config SSL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| # step1 generate the SSL public and private keys
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
# step2 merge key.pem key and the certificate.pem by converting them to a .p12 keystore
openssl pkcs12 -inkey key.pem -in certificate.pem -export -out certificate.p12 # generate certificate.p12
# passwd: dongw123
# step3 import the .p12 file with keytool and convert it into a .jks keystore
keytool -importkeystore -srckeystore ./certificate.p12 -srcstoretype pkcs12 -destkeystore jenkinsserver.jks -deststoretype JKS # generate jenkinsserver.jks
# step4 Add JKS File to Jenkins Path
sudo cp jenkinsserver.jks /var/lib/jenkins/
sudo chown jenkins:jenkins /var/lib/jenkins/jenkinsserver.jks
# step5 Configure Jenkins for SSL Communication
# vim /etc/systemd/system/jenkins.service
Environment="JENKINS_HTTPS_PORT=8443"
Environment="JENKINS_HTTPS_KEYSTORE=/var/lib/jenkins/jenkinsserver.jks"
Environment="JENKINS_HTTPS_KEYSTORE_PASSWORD=dongw123"
# step6 restart service
sudo systemctl daemon-reload
sudo systemctl restart jenkins.service
|
1
2
3
| Export Password: dongw123
destination keystore password: dongw123
source keystore password: dongw123
|
change default data dir
To change Jenkins’ default data directory from /var/lib/jenkins to /mnt/disk1, follow these steps:
1
| sudo systemctl stop jenkins
|
- Move the existing data to the new directory:
1
| sudo mv /var/lib/jenkins /mnt/disk1/
|
- Ensure the ownership is correct:
1
| sudo chown -R jenkins:jenkins /mnt/disk1/jenkins
|
- Edit the Jenkins service file
1
2
3
| # edit /etc/systemd/system/jenkins.service or /usr/lib/systemd/system/jenkins.service
Environment="JENKINS_HOME=/mnt/disk1/jenkins"
WorkingDirectory=/mnt/disk1/jenkins
|
- Reload Systemd and Restart Jenkins
1
2
| sudo systemctl daemon-reload
sudo systemctl restart jenkins
|