matt/jenkinsfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e95dd3efd5e40204587cd778e057e2096e5e7883
jenkinsfiles/Jenkinsfile.cosmos-server
Matt e95dd3efd5 much tidying up
2026-03-29 21:46:33 -07:00

211 lines
8.8 KiB
Plaintext
Raw Blame History

def specialServers = [
'none',
'octoprint',
'kodi',
'timelapse',
'pxe_server',
'jenkins_vpn',
'net_bridge',
'carputer',
'ssd_check',
'gpo_site',
'minitemp_api',
'cosmostat',
'mc_virt'
]
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
string(name: 'new_hostname', description: 'Update Hostname')
booleanParam(name: 'rename_endpoint', defaultValue: true, description: 'Uncheck to skip renaming of endpoint')
booleanParam(name: 'add_domain', defaultValue: true, description: 'When checked hostname will have home.cosmos appended')
booleanParam(name: 'intall_cockpit', defaultValue: false, description: 'Install Cockpit Dashboard')
// choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to')
booleanParam(name: 'install_docker', defaultValue: true, description: 'When checked docker packages are installed and portainer started on 9100')
booleanParam(name: 'install_LDAP', defaultValue: false, description: 'When checked LDAP integration is installed with NSLCD')
// this now needs to have the case sensitive name of the role to run
choice(name: 'special_server', choices: specialServers, description: 'Choose special server install if desired')
booleanParam(name: 'refresh_special', defaultValue: false, description: 'When checked only the special server step is run')
booleanParam(name: 'no_vpn', defaultValue: false, description: 'Check this option to remove default cosmos VPN')
booleanParam(name: 'public_deploy', defaultValue: true, description: 'Uncheck this option to deploy private SSH key')
booleanParam(name: 'onboard_pi', defaultValue: false, description: 'Check this option to onboard a new FriendlyElec Device')
booleanParam(name: 'install_python', defaultValue: false, description: 'Check this option to install python packages')
booleanParam(name: 'skip_nvidia', defaultValue: false, description: 'Check this option to skip nvidia driver install')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH')
CIFS_CREDENTIALS = credentials("TERRA_BEHEMOTH_SMB")
ITMFG_CREDENTIALS = credentials("itmfg_duymatt")
APPS_LIST = 'cosmos-base'
LINUX_LDAP_PWD = credentials('LINUX_LDAP')
pxe_proxy_password = credentials('pxe_proxy_password')
PXE_API_KEY = credentials('PXE_API_KEY')
matt_public_key = credentials('matt_public_key')
matt_private_key = credentials('matt_private_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
jenkins_public_key = credentials('jenkins_public_key')
tesla_api_key = credentials('tesla_api_key')
cosmostat_api_key = credentials("cosmostat_api_key")
}
options {
ansiColor('xterm')
}
stages {
stage('Inject Auth Key') {
when {
expression { params.onboard_pi }
}
steps {
script{
// clear ssh keys
echo "Target IP: ${params.host_ip}"
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
}
script{
sh """
echo Copy public key to pi home dir
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo ${env.jenkins_public_key} > /home/pi/authorized_keys"
"""
}
script{
sh """
echo Make sure /root/.ssh exists
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mkdir -p /root/.ssh/"
"""
}
script{
sh """
echo Move public key to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mv /home/pi/authorized_keys /root/.ssh/authorized_keys"
"""
}
script{
sh """
echo Restrict permissions on file
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chmod -R 600 /root/.ssh/"
"""
}
script{
sh """
echo Set owner to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chown -R root:root /root/.ssh/"
"""
}
}
}
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
sh """
set +x
jenkins_group=\$(echo ${env.BUILD_USER_GROUPS} | sed 's/,/\\n/g' | grep -v \$SERVER_SUBNET_GROUP | grep Jenkins | head -n 1)
jenkins_subnet_group=\$(echo ${env.BUILD_USER_GROUPS} | sed 's/,/\\n/g' | grep -e authenticated -e \$SERVER_SUBNET_GROUP | sort -rf | head -n 1)
jenkins_user=\$(echo ${env.BUILD_USER})
playbook_file="/var/jenkins_home/ansible/playbooks/cosmos-server.yaml"
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
set -x
/var/jenkins_home/ansible/inventory/inventory.sh -p \$playbook_file -a \$jenkins_subnet_group -g \$jenkins_group -u \$jenkins_user -i ${params.host_ip}
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-server ansible playbook
// /workspace/ansible/playbooks/cosmos-server.yaml
sh """
set +x
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
playbook_file="/var/jenkins_home/ansible/playbooks/cosmos-server.yaml"
extra_vars=\$(echo " \
new_hostname=${params.new_hostname} \
saturn_behemoth=${SATURN_BEHEMOTH} \
CIFS_USERNAME=${env.CIFS_CREDENTIALS_USR} \
CIFS_PASSWORD=${env.CIFS_CREDENTIALS_PSW} \
ITMFG_USERNAME=${env.ITMFG_CREDENTIALS_USR} \
ITMFG_PASSWORD=${env.ITMFG_CREDENTIALS_PSW} \
docker_full=false \
rename_host=${params.rename_endpoint} \
onboard_pi=${params.onboard_pi} \
linux_ldap_pwd=${LINUX_LDAP_PWD} \
install_docker=${params.install_docker} \
install_LDAP=${params.install_LDAP} \
special_server='${params.special_server}' \
refresh_special=${params.refresh_special} \
pxe_proxy_password=${pxe_proxy_password} \
PXE_API_KEY=${PXE_API_KEY} \
no_vpn=${params.no_vpn} add_domain=${params.add_domain} \
matt_public_key='${env.matt_public_key}' \
cosmos_password='${env.cosmos_password}' \
cosmos_root_password='${env.cosmos_root_password}' \
tesla_api_key='${tesla_api_key}' \
public_deploy=${params.public_deploy} \
install_python=${params.install_python} \
skip_nvidia=${params.skip_nvidia} \
intall_cockpit=${params.intall_cockpit} \
REAL_API_KEY=${env.cosmostat_api_key} \
" | tr -s " ")
set -x
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \$playbook_file \
--ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "\$extra_vars matt_private_key='${env.matt_private_key}'"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
sh """
set +x
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
set -x
rm \$inventory_file
"""
}
}
}
Reference in New Issue View Git Blame Copy Permalink