Skip to content

Deployment Overview of Jenkins on Server

Prerequisites and Basic Requirements

  • Operating System: Ubuntu (Debian-based distribution).

  • Privileges: Root access is required for installation and service management.

  • Domain: The application is configured to run on the hostkey.in zone.

  • Ports:

  • Internal port: 8080.

  • External port: 443.

  • Runtime Environment: OpenJDK 21 JRE (openjdk-21-jre) and fontconfig are required for the Jenkins application to function correctly.

FQDN of the Final Panel

The application is accessible via the Fully Qualified Domain Name (FQDN) following the pattern: jenkins-marketplace-app<Server ID>.hostkey.in:443

Replace <Server ID> with the specific identifier assigned to the server instance. The connection is established over HTTPS (port 443).

File and Directory Structure

The deployment creates and utilizes the following directories for configuration and data storage:

  • /root/nginx: Directory containing the Nginx container configuration files.

  • /data/nginx/user_conf.d: Directory storing custom Nginx configuration files for the specific domain.

  • /data/nginx: Base directory for Nginx data and environment variables.

  • /usr/share/keyrings/jenkins-keyring.asc: Location of the GPG key for the Jenkins repository.

Application Installation Process

The Jenkins application is installed via the standard Debian package manager using the official Jenkins repository. The installation process includes:

  1. Adding the Jenkins GPG key from https://pkg.jenkins.io/debian-stable/jenkins.io-2026.key.

  2. Configuring the official Jenkins repository (https://pkg.jenkins.io/debian-stable binary/).

  3. Installing the jenkins package.

  4. Installing required dependencies: fontconfig and openjdk-21-jre.

  5. Enabling and starting the jenkins service via systemd.

Access Rights and Security

  • Firewall: Access is controlled by the external port 443 (HTTPS). The internal service runs on port 8080 and is not directly exposed to the external network; it is proxied through Nginx.

  • Proxy Configuration: A reverse proxy is configured to forward traffic from the external port to the internal Jenkins instance at 127.0.0.1:8080.

  • SSL/TLS: SSL certificates are managed via Certbot through the Nginx container.

Docker Containers and Their Deployment

The proxy and SSL management are handled by Docker containers. The container is deployed using docker compose from a configuration file located at /root/nginx/compose.yml.

The container details are as follows:

  • Service Name: nginx

  • Image: jonasal/nginx-certbot:latest

  • Restart Policy: unless-stopped

  • Network Mode: host

  • Environment Variable: [email protected]

  • Volumes:

  • nginx_secrets (external) mapped to /etc/letsencrypt for SSL certificates.

  • /data/nginx/user_conf.d mapped to /etc/nginx/user_conf.d for custom configuration.

The command used to start the container stack is docker compose up -d executed from the /root/nginx directory.

Proxy Servers

Nginx is utilized as the reverse proxy to secure and route traffic to the Jenkins application.

  • Domain Configuration: Custom domain configuration files are stored in /data/nginx/user_conf.d.

  • Proxy Pass: The Nginx configuration includes a directive to forward requests to http://127.0.0.1:8080.

  • SSL Management: The Nginx container integrates with Certbot to automatically handle SSL certificate generation and renewal for the configured domain.

Permission Settings

  • The directory /root/nginx is owned by root with permissions 0755.

  • The compose configuration file /root/nginx/compose.yml is owned by root with permissions 0644.

  • The Nginx user configuration directory /data/nginx/user_conf.d is accessible by the Docker container volume mount.

Location of Configuration Files and Data

  • Docker Compose: /root/nginx/compose.yml.

  • Nginx Custom Configs: /data/nginx/user_conf.d/<domain>.conf.

  • Nginx Environment: /data/nginx/nginx-certbot.env.

  • Jenkins Repository Key: /usr/share/keyrings/jenkins-keyring.asc.

  • Jenkins Repository List: /etc/apt/sources.list.d/jenkins.list.

Available Ports for Connection

Port Protocol Usage
8080 HTTP Internal communication between Nginx proxy and Jenkins. Not exposed externally.
443 HTTPS External user access via the configured domain name.

Starting, Stopping, and Updating

The Jenkins application service is managed by systemd, while the Nginx proxy is managed via docker compose.

Jenkins Service Management:

  • Start the service: 

    systemctl start jenkins

  • Enable the service on boot: 

    systemctl enable jenkins

  • Check service status: 

    systemctl status jenkins

Nginx Proxy Management:

  • Start the proxy container: 

    cd /root/nginx && docker compose up -d

  • Stop the proxy container: 

    cd /root/nginx && docker compose down

  • View container logs: 

    docker logs -f nginx

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×