pipeline { agent any // Define parameters parameters { string(name: 'host_ip', description: 'Target System Address') string(name: 'new_hostname', defaultValue:"MCVCR", description: 'Update Hostname') booleanParam(name: 'rename_endpoint', defaultValue: true, description: 'Uncheck to skip renaming of endpoint') booleanParam(name: 'refresh_special', defaultValue: false, description: 'When checked perform a faster run that just updates the capture stack') booleanParam(name: 'public_deploy', defaultValue: true, description: 'Uncheck this option to deploy private SSH key') booleanParam(name: 'onboard_pi', defaultValue: false, description: 'Check this option to onboard a new FriendlyElec Device') booleanParam(name: 'GUI_deploy', defaultValue: false, description: 'Check this option to set up GUI if possible') booleanParam(name: 'jellyfin_deploy', defaultValue: false, description: 'Check this option to install Jellyfin') booleanParam(name: 'luna_offload', defaultValue: false, description: 'Check this option to offload MediaMTX to luna.cosmos') booleanParam(name: 'kiosk_refresh', defaultValue: false, description: 'Check this option to only refresh the chrome kiosk') booleanParam(name: 'remote_deploy', defaultValue: false, description: 'Deploy as low-power transmit only node.') booleanParam(name: 'server_deploy', defaultValue: false, description: 'Deploy as server to receive from remote deploy node') booleanParam(name: 'extra_storage', defaultValue: false, description: 'Check this option to automatically configure the secondary storage. Be careful.') } environment { ANSIBLE_FORCE_COLOR = '1' PXE_API_KEY = credentials('PXE_API_KEY') matt_public_key = credentials('matt_public_key') matt_private_key = credentials('matt_private_key') cosmos_password = credentials('cosmos_password') cosmos_root_password = credentials('cosmos_root_password') jenkins_public_key = credentials('jenkins_public_key') } options { ansiColor('xterm') } stages { stage('Inject Auth Key') { when { expression { params.onboard_pi } } steps { script{ // clear ssh keys echo "Target IP: ${params.host_ip}" sh """ ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}" """ } script{ sh """ echo Copy public key to pi home dir sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo ${env.jenkins_public_key} > /home/pi/authorized_keys" """ } script{ sh """ echo Make sure /root/.ssh exists sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mkdir -p /root/.ssh/" """ } script{ sh """ echo Move public key to root sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mv /home/pi/authorized_keys /root/.ssh/authorized_keys" """ } script{ sh """ echo Restrict permissions on file sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chmod -R 600 /root/.ssh/" """ } script{ sh """ echo Set owner to root sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chown -R root:root /root/.ssh/" """ } } } stage('Generate Inventory File') { steps { // Generate the dynamic inventory file sh """ jenkins_group=\$(echo ${env.BUILD_USER_GROUPS} | sed 's/,/\\n/g' | grep Jenkins | head -n 1) jenkins_user=\$(echo ${env.BUILD_USER}) cd /var/jenkins_home/ansible chmod +x /var/jenkins_home/ansible/inventory/inventory.sh /var/jenkins_home/ansible/inventory/inventory.sh -g \$jenkins_group -u \$jenkins_user -i ${params.host_ip} """ } } stage('Ansible Playbook') { steps { sh """ echo ${params.host_ip} hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8) inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml" cd /var/jenkins_home/ansible ansible-playbook -i \$inventory_file /var/jenkins_home/ansible/playbooks/VCR-capture.yaml \ --ssh-common-args='-o StrictHostKeyChecking=no' \ --extra-vars "docker_full=false no_vpn=true add_domain=false \ matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \ cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \ new_hostname=${params.new_hostname} refresh_special=${params.refresh_special} \ rename_host=${params.rename_endpoint} onboard_pi=${params.onboard_pi} \ public_deploy=${params.public_deploy} jellyfin_deploy=${params.jellyfin_deploy} \ GUI_deploy=${params.GUI_deploy} extra_storage=${params.extra_storage} \ luna_offload=${params.luna_offload} kiosk_refresh=${params.kiosk_refresh} \ remote_deploy=${params.remote_deploy} server_deploy=${params.server_deploy}" """ } } } post { always { // Remove dynamic Inventory file sh """ hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8) inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml" rm \$inventory_file """ } } }