Environment:
Jenkins: v2.155Nginx: v1.14.1
Assuming you already have Nginx and Jenkins installed and running. If you don't, I will put up some other posts for how to install Nginx and Jenkins.
By default, you Jenkins process is running on port 8080, you probably access it via a DNS name, such as:
http://jenkins.lixu.ca:8080
or
https://jenkins.lixu.ca:8080
This blog will help you configure Jenkins behind both http and https protocols. At the end, you should be able to access your Jenkins server via:
http://jenkins.lixu.ca
and
https://jenkins.lixu.ca
Prepare SSL Certificates for HTTPS
If you doing HTTPS as well, assume you already have the certificate (could be a self-signed cert). If you don't have it yet, you can check out my other blog Creating and Signing Your Certs.Define upstream for both HTTP and HTTPS proxy_pass
Define a "upstream". An "upstream" could be one or more servers that can be referenced by "proxy_pass" later, this could save you define each servers later for HTTP and HTTPS separately.
upstream jenkins { server 127.0.0.1:8080 fail_timeout=0; }
Note: You need to put define this upstream in the "http{}" block in your "nginx.conf".
Update Your Nginx HTTP Config:
You need to update the "server_name" and "location" definitions. For example:
server { upstream jenkins { server 127.0.0.1:8080 fail_timeout=0; } listen 80; server_name jenkins.lixu.ca; location / { proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
# Fix the "It appears that your reverse proxy set up is broken" error. proxy_pass http://jenkins; proxy_read_timeout 90; # Required for new HTTP-based CLI proxy_http_version 1.1; proxy_request_buffering off; # workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651 add_header 'X-SSH-Endpoint' 'jenkins.lixu.ca:50022' always; } }Restart you Nginx process, once it comes back up, you should be able to access your Jenkins UI through: http://jenkins.lixu.ca
Update Your Nginx HTTPs
Config Similar to HTTP, update "server_name" and "location" definition:
server { listen 443 ssl; server_name jenkins.lixu.ca; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; location / { proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect http:// https://; proxy_pass http://jenkins; # Required for new HTTP-based CLI proxy_http_version 1.1; proxy_request_buffering off; proxy_buffering off; # Required for HTTP-based CLI to work over SSL # workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651 add_header 'X-SSH-Endpoint' 'jenkins.lixu.ca:50022' always; } }Restart you Nginx process, once it comes back up, you should be able to access your Jenkins UI through: https://jenkins.lixu.ca
No comments:
Post a Comment