Jenkins service unit file for Systemd

jenkins.service

[Unit]
Description=Jenkins
After=network.target
Requires=network.target

[Service]
Type=simple
EnvironmentFile=/etc/sysconfig/jenkins
ExecStart=/usr/bin/java ${JENKINS_JAVA_OPTIONS} -jar /usr/lib/jenkins/jenkins.war --httpPort=${JENKINS_PORT} --httpListenAddress=${JENKINS_LISTEN_ADDRESS} ${JENKINS_ARGS}
Restart=always
User=jenkins
RestartSec=20

[Install]
WantedBy=multi-user.target

@thieryl, it would look like /etc/default/jenkins on Ubuntu, but system does not support variable expansion, so all the variables would have to be removed here.

# defaults for Jenkins automation server

# pulled in from the init script; makes things easier.
NAME=jenkins

# arguments to pass to java

# Allow graphs etc. to work even when an X server is present
JAVA_ARGS="-Djava.awt.headless=true"

#JAVA_ARGS="-Xmx256m"

# make jenkins listen on IPv4 address
#JAVA_ARGS="-Djava.net.preferIPv4Stack=true"

PIDFILE=/var/run/$NAME/$NAME.pid

# user and group to be invoked as (default to jenkins)
JENKINS_USER=$NAME
JENKINS_GROUP=$NAME

# location of the jenkins war file
JENKINS_WAR=/usr/share/$NAME/$NAME.war

# jenkins home location
JENKINS_HOME=/var/lib/$NAME

# set this to false if you don't want Jenkins to run by itself
# in this set up, you are expected to provide a servlet container
# to host jenkins.
RUN_STANDALONE=true

# log location.  this may be a syslog facility.priority
JENKINS_LOG=/var/log/$NAME/$NAME.log
#JENKINS_LOG=daemon.info

# Whether to enable web access logging or not.
# Set to "yes" to enable logging to /var/log/$NAME/access_log
JENKINS_ENABLE_ACCESS_LOG="no"

# OS LIMITS SETUP
#   comment this out to observe /etc/security/limits.conf
#   this is on by default because http://github.com/jenkinsci/jenkins/commit/2fb288474e980d0e7ff9c4a3b768874835a3e92e
#   reported that Ubuntu's PAM configuration doesn't include pam_limits.so, and as a result the # of file
#   descriptors are forced to 1024 regardless of /etc/security/limits.conf
MAXOPENFILES=8192

# set the umask to control permission bits of files that Jenkins creates.
#   027 makes files read-only for group and inaccessible for others, which some security sensitive users
#   might consider benefitial, especially if Jenkins runs in a box that's used for multiple purposes.
#   Beware that 027 permission would interfere with sudo scripts that run on the master (JENKINS-25065.)
#
#   Note also that the particularly sensitive part of $JENKINS_HOME (such as credentials) are always
#   written without 'others' access. So the umask values only affect job configuration, build records,
#   that sort of things.
#
#   If commented out, the value from the OS is inherited,  which is normally 022 (as of Ubuntu 12.04,
#   by default umask comes from pam_umask(8) and /etc/login.defs

# UMASK=027

# port for HTTP connector (default 8080; disable with -1)
HTTP_PORT=8080


# servlet context, important if you want to use apache proxying
PREFIX=/$NAME

# arguments to pass to jenkins.
# --javahome=$JAVA_HOME
# --httpListenAddress=$HTTP_HOST (default 0.0.0.0)
# --httpPort=$HTTP_PORT (default 8080; disable with -1)
# --httpsPort=$HTTP_PORT
# --argumentsRealm.passwd.$ADMIN_USER=[password]
# --argumentsRealm.roles.$ADMIN_USER=admin
# --webroot=~/.jenkins/war
# --prefix=$PREFIX

JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT"

Here's a untested guess at an appropriate translation:

# defaults for Jenkins automation server

# arguments to pass to java

# Allow graphs etc. to work even when an X server is present
JAVA_ARGS="-Djava.awt.headless=true"

#JAVA_ARGS="-Xmx256m"

# make jenkins listen on IPv4 address
#JAVA_ARGS="-Djava.net.preferIPv4Stack=true"

PIDFILE=/var/run/jenkins/jenkins.pid

# user and group to be invoked as (default to jenkins)
JENKINS_USER=jenkins
JENKINS_GROUP=jenkins

# location of the jenkins war file
JENKINS_WAR=/usr/share/jenkins/jenkins.war

# jenkins home location
JENKINS_HOME=/var/lib/jenkins

# set this to false if you don't want Jenkins to run by itself
# in this set up, you are expected to provide a servlet container
# to host jenkins.
RUN_STANDALONE=true

# log location.  this may be a syslog facility.priority
JENKINS_LOG=/var/log/jenkins/jenkins.log
#JENKINS_LOG=daemon.info

# Whether to enable web access logging or not.
# Set to "yes" to enable logging to /var/log/jenkins/access_log
JENKINS_ENABLE_ACCESS_LOG="no"

# OS LIMITS SETUP
#   comment this out to observe /etc/security/limits.conf
#   this is on by default because http://github.com/jenkinsci/jenkins/commit/2fb288474e980d0e7ff9c4a3b768874835a3e92e
#   reported that Ubuntu's PAM configuration doesn't include pam_limits.so, and as a result the # of file
#   descriptors are forced to 1024 regardless of /etc/security/limits.conf
MAXOPENFILES=8192

# set the umask to control permission bits of files that Jenkins creates.
#   027 makes files read-only for group and inaccessible for others, which some security sensitive users
#   might consider benefitial, especially if Jenkins runs in a box that's used for multiple purposes.
#   Beware that 027 permission would interfere with sudo scripts that run on the master (JENKINS-25065.)
#
#   Note also that the particularly sensitive part of $JENKINS_HOME (such as credentials) are always
#   written without 'others' access. So the umask values only affect job configuration, build records,
#   that sort of things.
#
#   If commented out, the value from the OS is inherited,  which is normally 022 (as of Ubuntu 12.04,
#   by default umask comes from pam_umask(8) and /etc/login.defs

# UMASK=027

# servlet context, important if you want to use apache proxying
PREFIX=/jenkins

# arguments to pass to jenkins.
# --javahome=$JAVA_HOME
# --httpListenAddress=$HTTP_HOST (default 0.0.0.0)
# --httpPort=$HTTP_PORT (default 8080; disable with -1)
# --httpsPort=$HTTP_PORT
# --argumentsRealm.passwd.$ADMIN_USER=[password]
# --argumentsRealm.roles.$ADMIN_USER=admin
# --webroot=~/.jenkins/war
# --prefix=$PREFIX

JENKINS_ARGS="--webroot=/var/cache/jenkins/war --httpPort=8080"

And you think I know what was there 5 years ago? Something like this. You're welcome.

JENKINS_LISTEN_ADDRESS="0.0.0.0"
JENKINS_PORT="3000"
JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -Xmx256m" 
JENKINS_ARGS=""

Thank you for the reference !! ... just in case for Jenkins LTS 2.319.2 you can use something like:

/etc/jenkins/jenkins.conf

JENKINS_WAR=/opt/jenkins/jenkins.war

JENKINS_HOME=/opt/jenkins/home

JAVA_ARGS="-Djava.awt.headless=true \
  -Djava.net.preferIPv4Stack=true \
  -XX:+AlwaysPreTouch \
  -XX:+UseG1GC \
  -Xms1024m \
  -Xmx1024m \
  -Xss16m \
  -Xlog:gc*=debug:file=gclog.log:utctime,level,tags:filecount=9,filesize=1M"

JENKINS_ARGS="--httpPort=8080 \
  --logfile=/var/log/jenkins/jenkins.log \
  --useJmx"

/lib/systemd/system/jenkins.service

[Unit]
Description=Jenkins
After=network.target

[Service]
Type=simple
User=jenkins
Group=jenkins
EnvironmentFile=/etc/jenkins/jenkins.conf
ExecStart=/usr/bin/java $JAVA_ARGS -jar $JENKINS_WAR $JENKINS_ARGS
WorkingDirectory=/opt/jenkins/home
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

Ensure you have the jenkins user created with the Jenkins home and logs directory permissions with the Jenkins war downloaded at /opt/jenkins/jenkins.war and just run the command systemctl start jenkins

Tested on Debian 11 Bullseye arm64 and OpenJDK 11 in and AWS m6g.large

Based on:
https://www.jenkins.io/doc/book/managing/system-properties/
https://www.jenkins.io/doc/book/installing/initial-settings/
https://github.com/jenkinsci/winstone#command-line-options

Interesting to see that small piece of config still makes some traction 7 years later.

Interesting to see that small piece of config still makes some traction 7 years later.

Because in all these years the Jenkins project still hasn't shipped systemd(1)-based packages. But that is about to change in jenkinsci/packaging#266.

Buenísimo !! 👍😎

Me ha servido mucho, gracias