Sunday 29 May 2022

Reset Jenkins Admin Password


Make a backup copy of a Jenkins config file (If need to restore the previous settings)

cp -r /var/lib/jenkins/config.xml /var/lib/jenkins/config.xml.back


Disable the security

vim /var/lib/jenkins/config.xml 

<...>

<useSecurity>false</useSecurity>

<...>


Restart the Jenkins service

systemctl restart jenkins


Go to the Jenkins UI (No credentials this time) and reset the admin password


Navigate to "Manage Jenkins" 

In Security "Configure Global Security"

In Security Realm Select "Jenkins’ own user database" and  Save


Go to "People" From the Dashboard 

Select  username and "Configure"  Enter a new password in the "Password" and "Confirm password" fields and Save


Once the admin password is reset, restore the /var/lib/jenkins/config.xml file and restart Jenkins

 mv /var/lib/jenkins/config.xml.back /var/lib/jenkins/config.xml

 systemctl restart jenkins


Ansible Playbook | Trigger Jenkins Job using token and copy .war to Apache tomcat path

 cat trigger_jenkins.yml 
---
 - name: Deployment of .war file
   hosts: localhost
   become: yes

   tasks:

      - name: Trigger Jenkins Job
        shell: curl -v -X POST http://localhost:8080/job/Project_name/build --user jenkinsxyz:110d44acb43a8f57c8e54fc6360bf3e5ab

      - name: Wait until the file .war is present before continuing
        wait_for:
          path: /var/lib/jenkins/workspace/Project_name/target/Name.war

     - name: copy .war file to tomcat
        copy:
          src: /var/lib/jenkins/workspace/Project_name/target/Name.war
          dest: /opt/tomcat10/apache-tomcat-10.0.21/webapps/
          remote_src: yes
          directory_mode: yes

Ansible Playbook | Tomcat10 | Ubuntu 20.04 | Systemd | Port Confuguration


cat tomcat_install.yml 
---
 - name: Install Tomcat10 and Configure
   hosts: localhost
   become: yes
   vars: 
     tomcat_port: 8081

   tasks:

      - name: Update the System Packages
        apt:
          update_cache: yes

      - name: Create a Tomcat User
        user:
          name: tomcat

      - name: Create a Tomcat Group
        group:
          name: tomcat

      - name: Create a Tomcat Directory
        file:
          path: /opt/tomcat10
          owner: tomcat
          group: tomcat
          mode: 755
          recurse: yes

      - name: download tomcat server packages
        get_url:
          url: https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.21/bin/apache-tomcat-10.0.21.tar.gz
          dest: /opt/tomcat10

      - name: extract tomcat packages
        unarchive:
          src: /opt/tomcat10/apache-tomcat-10.0.21.tar.gz
          dest: /opt/tomcat10
          remote_src: yes

      - name: Configure tomcat port as 8081
        template: 
          src: server.xml.j2
          dest: /opt/tomcat10/apache-tomcat-10.0.21/conf/server.xml

      - name: Change ownership of tomcat directory
        file:
          path: /opt/tomcat10
          owner: tomcat
          group: tomcat
          mode: "u+rwx,g+rx,o=rx"
          recurse: yes
          state: directory

      - name: Copy Tomcat service from local to remote
        copy:
          src: tomcat.service.j2
          dest: /etc/systemd/system/tomcat.service
          mode: 0755
         
      - name: Start Tomcat service
        systemd:
          name: tomcat
          state: started
          daemon_reload: true

server.xml.j2
<...>
<Connector port="{{ tomcat_port }}" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
<...>

 cat tomcat.service.j2 

[Unit]
Description=Apache Tomcat Web Application Container
After=network.target

[Service]
Type=forking

Environment=JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
Environment=CATALINA_PID=/opt/tomcat10/apache-tomcat-10.0.21/temp
Environment=CATALINA_HOME=/opt/tomcat10/apache-tomcat-10.0.21
Environment=CATALINA_BASE=/opt/tomcat10/apache-tomcat-10.0.21
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'
ExecStart=/opt/tomcat10/apache-tomcat-10.0.21/bin/startup.sh
ExecStop=/opt/tomcat10/apache-tomcat-10.0.21/bin/shutdown.sh

User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target

Sunday 22 May 2022

Install WordPress on Ubuntu using Ansible Playbook


ansible-playbook wordpress.yml


cat wordpress.yml 

---

- hosts: all

  become: yes

  vars_files:

    - vars.yml


  tasks:

    - name: Install prerequisites

      apt: 

        name: aptitude 

        update_cache: yes 

        state: latest 


    - name: Install Apache MySQL PHP Packages

      apt: 

        name: "{{ item }}" 

        update_cache: yes 

        state: latest

      loop: [ 'apache2', 'mysql-server', 'python3-pymysql', 'php', 'php-mysql', 'libapache2-mod-php' ]


    - name: Install PHP Modules

      apt: 

        name: "{{ item }}"

        update_cache: yes 

        state: latest

      loop: [ 'php-curl', 'php-gd', 'php-mbstring', 'php-xml', 'php-xmlrpc', 'php-soap', 'php-intl', 'php-zip' ]


   # Configure Apache

    - name: Create document root

      file:

        path: "/var/www/{{ http_host }}"

        state: directory

        owner: "www-data"

        group: "www-data"

        mode: '0755'


    - name: Set up Apache VirtualHost

      template:

        src: "apacheconf.j2"

        dest: "/etc/apache2/sites-available/{{ http_conf }}"

      notify: Reload Apache


    - name: Enable rewrite module

      shell: /usr/sbin/a2enmod rewrite

      notify: Reload Apache


    - name: Enable new site

      shell: /usr/sbin/a2ensite {{ http_conf }}

      notify: Reload Apache


    - name: Disable default Apache site

      shell: /usr/sbin/a2dissite 000-default.conf

      notify: Restart Apache


  # Configure MySQL

      

    - name: Set the root password

      mysql_user:

        name: root

        password: "{{ mysql_root_password }}"

        login_unix_socket: /var/run/mysqld/mysqld.sock


    - name: Creates database for WordPress

      mysql_db:

        name: "{{ mysql_db }}"

        state: present

        login_user: root

        login_password: "{{ mysql_root_password }}"


    - name: Create MySQL user for WordPress

      mysql_user:

        name: "{{ mysql_user }}"

        password: "{{ mysql_password }}"

        priv: "{{ mysql_db }}.*:ALL"

        state: present

        login_user: root

        login_password: "{{ mysql_root_password }}"


 # Configure WordPress

    - name: Download and unpack latest WordPress

      unarchive:

        src: https://wordpress.org/latest.tar.gz

        dest: "/var/www/{{ http_host }}"

        remote_src: yes

        creates: "/var/www/{{ http_host }}/wordpress"


    - name: Change ownership

      file:

        path: "/var/www/{{ http_host }}"

        state: directory

        recurse: yes

        owner: www-data

        group: www-data


    - name: Change permissions for directories

      shell: "/usr/bin/find /var/www/{{ http_host }}/wordpress/ -type d -exec chmod 750 {} \\;"


    - name: Change permissions for files

      shell: "/usr/bin/find /var/www/{{ http_host }}/wordpress/ -type f -exec chmod 640 {} \\;"


    - name: Copy wp-config

      template:

        src: "wpconf.j2"

        dest: "/var/www/{{ http_host }}/wordpress/wp-config.php"

        owner: www-data

        group: www-data


  handlers:

         

    - name: Reload Apache

      service:

        name: apache2

        state: reloaded


    - name: Restart Apache

      service:

        name: apache2

        state: restarted


cat vars.yml 

---

#MySQL credentials

mysql_root_password: "mysql_root_password"

mysql_db: "mysql_db_name"

mysql_user: "mysql_wp_user"

mysql_password: "mysql_wp_password"


#HTTP info

http_host: "domain_name"

http_conf: "domain.conf"

http_port: "80"



cat wpconf.j2 

<?php

define( 'DB_NAME', '{{ mysql_db }}' );

define( 'DB_USER', '{{ mysql_user }}' );

define( 'DB_PASSWORD', '{{ mysql_password }}' );

define( 'DB_HOST', 'localhost' );

define( 'DB_CHARSET', 'utf8' );

define( 'DB_COLLATE', '' );

define('FS_METHOD', 'direct');

define( 'AUTH_KEY',         '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

define( 'SECURE_AUTH_KEY',  '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

define( 'LOGGED_IN_KEY',    '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

define( 'NONCE_KEY',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

define( 'AUTH_SALT',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

define( 'SECURE_AUTH_SALT', '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

define( 'LOGGED_IN_SALT',   '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

define( 'NONCE_SALT',       '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );

$table_prefix = 'wp_';

define( 'WP_DEBUG', false );

if ( ! defined( 'ABSPATH' ) ) {

        define( 'ABSPATH', dirname( __FILE__ ) . '/' );

}

require_once( ABSPATH . 'wp-settings.php' );