# # This file is managed by systemd(1). Do NOT edit this file manually! # To override these settings, run: # # systemctl edit jenkins # # For more information about drop-in files, see: # # https://www.freedesktop.org/software/systemd/man/systemd.unit.html # [Unit] Description=Jenkins Continuous Integration Server Requires=network.target After=network.target [Service] Type=notify NotifyAccess=main ExecStart=/usr/bin/jenkins Restart=on-failure SuccessExitStatus=143 # Configures the time to wait for start-up. If Jenkins does not signal start-up # completion within the configured time, the service will be considered failed # and will be shut down again. Takes a unit-less value in seconds, or a time span # value such as "5min 20s". Pass "infinity" to disable the timeout logic. #TimeoutStartSec=90 # Unix account that runs the Jenkins daemon # Be careful when you change this, as you need to update the permissions of # $JENKINS_HOME, $JENKINS_LOG, and (if you have already run Jenkins) # $JENKINS_WEBROOT. User=jenkins Group=jenkins # Directory where Jenkins stores its configuration and workspaces Environment="JENKINS_HOME=/var/lib/jenkins" WorkingDirectory=/var/lib/jenkins # Location of the Jenkins WAR #Environment="JENKINS_WAR=/usr/share/java/jenkins.war" # Location of the exploded WAR Environment="JENKINS_WEBROOT=%C/jenkins/war" # Location of the Jenkins log. By default, systemd-journald(8) is used. #Environment="JENKINS_LOG=%L/jenkins/jenkins.log" # The Java home directory. When left empty, JENKINS_JAVA_CMD and PATH are consulted. #Environment="JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64" # The Java executable. When left empty, JAVA_HOME and PATH are consulted. #Environment="JENKINS_JAVA_CMD=/etc/alternatives/java" # Arguments for the Jenkins JVM Environment="JAVA_OPTS=-Djava.awt.headless=true" # IP address to listen on for HTTP requests. # The default is to listen on all interfaces (0.0.0.0). #Environment="JENKINS_LISTEN_ADDRESS=" # Port to listen on for HTTP requests. Set to -1 to disable. # To be able to listen on privileged ports (port numbers less than 1024), # add the CAP_NET_BIND_SERVICE capability to the AmbientCapabilities # directive below. Environment="JENKINS_PORT=8080" # IP address to listen on for HTTPS requests. Default is disabled. #Environment="JENKINS_HTTPS_LISTEN_ADDRESS=" # Port to listen on for HTTPS requests. Default is disabled. # To be able to listen on privileged ports (port numbers less than 1024), # add the CAP_NET_BIND_SERVICE capability to the AmbientCapabilities # directive below. #Environment="JENKINS_HTTPS_PORT=443" # Path to the keystore in JKS format (as created by the JDK's keytool). # Default is disabled. #Environment="JENKINS_HTTPS_KEYSTORE=/path/to/keystore.jks" # Password to access the keystore defined in JENKINS_HTTPS_KEYSTORE. # Default is disabled. #Environment="JENKINS_HTTPS_KEYSTORE_PASSWORD=s3cR3tPa55w0rD" # IP address to listen on for HTTP2 requests. Default is disabled. #Environment="JENKINS_HTTP2_LISTEN_ADDRESS=" # HTTP2 port to listen on. Default is disabled. # To be able to listen on privileged ports (port numbers less than 1024), # add the CAP_NET_BIND_SERVICE capability to the AmbientCapabilities # directive below. #Environment="JENKINS_HTTP2_PORT=" # Controls which capabilities to include in the ambient capability set for the # executed process. Takes a whitespace-separated list of capability names, e.g. # CAP_SYS_ADMIN, CAP_DAC_OVERRIDE, CAP_SYS_PTRACE. Ambient capability sets are # useful if you want to execute a process as a non-privileged user but still # want to give it some capabilities. For example, add the CAP_NET_BIND_SERVICE # capability to be able to listen on privileged ports (port numbers less than # 1024). #AmbientCapabilities=CAP_NET_BIND_SERVICE # Debug level for logs. The higher the value, the more verbose. 5 is INFO. #Environment="JENKINS_DEBUG_LEVEL=5" # Set to true to enable logging to /var/log/jenkins/access_log. #Environment="JENKINS_ENABLE_ACCESS_LOG=false" # Servlet context (important if you want to use reverse proxying) #Environment="JENKINS_PREFIX=/jenkins" # Arbitrary additional arguments to pass to Jenkins. # Full option list: java -jar jenkins.war --help #Environment="JENKINS_OPTS=" # Maximum core file size. If unset, the value from the OS is inherited. #LimitCORE=infinity # Maximum file size. If unset, the value from the OS is inherited. #LimitFSIZE=infinity # File descriptor limit. If unset, the value from the OS is inherited. #LimitNOFILE=8192 # Maximum number of processes. If unset, the value from the OS is inherited. #LimitNPROC=32768 # Set the umask to control the permission bits of files that Jenkins creates. # # 0027 makes files read-only for group and inaccessible for others, which some # security sensitive users might consider beneficial, especially if Jenkins # is running on a server that is used for multiple purposes. Beware that 0027 # permissions would interfere with sudo scripts that run on the controller # (see JENKINS-25065). # # Note also that the particularly sensitive parts of $JENKINS_HOME (such as # credentials) are always written without 'other' access. So the umask values # only affect job configuration, build records, etc. # # If unset, the value from the OS is inherited, which is normally 0022. # The default umask comes from pam_umask(8) and /etc/login.defs. #UMask=0022 [Install] WantedBy=multi-user.target