Rundeck v2.3.2 on CentOS v7
Follow the RPM installation instructions.
# yum install java-1.7.0-openjdk # rpm -Uvh http://repo.rundeck.org/latest.rpm # yum install rundeck # service rundeckd start
Browse
Use a web brwose to view the rundeck instance on http port 4440. The default username is 'admin' with a password of 'admin'.
Home page
Lockdown
Change the 'admin' password by editing the file '/etc/rundeck/realm.properties'. Change the 'admin' in the second field with a secure password:
admin:admin,user,admin,architect,deploy,build
Firewall
Add a firewall rule to allow access to the http listener:
# iptables -A tcpIn -p tcp -m tcp --source 10.20.7.0/24 --dport 4440 -m conntrack --ctstate NEW -j ACCEPT
Reverse proxy
Put nginx in front of the web site to provide reverse proxy and TLS offload support.
#
# Rundeck server
#
server {
listen [::]:80;
server_name rundeck.lucidsolutions.co.nz;
location / {
# redirect to secure page [permanent | redirect]
rewrite ^ https://rundeck.lucidsolutions.co.nz$request_uri? permanent;
}
}
server {
listen [::]:443;
server_name rundeck.lucidsolutions.co.nz;
keepalive_timeout 70;
ssl on;
ssl_certificate certs/rundeck.lucidsolutions.co.nz.startssl.crt;
ssl_certificate_key certs/rundeck.lucidsolutions.co.nz.key;
access_log /var/log/nginx/rundeck.lucidsolutions.co.nz.access.log main;
location / {
proxy_pass http://10.20.20.5:4440/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 100M;
}
}
Rundeck doesn't appear to use standard web proxy headers. The site name must be configured in two configuration files. First '/etc/rundeck/framework.properties':
framework.server.name = "pigment.lucidsolutions.co.nz" framework.server.hostname = pigment.lucidsolutions.co.nz framework.server.port = 4440 framework.server.url = https://rundeck.lucidsolutions.co.nz
And '/etc/rundeck/rundeck-config.properties':
grails.serverURL=https://rundeck.lucidsolutions.co.nz
Once the configuration is loaded (requires a server restart) then it can be view at https://rundeck.lucidsolutions.co.nz/menu/systemConfig:
Links
- http://rundeck.org/
- http://rundeck.org/docs/administration/configuration-file-reference.html
- https://github.com/rundeck/rundeck/issues/671
Appendices
Install
# rpm -Uvh http://repo.rundeck.org/latest.rpm Retrieving http://repo.rundeck.org/latest.rpm Preparing... ################################# [100%] Updating / installing... 1:rundeck-repo-3-0 ################################# [100%]
# yum install rundeck Loaded plugins: fastestmirror rundeck-release-bintray | 1.2 kB 00:00:00 rundeck-release-bintray/primary | 3.8 kB 00:00:00 Loading mirror speeds from cached hostfile * base: mirror.xnet.co.nz * extras: mirror.xnet.co.nz * updates: mirror.xnet.co.nz rundeck-release-bintray 32/32 Resolving Dependencies --> Running transaction check ---> Package rundeck.noarch 0:2.3.2-1.28.GA will be installed --> Processing Dependency: rundeck-config for package: rundeck-2.3.2-1.28.GA.noarch --> Running transaction check ---> Package rundeck-config.noarch 0:2.3.2-1.28.GA will be installed --> Finished Dependency Resolution Dependencies Resolved ======================================================================================== Package Arch Version Repository Size ======================================================================================== Installing: rundeck noarch 2.3.2-1.28.GA rundeck-release-bintray 59 M Installing for dependencies: rundeck-config noarch 2.3.2-1.28.GA rundeck-release-bintray 7.7 k Transaction Summary ======================================================================================== Install 1 Package (+1 Dependent package) Total download size: 59 M Installed size: 82 M
