ansible-playbooks/playbooks/jenkins-install.yml

- name: Установка Jenkins с использованием Docker и Docker Compose
  hosts: jenkins-hosts
  become: true


  tasks:

   - name: Обновление списка пакетов
     apt:
       update_cache: yes

   - name: Установка зависимостей для добавления репозитория
     apt:
        name:
          - ca-certificates
          - curl
        state: present

   - name: Добавить ключ GPG Docker
     shell: |
       install -m 0755 -d /etc/apt/keyrings
       curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
       chmod a+r /etc/apt/keyrings/docker.asc       
     args:
       executable: /bin/bash

   - name: Добавить репозиторий Docker
     shell: |
       echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable" > /etc/apt/sources.list.d/docker.list       

   - name: Обновление пакетов после добавления репозитория
     apt:
       update_cache: yes

   - name: Установить Docker с фиксированной версией
     shell: |
       VERSION_STRING=5:27.3.1-1~debian.12~bookworm
       apt-get install -y docker-ce=$VERSION_STRING docker-ce-cli=$VERSION_STRING containerd.io docker-buildx-plugin docker-compose-plugin       
     args:
       executable: /bin/bash

   - name: Создание директории для Jenkins
     file:
       path: /mnt/fs/docker/jenkins
       state: directory
       mode: '0777'

   - name: certs
     file:
       path: /mnt/fs/docker/jenkins/certs
       state: directory
       mode: '0777'

   - name: jenkins-data
     file:
       path: /mnt/fs/docker/jenkins/jenkins-data
       state: directory
       mode: '0777'

   - name: jenkins-blue-ocean
     file:
       path: /mnt/fs/docker/jenkins/jenkins-blue-ocean
       state: directory
       mode: '0777'

   - name: jenkins-docker-certs
     file:
       path: /mnt/fs/docker/jenkins/jenkins-docker-certs
       state: directory
       mode: '0777'

   - name: Создание Dockerfile для Jenkins Blue Ocean
     copy:
       dest: /mnt/fs/docker/jenkins/jenkins-blue-ocean/Dockerfile
       content: |
          FROM jenkins/jenkins:2.479.1-jdk17

          USER root

          RUN apt-get update && apt-get install -y \
              lsb-release \
              curl \
              gnupg2 \
              ca-certificates \
              sudo \
              build-essential \
              nano \
              iputils-ping \
              curl \
              libssl-dev \
              && apt-get clean

          RUN curl -fsSLo /usr/share/keyrings/docker-archive-keyring.asc \
            https://download.docker.com/linux/debian/gpg
          RUN echo "deb [arch=$(dpkg --print-architecture) \
            signed-by=/usr/share/keyrings/docker-archive-keyring.asc] \
            https://download.docker.com/linux/debian \
            $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list
          RUN apt-get update && apt-get install -y docker-ce-cli

          USER jenkins

          RUN jenkins-plugin-cli --plugins "blueocean docker-workflow"          

   - name: Создание файла docker-compose.yml для jenkins
     copy:
       dest: /mnt/fs/docker/jenkins/docker-compose.yml
       content: |
          version: '3.8'

          services:
            jenkins-docker:
              image: docker:dind
              container_name: jenkins-docker
              restart: on-failure
              privileged: true
              networks:
                jenkins:
                  aliases:
                    - docker
              environment:
                - DOCKER_TLS_CERTDIR=/certs
              volumes:
                - /mnt/fs/docker/jenkins/jenkins-docker-certs:/certs/client
                - /mnt/fs/docker/jenkins/jenkins-data:/var/jenkins_home
                - /mnt/fs/docker/jenkins/certs:/usr/local/share/ca-certificates/
              ports:
                - "2376:2376"
              extra_hosts:
                - "registry.entcor:192.168.2.51"
                - "git.entcor:192.168.2.61"

            jenkins-blueocean:
              build:
                context: ./jenkins-blue-ocean
                dockerfile: Dockerfile
              container_name: jenkins-blueocean
              restart: on-failure
              networks:
                - jenkins
              environment:
                - DOCKER_HOST=tcp://docker:2376
                - DOCKER_CERT_PATH=/certs/client
                - DOCKER_TLS_VERIFY=1
              volumes:
                - /mnt/fs/docker/jenkins/jenkins-data:/var/jenkins_home
                - /mnt/fs/docker/jenkins/jenkins-docker-certs:/certs/client:ro
              ports:
                - "8080:8080"
                - "50000:50000"
              extra_hosts:
                - "registry.entcor:192.168.2.51"
                - "git.entcor:192.168.2.61"
              depends_on:
                - jenkins-docker

          networks:
            jenkins:
              driver: bridge          

   - name: Запуск контейнеров
     shell: docker compose up -d
     args:
       chdir: /mnt/fs/docker/jenkins