Nginx

上游從上游讀取響應標頭時過早關閉連接

  • April 28, 2015

我在為我的 Jenkins CI 伺服器設置 SSL 時遇到問題。我在 nginx 後面使用 Jenkins 作為反向代理。我的文件中出現這些upstream prematurely closed connection while reading response header from upstream錯誤。jenkins.error.log

2014/09/30 13:01:49 [error] 4875#0: *1 upstream prematurely closed connection while reading response header from upstream, client: <MY IP ADDR>, server: jenkins.<SERVER URL>.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:8080/favicon.ico", host: "jenkins.<SERVER URL>.com"
2014/09/30 13:01:50 [error] 4875#0: *1 upstream prematurely closed connection while reading response header from upstream, client: <MY IP ADDR>, server: jenkins.<SERVER URL>.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "jenkins.<SERVER URL>.com"

詹金斯已啟動並執行。我可以通過連接https://<SERVER IP ADDR>:8080(即使 Chrome 抱怨證書)。不過, nginx 給了我一條502 Bad Gateway官方 url 的消息。

站點可用配置:

upstream jenkins {
   server 127.0.0.1:8080 fail_timeout=0;
}

server {
 listen 80;
 return 301 https://$host$request_uri;
}

server {
 listen 443;
 #listen [::]:443 default ipv6only=on;
 server_name jenkins.<SERVER URL>.com <SERVER IP ADDR>;

 ssl on;
 ssl_certificate /etc/nginx/ssl/jenkins.<SERVER URL>.com.chained.crt;
 ssl_certificate_key /etc/nginx/ssl/<SERVER URL>.com.key;

 access_log /etc/nginx/logs/jenkins.access.log;
 error_log /etc/nginx/logs/jenkins.error.log;

 location / {
   proxy_set_header        Host $host;
   proxy_set_header        X-Real-IP $remote_addr;
   proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header        X-Forwarded-Proto $scheme;
   proxy_redirect          http:// https://;
   proxy_pass              http://jenkins;
 }
}

問題在於詹金斯本身。我們最初為 Jenkins 禁用了 http 埠,只允許使用 https。一旦我們再次允許 http,我們只允許來自 127.0.0.1 的請求,這解決了我們的問題。

tl;dr:啟用 http 埠,只允許通過 127.0.0.1 的請求

引用自:https://serverfault.com/questions/632527