summaryrefslogtreecommitdiffstats
path: root/hosts/jenkins
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/jenkins')
-rw-r--r--hosts/jenkins/etc/default/jenkins42
-rwxr-xr-xhosts/jenkins/etc/init.d/jenkins25
2 files changed, 45 insertions, 22 deletions
diff --git a/hosts/jenkins/etc/default/jenkins b/hosts/jenkins/etc/default/jenkins
index 97c4868b..a7bb7eb2 100644
--- a/hosts/jenkins/etc/default/jenkins
+++ b/hosts/jenkins/etc/default/jenkins
@@ -7,21 +7,21 @@ NAME=jenkins
JAVA=/usr/bin/java
# arguments to pass to java
-#JAVA_ARGS="-Xmx512m" # + MaxPermSize is 128m normally
-JAVA_ARGS="-Xmx3072m -XX:MaxPermSize=384m"
+JAVA_ARGS="-Djava.awt.headless=true" # Allow graphs etc. to work even when an X server is present
+#JAVA_ARGS="-Xmx256m"
#JAVA_ARGS="-Djava.net.preferIPv4Stack=true" # make jenkins listen on IPv4 address
-PIDFILE=/var/run/jenkins/jenkins.pid
+PIDFILE=/var/run/$NAME/$NAME.pid
# user and group to be invoked as (default to jenkins)
-JENKINS_USER=jenkins
-JENKINS_GROUP=jenkins
+JENKINS_USER=$NAME
+JENKINS_GROUP=$NAME
# location of the jenkins war file
-JENKINS_WAR=/usr/share/jenkins/jenkins.war
+JENKINS_WAR=/usr/share/$NAME/$NAME.war
# jenkins home location
-JENKINS_HOME=/var/lib/jenkins
+JENKINS_HOME=/var/lib/$NAME
# set this to false if you don't want Hudson to run by itself
# in this set up, you are expected to provide a servlet container
@@ -29,38 +29,44 @@ JENKINS_HOME=/var/lib/jenkins
RUN_STANDALONE=true
# log location. this may be a syslog facility.priority
-JENKINS_LOG=/var/log/jenkins/$NAME.log
-#HUDSON_LOG=daemon.info
+JENKINS_LOG=/var/log/$NAME/$NAME.log
+#JENKINS_LOG=daemon.info
# OS LIMITS SETUP
# comment this out to observe /etc/security/limits.conf
# this is on by default because http://github.com/jenkinsci/jenkins/commit/2fb288474e980d0e7ff9c4a3b768874835a3e92e
# reported that Ubuntu's PAM configuration doesn't include pam_limits.so, and as a result the # of file
# descriptors are forced to 1024 regardless of /etc/security/limits.conf
-MAXOPENFILES=32768
+MAXOPENFILES=8192
# set the umask to control permission bits of files that Jenkins creates.
-# 027 makes files read-only for group and inaccessible for others. comment this out to inherit setting
-# (as of Ubuntu 12.04, by default umask comes from pam_umask(8) and /etc/login.defs
-UMASK=022
+# 027 makes files read-only for group and inaccessible for others, which some security sensitive users
+# might consider benefitial, especially if Jenkins runs in a box that's used for multiple purposes.
+# Beware that 027 permission would interfere with sudo scripts that run on the master (JENKINS-25065.)
+#
+# Note also that the particularly sensitive part of $JENKINS_HOME (such as credentials) are always
+# written without 'others' access. So the umask values only affect job configuration, build records,
+# that sort of things.
+#
+# If commented out, the value from the OS is inherited, which is normally 022 (as of Ubuntu 12.04,
+# by default umask comes from pam_umask(8) and /etc/login.defs
+
+# UMASK=027
# port for HTTP connector (default 8080; disable with -1)
HTTP_PORT=8080
-# port for AJP connector (disabled by default)
-AJP_PORT=-1
# servlet context, important if you want to use apache proxying
-PREFIX=/jenkins
+PREFIX=/$NAME
# arguments to pass to jenkins.
# --javahome=$JAVA_HOME
# --httpPort=$HTTP_PORT (default 8080; disable with -1)
# --httpsPort=$HTTP_PORT
-# --ajp13Port=$AJP_PORT
# --argumentsRealm.passwd.$ADMIN_USER=[password]
# --argumentsRealm.roles.$ADMIN_USER=admin
# --webroot=~/.jenkins/war
# --prefix=$PREFIX
-JENKINS_ARGS="--webroot=/var/cache/jenkins/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT"
+JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT"
diff --git a/hosts/jenkins/etc/init.d/jenkins b/hosts/jenkins/etc/init.d/jenkins
index ccb33d5d..2714eb13 100755
--- a/hosts/jenkins/etc/init.d/jenkins
+++ b/hosts/jenkins/etc/init.d/jenkins
@@ -180,13 +180,27 @@ do_stop()
return 0
}
+# Verify the process did in fact start successfully and didn't just bomb out
+do_check_started_ok() {
+ sleep 1
+ if [ "$1" -ne "0" ]; then return $1; fi
+ get_running
+ if [ "$?" -eq "0" ]; then
+ return 2
+ else
+ return 0
+ fi
+}
+
case "$1" in
start)
log_daemon_msg "Starting $DESC" "$NAME"
do_start
+ START_STATUS="$?"
+ do_check_started_ok "$START_STATUS"
case "$?" in
0|1) log_end_msg 0 ;;
- 2) log_end_msg 1 ;;
+ 2) log_end_msg 1 ; exit 7 ;;
esac
;;
stop)
@@ -194,7 +208,7 @@ case "$1" in
do_stop
case "$?" in
0|1) log_end_msg 0 ;;
- 2) log_end_msg 1 ;;
+ 2) log_end_msg 1 ; exit 100 ;;
esac
;;
restart|force-reload)
@@ -207,10 +221,13 @@ case "$1" in
case "$?" in
0|1)
do_start
+ START_STATUS="$?"
+ sleep 1
+ do_check_started_ok "$START_STATUS"
case "$?" in
0) log_end_msg 0 ;;
- 1) log_end_msg 1 ;; # Old process is still running
- *) log_end_msg 1 ;; # Failed to start
+ 1) log_end_msg 1 ; exit 100 ;; # Old process is still running
+ *) log_end_msg 1 ; exit 100 ;; # Failed to start
esac
;;
*)