Editorial Staff

How to install concourse ci on ubuntu vpsHere is a detailed step-by-step guide on how to install Concourse CI on Ubuntu VPS, complete with setup instructions for the Concourse web UI, worker, and PostgreSQL backend database.

READ ALSO: Advantages of Ubuntu VPS Servers for Your Business

Table of Contents

What is Concourse CI?

Concourse CI is a modern, open-source continuous integration and continuous delivery (CI/CD) system designed to automate software build, test, and deployment workflows in a scalable, repeatable, and declarative manner.

🔍 Key Concepts of Concourse CI

1. Pipeline-Based

Concourse uses pipelines as the fundamental unit of automation. Pipelines are written in YAML and describe every step in the software lifecycle—from fetching code to testing, building, and deploying.

2. Containers for Everything

Every step runs in a stateless container, making builds highly reproducible and isolated. This ensures consistent environments across teams and systems.

3. Immutable and Declarative

Concourse emphasizes immutability and declarative configuration, meaning pipelines always describe what should happen, not how, and won’t carry over state from previous runs unless explicitly defined.

🧩 Core Components

Component Description
Web UI and API server, handles authentication, job scheduling, and orchestration
Worker Executes build tasks and steps in containers
TSA (SSH) Secure tunnel between web and worker nodes
PostgreSQL Backend database storing pipeline state and metadata
Fly CLI Command-line tool used to manage pipelines, log in, and trigger builds

🚀 Why Use Concourse CI?

✅ Pros:
  • Lightweight & container-native
  • Built-in parallelism and task caching
  • Strong GitOps support (pipelines stored as code)
  • No vendor lock-in — fully open source
  • Supports all languages, frameworks, and platforms
⚠️ Considerations:
  • Learning curve for new users due to its unique model
  • No native UI-based pipeline editor (CLI and YAML required)
  • Requires PostgreSQL for operation

📌 Example Use Cases

  • Continuous Integration for microservices
  • Deployment pipelines to Kubernetes or cloud VMs
  • Automated infrastructure testing with Terraform
  • Building and publishing Docker images

🛠️ How to Install Concourse CI on Ubuntu VPS

This guide walks through installing Concourse CI on Ubuntu 22.04 or later, using a local PostgreSQL database and a single-node web + worker deployment.

📋 Prerequisites

Before you begin:

  • Ubuntu 22.04+ VPS with root or sudo access
  • At least 2 GB RAM, 2 CPUs, and 10 GB+ disk space
  • Open TCP ports: 8080 (web UI/API), 2222 (worker SSH), and 5432 (PostgreSQL)
  • Domain name or static IP
  • Install curl, wget, and unzip

Update system packages

sudo apt update && sudo apt upgrade -y
sudo apt install -y curl wget unzip postgresql postgresql-contrib

Launch 100% ssd ubuntu vps from $2. 49/mo!
To install Concourse CI on Ubuntu VPS, follow the steps provided below:

  1. Install and Configure PostgreSQL

    Concourse uses PostgreSQL for pipeline and user data.

    Create PostgreSQL database and user

    sudo -u postgres psql

    Then, run the following commands inside the psql shell:

    CREATE DATABASE concourse; CREATE USER concourse WITH PASSWORD 'changeme'; GRANT ALL PRIVILEGES ON DATABASE concourse TO concourse; \q

    Secure PostgreSQL to listen only on localhost:

    sudo sed -i "s/#listen_addresses = 'localhost'/listen_addresses = 'localhost'/" /etc/postgresql/*/main/postgresql.conf sudo systemctl restart postgresql

  2. Install Concourse CI

    Download the latest Concourse and Fly CLI

    wget https://github.com/concourse/concourse/releases/download/v7.11.0/concourse-7.11.0-linux-amd64.tgz wget https://github.com/concourse/concourse/releases/download/v7.11.0/fly-7.11.0-linux-amd64.tgz

    Extract and move binaries:

    tar -xvzf concourse-7.11.0-linux-amd64.tgz sudo mv concourse /usr/local/bin/ tar -xvzf fly-7.11.0-linux-amd64.tgz sudo mv fly /usr/local/bin/

    Verify installation:

    concourse --version fly --version

  3. Generate Keys for Concourse

    Concourse uses RSA keys to secure communication between web and workers.

    mkdir -p ~/concourse-keys cd ~/concourse-keys ssh-keygen -t rsa -f host_key -N '' ssh-keygen -t rsa -f worker_key -N '' cp worker_key.pub worker_key.pub cp worker_key worker_key cp host_key host_key ssh-keygen -t rsa -f session_signing_key -N ''

  4. Create a Systemd Service File for Concourse

    Create a new systemd service unit:

    sudo nano /etc/systemd/system/concourse-web.service

    Paste the following content:

    [Unit] Description=Concourse CI web After=postgresql.service Requires=postgresql.service [Service] User=root Restart=always Environment=CONCOURSE_POSTGRES_HOST=127.0.0.1 Environment=CONCOURSE_POSTGRES_USER=concourse Environment=CONCOURSE_POSTGRES_PASSWORD=changeme Environment=CONCOURSE_POSTGRES_DATABASE=concourse Environment=CONCOURSE_EXTERNAL_URL=http://YOUR_DOMAIN_OR_IP:8080 Environment=CONCOURSE_SESSION_SIGNING_KEY=/root/concourse-keys/session_signing_key Environment=CONCOURSE_TSA_HOST_KEY=/root/concourse-keys/host_key Environment=CONCOURSE_TSA_AUTHORIZED_KEYS=/root/concourse-keys/worker_key.pub ExecStart=/usr/local/bin/concourse web [Install] WantedBy=multi-user.target

    Replace YOUR_DOMAIN_OR_IP with your actual IP or domain.

    Then create the worker service:

    sudo nano /etc/systemd/system/concourse-worker.service

    Paste the following:

    [Unit] Description=Concourse CI worker After=concourse-web.service Requires=concourse-web.service [Service] User=root Restart=always Environment=CONCOURSE_WORK_DIR=/opt/concourse/worker Environment=CONCOURSE_TSA_HOST=127.0.0.1:2222 Environment=CONCOURSE_TSA_PUBLIC_KEY=/root/concourse-keys/host_key.pub Environment=CONCOURSE_TSA_WORKER_PRIVATE_KEY=/root/concourse-keys/worker_key ExecStart=/usr/local/bin/concourse worker [Install] WantedBy=multi-user.target

  5. Enable and Start Concourse

    sudo mkdir -p /opt/concourse/worker sudo systemctl daemon-reexec sudo systemctl daemon-reload sudo systemctl enable concourse-web sudo systemctl enable concourse-worker sudo systemctl start concourse-web sudo systemctl start concourse-worker

    Check status:

    sudo systemctl status concourse-web sudo systemctl status concourse-worker

  6. Access Concourse Web Interface

    Visit:

    http://YOUR_DOMAIN_OR_IP:8080

    You’ll see the login prompt.

  7. Use Fly CLI

    Authenticate and target your Concourse instance:

    fly -t main login -c http://YOUR_DOMAIN_OR_IP:8080

    You can now create and upload pipelines.

  8. How to Set Up SSL for Concourse CI on Ubuntu VPS

    What This Guide Covers:
    • Installing Nginx
    • Setting up reverse proxy to Concourse on port 8080
    • Securing with Let’s Encrypt SSL certificate (auto-renewed)

    To set up SSL for Concourse CI on Ubuntu VPS, follow the steps below:

    1. Install Nginx and Certbot

      sudo apt update sudo apt install -y nginx certbot python3-certbot-nginx

    2. Configure DNS (If Using a Domain)

      Ensure your domain (e.g. ci.example.com) is pointed to your server’s IP via A record.

    3. Set Up Nginx Reverse Proxy

      Edit (or create) a new Nginx server block:

      sudo nano /etc/nginx/sites-available/concourse

      Paste the following configuration:

      server { listen 80; server_name ci.example.com; location / { proxy_pass http://localhost:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }

      Enable the site:

      sudo ln -s /etc/nginx/sites-available/concourse /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx

    4. Obtain a Let’s Encrypt SSL Certificate

      Replace ci.example.com with your actual domain name:

      sudo certbot --nginx -d ci.example.com

      Certbot will:

      • Configure HTTPS in your Nginx file
      • Set up an automatic redirect from HTTP to HTTPS
      • Schedule auto-renewals

    5. Verify and Test

      Visit:

      https://ci.example.com

      You should now see the secure Concourse web interface with a valid SSL certificate.

      To check certificate auto-renewal:

      sudo certbot renew --dry-run

    6. Optional: Harden SSL

      Edit your Nginx config for stronger SSL security:

      ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers HIGH:!aNULL:!MD5;

    7. Troubleshooting Tips

      • Port 80 and 443 must be open on your firewall:
        sudo ufw allow 'Nginx Full'
      • If using a VPS provider firewall (like AWS security groups), ensure ports 80/443 are allowed.

    8. 🏁 Done!

      You now have:

      • A production-ready Concourse CI instance
      • Secured with HTTPS
      • Auto-renewing Let’s Encrypt SSL certificates

  9. Optional: Clean Up

    Remove downloaded tar files:

    rm -f concourse-*.tgz fly-*.tgz

✅ Final Notes

  • This is a single-node setup, best for small teams or dev testing
  • For production: separate web/worker nodes, high availability PostgreSQL, and TLS is advised
  • Store secret values using Vault, CredHub, or SSM

Launch 100% ssd ubuntu vps from $2. 49/mo!

Conclusion

You now know how to install Concourse CI on Ubuntu VPS.

Share this:
Avatar of editorial staff

Editorial Staff

Rad Web Hosting is a leading provider of web hosting, Cloud VPS, and Dedicated Servers in Dallas, TX.
lg