How to do installation and configuration of GoCD on CentOS? – Part 2

0
15
gocd - arslan ud din shafiq

Before proceeding with this tutorial, you must check “How to do installation and configuration of GoCD on CentOS? – Part 1”.

This is the second part of how to do installation and configuration of GoCD. To start, you will first need to follow the part 1 of this tutorial, then follow this part 2. In this part, you will learn about how to install GoCD server, how to do configuration of GoCD server, how to setup authentication for GoCD, how to install Nginx, how to setup SSL certificate using Let’s Encrypt SSL.

Let’s install GoCD

  1. GoCD is only dependent on Java because it has been programmed in Java. To install it first of all we will execute the following command:
# sudo curl https://download.gocd.org/gocd.repo -o /etc/yum.repos.d/gocd.repo

gocd - arslan ud din shafiq

  1. Execute the following command to install GoCD on your server
# sudo yum install -y go-server

gocd - arslan ud din shafiq

  1. After successful installation of GoCD, you will see the following screen.

gocd - arslan ud din shafiq

  1. Now you will need to start GoCD server by executing the following command.
# sudo systemctl start go-server

gocd - arslan ud din shafiq

  1. Now you will need to enable GoCD server by executing the following command.
# sudo systemctl enable go-server

gocd - arslan ud din shafiq

  1. Now you will need to store artifacts in a directory. You can store them in the same disk drive where you have installed the operating system (OS). Alternatively, you can get an extra dedicated drive from Alibaba Cloud to store artifacts. During continuous integration and delivery, many artifacts are produced. These artifacts are generated continuously that results in the continuous decrease of memory. A situation will come when services will fail to run on your system. I have used same disk, however, it’s completely up to you and I will recommend you to use dedicated disk. For the same disk, execute the following commands:
# sudo mkdir /opt/artifacts

# sudo chown -R go:go /opt/artifacts

 

  1. Now, to access your GoCD dashboard, you will need to navigate to your domain name. You can also use your Alibaba Cloud ECS IP address. In my case, I have setup a domain name pointing to IP address of my ECS.

There are 4 ways to access your GoCD dashboard:

  1. http://yourdomain.com:8153 (In my case, http://imarslan.com:8153 )
  2. https://yourdomain.com:8154 (In my case, https://imarslan.com:8154 )
  3. http://yourecsip:8153 (In my case, http://254.65.248:8153 )
  4. https://yourecsip:8154 (In my case, https://254.65.248:8154 )

To access using https, you will need to install SSL certificate.

  1. Access your GoCD dashboard, you will see the following screen.

gocd - arslan ud din shafiq

  1. Before adding/creating any pipeline, hover on Admin and click Server Configuration.

gocd - arslan ud din shafiq

  1. Now you will see the following screen.

gocd - arslan ud din shafiq

  1. Type your URL in Site URL field with port 8153 and Secure Site URL field with port 8154. In my case, I will use http://imarslan.com:8153 and https://imarslan.com:8154 You will need to replace com with your domain name.

gocd - arslan ud din shafiq

  1. Now provide your SMTP details for sending any type of email notifications from your GoCD.

gocd - arslan ud din shafiq

Replace imarslan.com with your chosen domain name.

  1. Now you will have to do pipeline management. For this, enter /opt/artifacts in Artifacts Directory Location, because you have chosen to store artifacts on the same disk. In case, you have chosen separate disk, the path would be different.

gocd - arslan ud din shafiq

  1. For Auto delete old artifacts, I have done settings to free up-to 8GB when 3GB free space is available because I’m using the same disk for storing artifacts and I don’t want all the space to be consumed. You can adopt same settings or modify according to your demand.

gocd - arslan ud din shafiq

  1. Leave all other options as these are and click on Save button to save your changes.

gocd - arslan ud din shafiq

  1. To apply these changes, you will need to restart your GoCD server. To restart, execute the following command:
# sudo systemctl restart go-server

gocd - arslan ud din shafiq

  1. GoCD does not provide any authentication system to access dashboard. To setup authentication, you can use a LDAP and password file. As Alibaba Cloud ECS will be accessed publicly, you must setup authentication system to avoid misuse.

Let’s setup Authentication for GoCD Dashboard:

For setting up authentication, you will need to use htpasswd command for creating an encrypted password file. To use htpasswd, you will have to install Apache Tools.

  1. To install Apache Tools, execute the following command:
# sudo yum -y install httpd-tools

gocd - arslan ud din shafiq

  1. After successful installation, you will see the following screen.

gocd - arslan ud din shafiq

  1. To create password file for user admin, execute the following command. Then type and retype your password and hit Enter You will see the following screen as output.
# sudo htpasswd -B -c /etc/go/passwd_auth admin

gocd - arslan ud din shafiq

You can more users as per your demand or requirement.

  1. Now you have created password file. To configure authentication, hover on Admin, then hover on Security, then click Authorization Configuration.

gocd - arslan ud din shafiq

  1. You will see the following screen after clicking Authorization Configuration.

gocd - arslan ud din shafiq

  1. Click on Add You will see the following screen.

gocd - arslan ud din shafiq

  1. In the Id field, type users, select Password File Authentication Plugin for GoCD and type path for password path file as /etc/go/passwd_auth then click on Check Connection You will see the following screen with success alert of Connection OK. Then click on Save button.

gocd - arslan ud din shafiq

  1. After clicking save button, you will be automatically logged out from GoCD dashboard. You will be redirected to login screen as shown below. Click Sign in button after entering username and password for your created user. In my case, username is admin.

gocd - arslan ud din shafiq

  1. Now you will have to setup administrator privileges for your admin user, otherwise, every user will have administrator privileges. For this purpose, hover on Admin and click User Summary. You will see the following screen.

gocd - arslan ud din shafiq

 

  1. Now select username and click Roles and mark checked Go System Administrator and click Apply

gocd - arslan ud din shafiq

  1. You have successfully modified admin privileges.

gocd - arslan ud din shafiq

  1. If you have more than 1 user, you will first need to update your password file that you created then you can write username in Create New field and click Add button as shown below.

gocd - arslan ud din shafiq

Setup Let’s Encrypt SSL for GoCD:

To install SSL certificate for GoCD, you will need to remove port 8153 from your Alibaba Cloud ECS Security Group Rules. You will use Nginx server, it will behave as reverse proxy to forward all the incoming requests to GoCD’s http point.

  1. Navigate to Security Groups, then Security Group Rules, here you will find the following rule defined. Click Delete to remove this rule.

gocd - arslan ud din shafiq

  1. To install Nginx server, execute the following command:
# sudo yum -y install nginx

gocd - arslan ud din shafiq

  1. After successful installation of Nginx server, you will see the following screen.

gocd - arslan ud din shafiq

  1. Use the following command to enable Nginx server, so that it starts automatically after reboot.
# sudo systemctl enable nginx

gocd - arslan ud din shafiq

  1. Execute the following command to start Nginx server.
# sudo systemctl start nginx

gocd - arslan ud din shafiq

  1. Now when you will access your domain, you will see the following screen.

gocd - arslan ud din shafiq

  1. Now to point the domain to right directory, you will need to change the default configuration of Nginx. For this purpose, execute the command below:
# sudo sed -i 's/default_server//g' /etc/nginx/nginx.conf

gocd - arslan ud din shafiq

  1. Now you will need to create a new configuration file for your GoCD. To do so, execute the following command:
# sudo nano /etc/nginx/conf.d/gocd.conf

gocd - arslan ud din shafiq

  1. Now copy and paste the following data in opened file, then use Ctrl+X, then type Y and hit Enter
 

upstream gocd {

server 127.0.0.1:8153;

}

server {

listen 80 default_server;

server_name gocd.example.com;

return 301 https://$host$request_uri;

}

server {

listen 443 default_server;

server_name gocd.example.com;

ssl_certificate           /etc/letsencrypt/live/imarslan.com/fullchain.pem;

ssl_certificate_key       /etc/letsencrypt/live/imarslan.com/privkey.pem;

ssl on;

ssl_session_cache  builtin:1000  shared:SSL:10m;

ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;

ssl_prefer_server_ciphers on;

access_log  /var/log/nginx/gocd.access.log;

location / {

proxy_pass http://gocd;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header Host $http_host;

proxy_set_header X-NginX-Proxy true;

proxy_redirect off;

}

location /go {

proxy_pass http://gocd/go;

proxy_http_version 1.1;

proxy_set_header Upgrade websocket;

proxy_set_header Connection upgrade;

proxy_read_timeout 86400;

}

}

 

  1. You will get clone of Let’s Encrypt from official GitHub repository that will be installed in /opt/letsencrypt . To clone, type the following command and hit Enter
# sudo git clone

https://github.com/letsencrypt/letsencrypt

  /opt/letsencrypt

gocd - arslan ud din shafiq

  1. Now navigate to /opt/letsencrypt by executing the command:
# cd /opt/letsencrypt

gocd - arslan ud din shafiq

  1. Now create your SSL certificate. Let’s Encrypt performs challenges for Domain Validation onthe basis of which Certificate Authority (CA) will authenticate your domain. On validation, you will be issued a SSL certificate by CA. To create SSL certificate for your domain using Let’s Encrypt, use the following command:
# sudo -H ./letsencrypt-auto certonly --standalone -d imarslan.com  -d www.imarslan.com

Replace imarslan.com with your domain name.

gocd - arslan ud din shafiq

  1. Now you will be prompted to write your email address. Type your email and hit Entergocd - arslan ud din shafiq
  2. After it, you will be asked to agree with terms. Type A and hit Enter key to proceed.

gocd - arslan ud din shafiq

  1. After successful issuance of SSL certificate, you will see the following screen.

gocd - arslan ud din shafiq

  1. Now you can check if there are any error in your newly configured file.
# sudo nginx -t

gocd - arslan ud din shafiq

  1. Now restart Nginx server to load your settings.
# sudo systemctl restart nginx

gocd - arslan ud din shafiq

  1. Now you can access your domain name with https protocol. You can see the screenshot below.

gocd - arslan ud din shafiq

Let’s install GoCD Agent:

GoCD agents are required for the execution of tasks. When any change is detected in task, pipeline gets triggered and jobs get assigned to available workers. For this purpose, at least one agent must be configured. To install agent, follow the steps:

  1. Execute the following command to install go agent.
# sudo yum install -y go-agent

gocd - arslan ud din shafiq

  1. After installation of Go Agent, you will see the following screen.gocd - arslan ud din shafiq
  2. Now execute the following commands to start and enable the Go Agent. Enabling will allow to start it automatically after restart.
# sudo systemctl start go-agent

gocd - arslan ud din shafiq

# sudo systemctl enable go-agent

gocd - arslan ud din shafiq

Here you go…now your GoCD server is ready to use.

Previous articleBest Web Design Services – Hire us Today!
Next articleBasics you must learn & make first Java program
I'm a Software Engineer by profession. I had been certified as Cloud Computing Specialist by Alibaba Cloud. I started my career by working on freelance projects related to Facebook App Development, Mobile App development, Web development, and Software development. I voluntarily edited Facebook Map and Google Maps. During my blogging career, I experienced Affiliate Marketing, Google AdWords, Facebook Ads, Facebook Audience Network, Google Adsense and Media.net by Microsoft. I am also the founder of cloud-based Centralized Queue Management System (CQMS) which has been deployed in COMSATS University's student service center and admission cell for managing their queues. CQMS has also been awarded 3rd best project in DICE -IET 2017 (a national level exhibition and competition). Besides, I am a technical author at Alibaba Cloud. I had written many tutorials on Alibaba Cloud Focus. Moreover, I have published my book on Amazon. Currently, I am writing my next book that is expected to be published soon.

LEAVE A REPLY

Please enter your comment!
Please enter your name here