Nginx
Jenkins 和 Nginx,只需要監聽 https 埠
我在 AWS EC2 中有 Jenkins 實例。我已經用 port 安裝了 Jenkins
8080
。我有nginx
一個reverse-proxy
.我的
jenkins.mydomain.com.conf
:server { listen 80; server_name jenkins.mydomain.com; server_name_in_redirect on; location /.well-known { root /usr/share/nginx/html/letsencrypt-pig/jenkins.mydomain.com; } location / { rewrite ^ https://$server_name$request_uri? permanent; #proxy_pass http://127.0.0.1:8080; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 443 ssl; server_name jenkins.mydomain.com; # server_name_in_redirect on; access_log /var/log/nginx/ssl-access.log; error_log /var/log/nginx/ssl-error.log; #ssl on; ssl_certificate /etc/letsencrypt/live/jenkins.mydomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/jenkins.mydomain.com/privkey.pem; location /.well-known { root /usr/share/nginx/html/letsencrypt-pig/jenkins.mydomain.com; } location / { proxy_pass http://127.0.0.1:8080; # internal ip # add_header Access-Control-Allow-Origin *; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
一切安好。有用。但是,我不想
80 port
在安全組中打開。所以,當我刪除80 port
從,
security group
我可以看https://jenkins.mydomain.com``Login page
我的 Jenkins
location
塊中有這些行:proxy_set_header X-Forwarded-Host "jenkins.example.com"; proxy_set_header X-Forwarded-Proto "https";
尤其是後者很重要,它告訴 Jenkins 它應該生成
https
URL。有關在 nginx 反向代理後面執行 Jenkins 的更多資訊:https ://wiki.jenkins.io/display/JENKINS/Jenkins+behind+an+NGinX+reverse+proxy