GoCD server on CentOS 7
RPM Repository Installation
The GoCD server and agent can be installed from an RPM repository. However there is no 'release' package that provides the yum repo configuration or signing keys (the packages are unsigned). Manually create a repo file:
cat > /etc/yum.repos.d/gocd.repo << EOF [gocd] name=Go CD baseurl=http://download.go.cd/gocd-rpm/ gpgcheck=0 EOF
Prerequisites
Install OpenJDK:
# yum install java-1.7.0-openjdk
Install
Install the Go server package. It is important to note that the RPM distribution doesn't have any dependencies. A suitable JDK must be installed explicitly.
# yum install go-server
Firewall
Allow access to tcp port 8153 from the Nginx reverse proxy. Add the following to '/etc/sysconfig/iptables':
-A tcpIn -p tcp -m tcp --dport 8153 -m conntrack --ctstate NEW -j ACCEPT
Front door
Use Nginx as a front door web server
server {
listen [::]:80;
server_name gocd.lucidsolutions.co.nz;
location / {
# redirect to secure page [permanent | redirect]
rewrite ^ https://gocd.lucidsolutions.co.nz$request_uri? permanent;
}
}
server {
listen [::]:443;
server_name gocd.lucidsolutions.co.nz;
keepalive_timeout 70;
ssl on;
ssl_certificate certs/gocd.lucidsolutions.co.nz.startssl.crt;
ssl_certificate_key certs/gocd.lucidsolutions.co.nz.key;
access_log /var/log/nginx/gocd.lucidsolutions.co.nz.access.log main;
location / {
proxy_pass http://10.20.20.6:8153/;
proxy_http_version 1.1;
proxy_read_timeout 1200;
proxy_connect_timeout 240;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 100M;
}
}
User management
If using file based management of users (c.f. LDAP), then configure the server to use the file '/etc/go/htpasswd'. Ensure that the file is create mode 600, with ownership of the go user and the go group.
Users must be created with a sha1 password:
# htpasswd -s /etc/go/htpasswd <username> New password: <password> Re-type new password: <password> Updating password for user <user>
Git
To use git repositories:
- install the git package
- allow outgoing ssh
- generate a ssh key pair for the 'go' user
Install the git client
# yum install git
Ensure the firewall allows outgoing ssh
iptables -A tcpOut -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
Generate a ssh key (with no passphrase) for the 'go' user (as the 'go' user):
$ ssh-keygen -b 4096
Residuals
The following residuals were encountered:
- RPM packages were not signed
- RPM packages had no dependency to java
- no systemd scripts (init.d scripts worked well)
- No RPM 'release' package with the yum repository configuration (and keys)
Links
- http://www.go.cd/
- https://github.com/gocd/gocd/
- http://www.thoughtworks.com/products/go-continuous-delivery
- http://dl.bintray.com/gocd/gocd-rpm/
- http://www.go.cd/documentation/user/current/installation/installing_go_server.html
- http://www.go.cd/2014/11/14/Go_14_3_issue_with_uploading_compressed_artifacts.html
Appendices
go-server install
# yum install go-server Resolving Dependencies --> Running transaction check ---> Package go-server.noarch 0:14.4.0-1356 will be installed --> Finished Dependency Resolution Dependencies Resolved ========================================================================================== Package Arch Version Repository Size ========================================================================================== Installing: go-server noarch 14.4.0-1356 gocd 129 M Transaction Summary ========================================================================================== Install 1 Package Total download size: 129 M Installed size: 129 M Running transaction Installing : go-server-14.4.0-1356.noarch 1/1 Found Java /usr/lib/jvm/java-1.7.0-openjdk-1.7.0.75-2.5.4.2.el7_0.x86_64/jre in PATH, using it. chown: cannot access ‘/var/lib/go-server/**’: No such file or directory Installation of Go Server completed. using default settings from /etc/default/go-server Reading change scripts from directory /var/lib/go-server/db/h2deltas... Changes currently applied to database: 1..85 Scripts available: 1..90, 221001, 230001..230009, 240001, 240002, 300001..300011, 1202001..1202003, 1203002..1203005, 1301001, 1302001, 1303001..1303004, 1304001, 1401001, 1403001, 1403002, 1501001, 1501002 To be applied: 86..90, 221001, 230001..230009, 240001, 240002, 300001..300011, 1202001..1202003, 1203002..1203005, 1301001, 1302001, 1303001..1303004, 1304001, 1401001, 1403001, 1403002, 1501001, 1501002 Warning: org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser: Property 'http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit' is not recognized. Compiler warnings: WARNING: 'org.apache.xerces.jaxp.SAXParserImpl: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.' Warning: org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser: Property 'http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit' is not recognized. Compiler warnings: WARNING: 'org.apache.xerces.jaxp.SAXParserImpl: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.' Warning: org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser: Property 'http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit' is not recognized. Compiler warnings: WARNING: 'org.apache.xerces.jaxp.SAXParserImpl: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.' Warning: org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser: Property 'http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit' is not recognized. Compiler warnings: WARNING: 'org.apache.xerces.jaxp.SAXParserImpl: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.' Warning: org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser: Property 'http://www.oracle.com/xml/jaxp/properties/entityExpansionLimit' is not recognized. Compiler warnings: WARNING: 'org.apache.xerces.jaxp.SAXParserImpl: Property 'http://javax.xml.XMLConstants/property/accessExternalDTD' is not recognized.' Started Go Server on http://rose.lucidsolutions.co.nz:8153/go Verifying : go-server-14.4.0-1356.noarch 1/1 Installed: go-server.noarch 0:14.4.0-1356 Complete!
Package contents
Name : go-server Version : 14.4.0 Release : 1356 Architecture: noarch Install Date: (not installed) Group : Development/Build Tools Size : 135641216 License : ThoughtWorks Studios EULA Signature : (none) Source RPM : go-server-14.4.0-1356.src.rpm Build Date : Tue 16 Dec 2014 13:39:46 NZDT Build Host : go-agent-dist-all.go.cd Relocations : (not relocatable) URL : /go/tab/build/detail/distributions-all/144/dist-all/1/all Summary : Go Server Component Description : Next generation continuous integration and release management server from ThoughtWorks -rw-r--r-- 1 root root 159 Dec 16 13:39 /etc/default/go-server drwxr-xr-x 2 root root 0 Dec 16 13:39 /etc/go -rw-rw-rw- 1 root root 1157 Dec 16 13:39 /etc/go/log4j.properties -rwxr-xr-x 1 root root 2975 Dec 16 13:39 /etc/init.d/go-server -rw-rw-r-- 1 root root 176 Dec 16 13:39 /usr/share/doc/go-server/changelog.gz -rw-r--r-- 1 root root 11325 Dec 16 13:39 /usr/share/doc/go-server/copyright drwxr-xr-x 2 root root 0 Dec 16 13:39 /usr/share/go-server -rw-r--r-- 1 root root 11325 Dec 16 13:39 /usr/share/go-server/LICENSE -rw-r--r-- 1 root root 259 Dec 16 13:39 /usr/share/go-server/config.properties -rw-r--r-- 1 root root 135609131 Dec 16 13:39 /usr/share/go-server/go.jar -rwxr-xr-x 1 root root 4078 Dec 16 13:39 /usr/share/go-server/server.sh -rwxr-xr-x 1 root root 631 Dec 16 13:39 /usr/share/go-server/stop-server.sh drwxr-xr-x 2 root root 0 Dec 16 13:39 /var/lib/go-server
