forked from cvamsikrishna11/devops-fully-automated
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
0ce1f93
commit 53fd591
Showing
3 changed files
with
181 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| #!/bin/bash | ||
| # Hardware requirements: AWS Linux 2 with mimum t2.medium type instance & port 8080 should be allowed on the security groups | ||
| # Installing Jenkins | ||
| sudo yum update –y | ||
| sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo | ||
| sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key | ||
| sudo yum upgrade | ||
| sudo amazon-linux-extras install java-openjdk11 -y | ||
| sudo yum install jenkins -y | ||
| sudo systemctl enable jenkins | ||
| sudo systemctl start jenkins | ||
|
|
||
| # Installing Git | ||
| sudo yum install git -y | ||
|
|
||
| # Installing maven | ||
| sudo wget https://repos.fedorapeople.org/repos/dchen/apache-maven/epel-apache-maven.repo -O /etc/yum.repos.d/epel-apache-maven.repo | ||
| sudo sed -i s/\$releasever/6/g /etc/yum.repos.d/epel-apache-maven.repo | ||
| sudo yum install -y apache-maven | ||
|
|
||
| # Installing Ansible | ||
| sudo amazon-linux-extras install ansible2 -y | ||
| sudo useradd ansadmin | ||
| sudo echo ansadmin:ansadmin | chpasswd | ||
| sudo sed -i "s/.*#host_key_checking = False/host_key_checking = False/g" /etc/ansible/ansible.cfg |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| #!/bin/bash | ||
| # Hardware requirements: AWS Linux 2 with mimum t2.medium type instance & port 8081 should be allowed on the security groups | ||
| yum install java-1.8.0-openjdk.x86_64 wget -y | ||
| mkdir -p /opt/nexus/ | ||
| mkdir -p /tmp/nexus/ | ||
| cd /tmp/nexus/ | ||
| NEXUSURL="https://download.sonatype.com/nexus/3/latest-unix.tar.gz" | ||
| wget $NEXUSURL -O nexus.tar.gz | ||
| EXTOUT=`tar xzvf nexus.tar.gz` | ||
| NEXUSDIR=`echo $EXTOUT | cut -d '/' -f1` | ||
| rm -rf /tmp/nexus/nexus.tar.gz | ||
| rsync -avzh /tmp/nexus/ /opt/nexus/ | ||
| useradd nexus | ||
| chown -R nexus.nexus /opt/nexus | ||
| cat <<EOT>> /etc/systemd/system/nexus.service | ||
| [Unit] | ||
| Description=nexus service | ||
| After=network.target | ||
| [Service] | ||
| Type=forking | ||
| LimitNOFILE=65536 | ||
| ExecStart=/opt/nexus/$NEXUSDIR/bin/nexus start | ||
| ExecStop=/opt/nexus/$NEXUSDIR/bin/nexus stop | ||
| User=nexus | ||
| Restart=on-abort | ||
| [Install] | ||
| WantedBy=multi-user.target | ||
| EOT | ||
| echo 'run_as_user="nexus"' > /opt/nexus/$NEXUSDIR/bin/nexus.rc | ||
| systemctl daemon-reload | ||
| systemctl start nexus | ||
| systemctl enable nexus |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,120 @@ | ||
| #!/bin/bash | ||
| # Hardware requirements: Ubuntu 20.04 instance with mimum t2.medium type instance & port 9000 should be allowed on the security groups | ||
| cp /etc/sysctl.conf /root/sysctl.conf_backup | ||
| cat <<EOT> /etc/sysctl.conf | ||
| vm.max_map_count=262144 | ||
| fs.file-max=65536 | ||
| ulimit -n 65536 | ||
| ulimit -u 4096 | ||
| EOT | ||
| cp /etc/security/limits.conf /root/sec_limit.conf_backup | ||
| cat <<EOT> /etc/security/limits.conf | ||
| sonarqube - nofile 65536 | ||
| sonarqube - nproc 409 | ||
| EOT | ||
| sudo apt-get update -y | ||
| sudo apt-get install openjdk-11-jdk -y | ||
| sudo update-alternatives --config java | ||
| java -version | ||
| sudo apt update | ||
| wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add - | ||
| sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list' | ||
| sudo apt install postgresql postgresql-contrib -y | ||
| #sudo -u postgres psql -c "SELECT version();" | ||
| sudo systemctl enable postgresql.service | ||
| sudo systemctl start postgresql.service | ||
| sudo echo "postgres:admin123" | chpasswd | ||
| runuser -l postgres -c "createuser sonar" | ||
| sudo -i -u postgres psql -c "ALTER USER sonar WITH ENCRYPTED PASSWORD 'admin123';" | ||
| sudo -i -u postgres psql -c "CREATE DATABASE sonarqube OWNER sonar;" | ||
| sudo -i -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;" | ||
| systemctl restart postgresql | ||
| #systemctl status -l postgresql | ||
| netstat -tulpena | grep postgres | ||
| sudo mkdir -p /sonarqube/ | ||
| cd /sonarqube/ | ||
| sudo curl -O https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.3.0.34182.zip | ||
| sudo apt-get install zip -y | ||
| sudo unzip -o sonarqube-8.3.0.34182.zip -d /opt/ | ||
| sudo mv /opt/sonarqube-8.3.0.34182/ /opt/sonarqube | ||
| sudo groupadd sonar | ||
| sudo useradd -c "SonarQube - User" -d /opt/sonarqube/ -g sonar sonar | ||
| sudo chown sonar:sonar /opt/sonarqube/ -R | ||
| cp /opt/sonarqube/conf/sonar.properties /root/sonar.properties_backup | ||
| cat <<EOT> /opt/sonarqube/conf/sonar.properties | ||
| sonar.jdbc.username=sonar | ||
| sonar.jdbc.password=admin123 | ||
| sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube | ||
| sonar.web.host=0.0.0.0 | ||
| sonar.web.port=9000 | ||
| sonar.web.javaAdditionalOpts=-server | ||
| sonar.search.javaOpts=-Xmx512m -Xms512m -XX:+HeapDumpOnOutOfMemoryError | ||
| sonar.log.level=INFO | ||
| sonar.path.logs=logs | ||
| EOT | ||
| cat <<EOT> /etc/systemd/system/sonarqube.service | ||
| [Unit] | ||
| Description=SonarQube service | ||
| After=syslog.target network.target | ||
| [Service] | ||
| Type=forking | ||
| ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start | ||
| ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop | ||
| User=sonar | ||
| Group=sonar | ||
| Restart=always | ||
| LimitNOFILE=65536 | ||
| LimitNPROC=4096 | ||
| [Install] | ||
| WantedBy=multi-user.target | ||
| EOT | ||
| systemctl daemon-reload | ||
| systemctl enable sonarqube.service | ||
| #systemctl start sonarqube.service | ||
| #systemctl status -l sonarqube.service | ||
| apt-get install nginx -y | ||
| rm -rf /etc/nginx/sites-enabled/default | ||
| rm -rf /etc/nginx/sites-available/default | ||
| cat <<EOT> /etc/nginx/sites-available/sonarqube | ||
| server{ | ||
| listen 80; | ||
| server_name sonarqube.groophy.in; | ||
| access_log /var/log/nginx/sonar.access.log; | ||
| error_log /var/log/nginx/sonar.error.log; | ||
| proxy_buffers 16 64k; | ||
| proxy_buffer_size 128k; | ||
| location / { | ||
| proxy_pass http://127.0.0.1:9000; | ||
| proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; | ||
| proxy_redirect off; | ||
| proxy_set_header Host \$host; | ||
| proxy_set_header X-Real-IP \$remote_addr; | ||
| proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto http; | ||
| } | ||
| } | ||
| EOT | ||
| ln -s /etc/nginx/sites-available/sonarqube /etc/nginx/sites-enabled/sonarqube | ||
| systemctl enable nginx.service | ||
| #systemctl restart nginx.service | ||
| sudo ufw allow 80,9000,9001/tcp | ||
| echo "System reboot in 30 sec" | ||
| sleep 30 | ||
| reboot |