.ssh/"
"""
}
}
script{
admin_password = params.admin_password
wrap([$class: 'MaskPasswordsBuildWrapper',
varPasswordPairs: [[password: admin_password]]]) {
sh """
echo Set owner to root
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chown -R root:root /root/.ssh/"
"""
}
}
}
}
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
when {
expression {
return params.function != 'none'
}
}
steps {
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/pi-top.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars " function=${params.function} admin_username='${params.admin_username}' "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

101
Jenkinsfile.pi_init Normal file
View File

@ -0,0 +1,101 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
jenkins_public_key = credentials('jenkins_public_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Inject Auth Key') {
steps {
script{
// clear ssh keys
echo "Target IP: ${params.host_ip}"
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
sh """
echo Copy public key to pi home dir
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo ${env.jenkins_public_key} > /home/pi/authorized_keys"
"""
sh """
echo Make sure /root/.ssh exists
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mkdir -p /root/.ssh/"
"""
sh """
echo Move public key to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mv /home/pi/authorized_keys /root/.ssh/authorized_keys"
"""
sh """
echo Restrict permissions on file
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chmod -R 600 /root/.ssh/"
"""
sh """
echo Set owner to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chown -R root:root /root/.ssh/"
"""
}
}
}
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Check') {
steps {
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/pi-init.yaml --ssh-common-args='-o StrictHostKeyChecking=no'
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

55
Jenkinsfile.public-profile-capture Normal file
View File

@ -0,0 +1,55 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SSH_CREDENTIALS_ID = 'jenkins-ssh-key'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/generate_inventory.sh
/var/jenkins_home/ansible/inventory/generate_inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Pipeline') {
steps {
//Run the cosmos-base ansible playbook
sh """
cd /var/jenkins_home/ansible
ansible-playbook -i /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml \
/var/jenkins_home/ansible/playbooks/public-capture.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "saturn_behemoth=${SATURN_BEHEMOTH} "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh "rm /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml"
}
}
}

84
Jenkinsfile.pxe-server Normal file
View File

@ -0,0 +1,84 @@
pipeline {
agent any
// Define parameters
parameters {
//booleanParam(name: 'deploy_iso', defaultValue: true, description: 'Deploy extra ISO boot options - will increase pipeline runtime.')
string(name: 'host_ip', defaultValue: '172.20.20.40', description: 'PXE Server IP Address')
string(name: 'iface', defaultValue: 'eth1', description: 'Listen interface for PXE')
string(name: 'server_ip', defaultValue: '172.29.1.10', description: 'IP address for DHCP server, might not match the target IP such as in the default case where I have two interfaces')
string(name: 'router_ip', defaultValue: '172.29.1.1', description: 'IP Address for router')
string(name: 'dhcp_subnet', defaultValue: '172.29.1.0', description: 'Default Subnet for DHCP server')
string(name: 'dhcp_netmask', defaultValue: '255.255.255.0', description: 'Default netmask for DHCP server')
string(name: 'dhcp_start', defaultValue: '172.29.1.100', description: 'DHCP start IP')
string(name: 'dhcp_end', defaultValue: '172.29.1.150', description: 'DHCP end IP')
booleanParam(name: 'configure_routing', defaultValue: false, description: 'Check this option to configure the PXE server to be the gateway for the dhcp network')
string(name: 'inet_iface', defaultValue: 'eth0', description: 'Interface for internet if enabling routing')
booleanParam(name: 'refresh_only', defaultValue: false, description: 'Only run the PXE Role to refresh configs')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
APPS_LIST = 'pxe-server'
pxe_proxy_password = credentials('pxe_proxy_password')
PXE_API_KEY = credentials('PXE_API_KEY')
LINUX_LDAP_PWD = credentials('LINUX_LDAP')
AUTHORIZED_KEY = credentials('AUTH_SSH_KEY')
matt_public_key = credentials('matt_public_key')
matt_private_key = credentials('matt_private_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/generate_inventory.sh
/var/jenkins_home/ansible/inventory/generate_inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the pxe-server ansible playbook
// /workspace/ansible/playbooks/pxe-server.yaml
sh """
cd /var/jenkins_home/ansible
ansible-playbook -i /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml \
/var/jenkins_home/ansible/playbooks/pxe-server.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=debian-pxe.home.cosmos saturn_behemoth=${SATURN_BEHEMOTH} authorized_key=${AUTHORIZED_KEY} \
rename_host=true apps_list=${APPS_LIST} listen_interface=${params.iface} pxe_auth=${pxe_proxy_password} \
internet_interface=${params.inet_iface} dhcp_subnet=${params.dhcp_subnet} \
dhcp_netmask=${params.dhcp_netmask} dhcp_start=${params.dhcp_start} \
dhcp_end=${params.dhcp_end} server_ip=${params.server_ip} \
router_ip=${params.router_ip} configure_routing=${params.configure_routing} \
refresh_only=${params.refresh_only} \
matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh "rm /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml"
}
}
}

58
Jenkinsfile.rename-endpoint Normal file
View File

@ -0,0 +1,58 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'new_hostname', description: 'New Target Hostname')
booleanParam(name: 'add_domain', defaultValue: true, description: 'When checked hostname will have home.cosmos appended')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/generate_inventory.sh
/var/jenkins_home/ansible/inventory/generate_inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Pipeline') {
steps {
//Run the cosmos-base ansible playbook
sh """
cd /var/jenkins_home/ansible
ansible-playbook -i /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml \
/var/jenkins_home/ansible/playbooks/rename-endpoint.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=${params.new_hostname} add_domain=${params.add_domain}"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh "rm /var/jenkins_home/ansible/.inv/inventory-${params.host_ip}.yml"
}
}
}

77
Jenkinsfile.rip-cd Normal file
View File

@ -0,0 +1,77 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
choice(name: 'cifs_choice', choices: ['TERRA_BEHEMOTH_SMB'], description: 'Choose stored server credentials here')
booleanParam(name: 'eject_drive', defaultValue: false, description: 'Check this option to eject disk at appropriate times')
booleanParam(name: 'remove_local_cache', defaultValue: true, description: 'Check this option to remove local cache data')
string(name: 'disk_drive', defaultValue: '/dev/sr0', description: 'Local DVD Drive device path')
string(name: 'extra_verbose', defaultValue: 'EXTRAVERBOSE=0', description: 'Verbosity Level; 0 by default. Change to 2 for big output')
string(name: 'nogap_enable', defaultValue: 'NOGAP=y', description: 'LAME No-Gap encoding; enabled by default')
string(name: 'server_path', defaultValue: '//172.25.1.10/behemoth/mp3_rip', description: 'Remote Server Path')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
CIFS_CREDENTIALS = credentials("${params.cifs_choice}")
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/rip-cd.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "CIFS_USERNAME=${env.CIFS_CREDENTIALS_USR} CIFS_PASSWORD=${env.CIFS_CREDENTIALS_PSW} \
CIFS_CREDENTIALS=${env.CIFS_CREDENTIALS} CIFS_CHOICE=${params.cifs_choice} \
disk_drive=${params.disk_drive} extra_verbose=${params.extra_verbose} \
nogap_enable=${params.nogap_enable} server_path=${params.server_path} \
eject_drive=${params.eject_drive} remove_local_cache=${params.remove_local_cache}"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

86
Jenkinsfile.test Normal file
View File

@ -0,0 +1,86 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
// string(name: 'new_hostname', description: 'Update Hostname')
// reference for later
// choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to')
// booleanParam(name: 'rename_host', defaultValue: true, description: 'When checked hostname will be renamed')
// booleanParam(name: 'config_matt', defaultValue: true, description: 'config matt profile')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
pxe_proxy_password = credentials('pxe_proxy_password')
PXE_API_KEY = credentials('PXE_API_KEY')
LINUX_LDAP_PWD = credentials('LINUX_LDAP')
AUTHORIZED_KEY = credentials('AUTH_SSH_KEY')
TERRA_BEHEMOTH_SMB = credentials('TERRA_BEHEMOTH_SMB')
MATT_PASSWORD = credentials('MATT_PASSWORD')
matt_public_key = credentials('matt_public_key')
matt_private_key = credentials('matt_private_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
vm_party_username_password = credentials('cosmos_root_password')
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/test.yaml --ssh-common-args='-o StrictHostKeyChecking=no'\
--extra-vars "saturn_behemoth=${SATURN_BEHEMOTH} linux_ldap_pwd=${LINUX_LDAP_PWD} \
pxe_proxy_password=${pxe_proxy_password} PXE_API_KEY=${PXE_API_KEY} \
AUTHORIZED_KEY=${AUTHORIZED_KEY} TERRA_BEHEMOTH_SMB=${TERRA_BEHEMOTH_SMB} \
CIFS_USERNAME=${env.TERRA_BEHEMOTH_SMB_USR} CIFS_PASSWORD=${env.TERRA_BEHEMOTH_SMB_PSW} \
MATT_PASSWORD=${env.MATT_PASSWORD} host_ip=${params.host_ip} \
matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \
vm_party_username_password=${env.vm_party_username_password} "
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

64
Jenkinsfile.trixie_upgrade Normal file
View File

@ -0,0 +1,64 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
// Run the trixie_upgrade ansible playbook
// /workspace/ansible/playbooks/trixie_upgrade.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/trixie_upgrade.yaml --ssh-common-args='-o StrictHostKeyChecking=no'
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

63
Jenkinsfile.update-endpoint Normal file
View File

@ -0,0 +1,63 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/update-endpoint.yaml --ssh-common-args='-o StrictHostKeyChecking=no'
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}

146
Jenkinsfile.vm_party Normal file
View File

@ -0,0 +1,146 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'new_hostname', defaultValue: 'vm-party-host', description: 'Update Hostname')
booleanParam(name: 'update_party', defaultValue: false, description: 'Only update VM Party service')
booleanParam(name: 'service_only', defaultValue: false, description: 'Only update VM Party python code')
booleanParam(name: 'autologin', defaultValue: true, description: 'Enable autologin with stats on screen')
}
environment {
safe_subnet = true
ANSIBLE_FORCE_COLOR = '1'
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
vm_party_username_password = credentials('vm_party_username_password')
matt_public_key = credentials('matt_public_key')
jenkins_public_key = credentials('jenkins_public_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Initialize Environment') {
steps {
script {
// Get the current date (in a consistent format) and hash it
def date = sh(script: "date +%Y-%m-%dT%H:%M:%S", returnStdout: true).trim()
def hash = sh(script: "echo -n '${date}' | sha256sum | cut -c1-8", returnStdout: true).trim()
// Set it as an environment variable
env.STAGE_TWO_HASH = hash
}
// Generate the dynamic inventory files
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
echo Stage Two Hash: ${env.STAGE_TWO_HASH}
"""
}
}
stage('Ansible Playbook Stage One') {
when { expression { env.safe_subnet } }
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file /var/jenkins_home/ansible/playbooks/vm_party.yaml \
--ssh-common-args='-o StrictHostKeyChecking=no' --extra-vars \
"new_hostname=${params.new_hostname} matt_public_key='${env.matt_public_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \
STAGE_TWO_HASH=${env.STAGE_TWO_HASH} update_party=${params.update_party} run_stage_two=false \
vm_party_username_password=${env.vm_party_username_password} autologin=${params.autologin} service_only=${params.service_only} "
"""
}
}
stage('Ansible Playbook Stage Two') {
// Skip stage two when update_party is set
when { expression { params.update_party != true && env.safe_subnet } }
steps {
script {
echo "Sleep 5 seconds..."
sleep(5)
echo "Waiting for reboot"
def ip = sh(script: "cat /var/jenkins_home/ansible/.inv/inventory-${env.STAGE_TWO_HASH}.yml | grep host_ip | cut -d ';' -f 2", returnStdout: true).trim()
echo "Detected IP: ${ip}"
def timeoutSeconds = 300 // Total timeout: 5 minutes
def waitInterval = 5 // Wait 5 seconds between pings
def startTime = System.currentTimeMillis()
def responded = false
while ((System.currentTimeMillis() - startTime) < (timeoutSeconds * 1000)) {
def status = sh(script: "ping -c 1 ${ip}", returnStatus: true)
if (status == 0) {
responded = true
echo "IP ${ip} is now responding to ping."
break
}
// echo "Waiting for ${ip} to respond to ping..."
sleep(waitInterval)
}
}
// check for forbidden subnet
// Run the stage two playbook
// using the hash
sh """
inventory_file="/var/jenkins_home/ansible/.inv/inventory-${env.STAGE_TWO_HASH}.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file /var/jenkins_home/ansible/playbooks/vm_party.yaml \
--ssh-common-args='-o StrictHostKeyChecking=no' --extra-vars \
" run_stage_two=true vm_party_username_password=${env.vm_party_username_password} service_only=${params.service_only} "
"""
}
}
}
post {
always {
// Remove dynamic Inventory files
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file || true
inventory_file="/var/jenkins_home/ansible/.inv/inventory-${env.STAGE_TWO_HASH}.yml"
rm \$inventory_file || true
"""
}
}
}

65
wrt/Jenkinsfile.nordvpn Normal file
View File

@ -0,0 +1,65 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
text(name: 'vpn_config', defaultValue: 'Paste entire config here', description: 'OpenVPN Config')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
}
options {
ansiColor('xterm')
}
stages {
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/wrt/nordvpn.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "new_hostname=${params.new_hostname} vpn_config=${params.vpn_config}"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
rm \$inventory_file
"""
}
}
}