DVOP2025_Exercise/puppet/site.pp

###############################################################################
# Puppet standalone manifest to be applied to setup Exercise environment
###############################################################################
# No need to filter by hostname here. 
node default {
  include ::stdlib
  # This will install all docker stack with default value
  # FIXME Debian on WSL will be an issue due to systemd being chosen as default service provider.
  include 'docker'

  # enforce custom root password
  user { 'root':
    password => pw_hash('secret_root_password', 'SHA-512', stdlib::fqdn_rand_string(10))
  }
  # enforce custom user password
  user { 'nerd':
    password => pw_hash('secret_nerd_password', 'SHA-512', stdlib::fqdn_rand_string(10))
  }
  # enforce directory layout for clarity
  file {[
    '/srv/docker', '/srv/scm',
    '/srv/docker/proxy', '/srv/docker/proxy/nginx-conf'
  ]:
    ensure => directory
  }
  # enforce more directory layout for clarity
  # those are likely to be written by the docker execution. 
  file {[
    '/srv/docker/jenkins_server', '/srv/docker/jenkins_server/home',
    '/srv/docker/jenkins_server/logs', '/srv/docker/jenkins_server/tmp',
    '/srv/docker/jenkins_agent', '/srv/docker/jenkins_agent/data'
  ]:
    ensure => directory,
    owner  => 1000,
    group  => 1000
  }

  #############################################################################
  ## Below Directives are required to setup the exercise environment.
  ## You can look into the archives or into the deployed content but
  ## MODIFY THE ARCHIVES CONTENT or the exercise might environment might
  ## be compromised.
  archive { '/var/local/jenkins_home.tar':
    source       => 'puppet:///modules/nerd/jenkins_home.tar',
    extract      => true,
    extract_path => '/srv/docker/jenkins_server/home',
    creates      => '/srv/docker/jenkins_server/home/config.xml'
  }
  ## Above Directives are meant to setup the exercise environment.
  #############################################################################

  #############################################################################
  ## This archive contains the source code repository that will be used in 
  ## the Jenkins job both in the Server and Agent instances
  ## This archive contains a bare repository that can be changed is needed
  archive { '/var/local/repos.tar':
    source       => 'puppet:///modules/nerd/repos.tar',
    extract      => true,
    extract_path => '/srv/scm',
    creates      => '/srv/scm/test_app'
  }
  #############################################################################

  # simple http proxypass
  file {'/srv/docker/proxy/nginx-conf/nginx-conf.conf':
    content => @("U_NGINX"/$)
      server {
        listen 80;
        server_name _;
        access_log      /var/log/nginx/access.log main;
        error_log       /var/log/nginx/error.log info;

        # skip favicon.ico
        location = /favicon.ico {
            access_log off;
            return 204;
        }
        location / {
            proxy_pass              http://server:8080;
            proxy_set_header        Host \$http_host;
            proxy_set_header        X-Real-IP \$remote_addr;
            proxy_set_header        X-Forwarded-For \$proxy_add_x_forwarded_for;
            proxy_buffering    off;
            tcp_nodelay        on;
        }
      }
      |-U_NGINX
  }

  # Jenkins Server Dockerfile
  file {'/srv/docker/jenkins_server/Dockerfile':
    content => template('nerd/jenkins/Dockerfile.server.erb'),
    notify  => Docker_compose['jenkins_stack']
  }
  -> file {'/srv/docker/jenkins_server/plugins.txt':
    content => template('nerd/jenkins/plugins.txt'),
    notify  => Docker_compose['jenkins_stack']
  }
  -> file {'/srv/docker/jenkins_server/jenkins.env':
    content   => @("env"/$L)
          TZ=Europe/Paris
          LC_ALL=C.UTF-8
          JAVA_OPTS=-Djenkins.install.runSetupWizard=false
          JENKINS_SLAVE_AGENT_PORT=50000
          JENKINS_OPTS=-Dhudson.plugins.git.GitSCM.ALLOW_LOCAL_CHECKOUT=true
          | env
          ,
      mode    => '0400',
      require => File['/srv/docker/jenkins_server'],
      notify  => Docker_compose['jenkins_stack']
  }
  # Jenkins Agent Dockerfile
  file {'/srv/docker/jenkins_agent/Dockerfile':
    content => template('nerd/jenkins/Dockerfile.agent.erb'),
    notify  => Docker_compose['jenkins_stack']
  }

  # Jenkins Stack Compose file
  file {'/srv/docker/proxy/docker-compose.yml':
    content => template('nerd/jenkins/docker-compose.yml.erb'),
    require => [File['/srv/docker/proxy']]
  }
  # Launch the stack
  docker_compose { 'jenkins_stack':
    ensure        => present,
    compose_files => ['/srv/docker/proxy/docker-compose.yml']
  }
}