Nginx
上游從上游讀取響應標頭時過早關閉連接
我在為我的 Jenkins CI 伺服器設置 SSL 時遇到問題。我在 nginx 後面使用 Jenkins 作為反向代理。我的文件中出現這些
upstream prematurely closed connection while reading response header from upstream
錯誤。jenkins.error.log
2014/09/30 13:01:49 [error] 4875#0: *1 upstream prematurely closed connection while reading response header from upstream, client: <MY IP ADDR>, server: jenkins.<SERVER URL>.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:8080/favicon.ico", host: "jenkins.<SERVER URL>.com" 2014/09/30 13:01:50 [error] 4875#0: *1 upstream prematurely closed connection while reading response header from upstream, client: <MY IP ADDR>, server: jenkins.<SERVER URL>.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "jenkins.<SERVER URL>.com"
詹金斯已啟動並執行。我可以通過連接
https://<SERVER IP ADDR>:8080
(即使 Chrome 抱怨證書)。不過, nginx 給了我一條502 Bad Gateway
官方 url 的消息。站點可用配置:
upstream jenkins { server 127.0.0.1:8080 fail_timeout=0; } server { listen 80; return 301 https://$host$request_uri; } server { listen 443; #listen [::]:443 default ipv6only=on; server_name jenkins.<SERVER URL>.com <SERVER IP ADDR>; ssl on; ssl_certificate /etc/nginx/ssl/jenkins.<SERVER URL>.com.chained.crt; ssl_certificate_key /etc/nginx/ssl/<SERVER URL>.com.key; access_log /etc/nginx/logs/jenkins.access.log; error_log /etc/nginx/logs/jenkins.error.log; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect http:// https://; proxy_pass http://jenkins; } }
問題在於詹金斯本身。我們最初為 Jenkins 禁用了 http 埠,只允許使用 https。一旦我們再次允許 http,我們只允許來自 127.0.0.1 的請求,這解決了我們的問題。
tl;dr:啟用 http 埠,只允許通過 127.0.0.1 的請求