Nginx

Jenkins 和 Nginx,只需要監聽 https 埠

  • April 8, 2020

我在 AWS EC2 中有 Jenkins 實例。我已經用 port 安裝了 Jenkins 8080。我有nginx一個reverse-proxy.

我的jenkins.mydomain.com.conf

server {
   listen       80;
   server_name   jenkins.mydomain.com;
   server_name_in_redirect on;

   location /.well-known {
       root /usr/share/nginx/html/letsencrypt-pig/jenkins.mydomain.com;
   }

   location / {
   rewrite        ^ https://$server_name$request_uri? permanent;
   #proxy_pass  http://127.0.0.1:8080;
   proxy_redirect      off;
   proxy_set_header    Host    $host;
   proxy_set_header    X-Real-IP       $remote_addr;
   proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
   }
}

server {
   listen       443 ssl;
   server_name  jenkins.mydomain.com;
#    server_name_in_redirect on;
   access_log      /var/log/nginx/ssl-access.log;
   error_log       /var/log/nginx/ssl-error.log;
   #ssl                  on;
   ssl_certificate     /etc/letsencrypt/live/jenkins.mydomain.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/jenkins.mydomain.com/privkey.pem;

   location /.well-known {
       root /usr/share/nginx/html/letsencrypt-pig/jenkins.mydomain.com;
   }

 location / {
   proxy_pass  http://127.0.0.1:8080; # internal ip
#    add_header Access-Control-Allow-Origin *;
   proxy_redirect      off;
   proxy_set_header    Host    $host;
   proxy_set_header    X-Real-IP       $remote_addr;
   proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
 }
}

一切安好。有用。但是,我不想80 port在安全組中打開。所以,當我刪除80 port 在此處輸入圖像描述

從,security group我可以看https://jenkins.mydomain.com``Login page 在此處輸入圖像描述

但是當我Sign in採取行動時,我有timeout然後 在此處輸入圖像描述

我的 Jenkinslocation塊中有這些行:

proxy_set_header X-Forwarded-Host "jenkins.example.com";
proxy_set_header X-Forwarded-Proto "https";

尤其是後者很重要,它告訴 Jenkins 它應該生成httpsURL。

有關在 nginx 反向代理後面執行 Jenkins 的更多資訊:https ://wiki.jenkins.io/display/JENKINS/Jenkins+behind+an+NGinX+reverse+proxy

引用自:https://serverfault.com/questions/1011470