我使用 nignx 启动并运行了 jenkins,但它不安全,所以我遵循了 digitalOcean 的几个指南这&这使用反向代理和 SSL 来保护 ningx。
现在我无法访问 jenkins - 我有一个在端口 80 上运行的博客,因此不想按照上述指南直接重定向到 jenkins,所以不得不尝试一下。
总体来说不起作用,并且更改了default
文件很多次都没有成功。
我不是这方面的专家,因此向你们寻求帮助!
我的/etc/nginx/sites-available/default
样子是这样的:
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
root /var/www/html
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name MYDOMAIN.com www.MYDOMAIN.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
}
}
server {
listen 443 ssl; # managed by Certbot
server_name jenkins.MYDOMAIN.com;
access_log /var/log/nginx/jenkins.access.log;
error_log /var/log/nginx/jenkins.error.log;
location /jenkins/ {
include /etc/nginx/proxy_params;
proxy_pass http://localhost:8080;
proxy_read_timeout 90s;
# Fix potential "It appears that your reverse proxy set up is broken" error.
proxy_redirect http://localhost:8080 https://jenkins.MYDOMAIN.com;
}
# listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/MYDOMAIN.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/MYDOMAIN.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
}
詹金斯正在运行:
$ ps aux | grep jenkins
jenkins 10876 0.0 0.4 45248 4640 ? Ss 14:45 0:00 /lib/systemd/systemd --user
jenkins 10879 0.0 0.1 143280 1952 ? S 14:45 0:00 (sd-pam)
jenkins 10888 0.0 0.0 18852 196 ? S 14:45 0:00 /usr/bin/daemon --name=jenkins --inherit --env=JENKINS_HOME=/var/lib/jenkins --output=/var/log/jenkins/jenkins.log --pidfile=/var/run/jenkins/jenkins.pid -- /usr/bin/java -Djava.awt.headless=true -jar /usr/share/jenkins/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080 --httpListenAddress=127.0.0.1
jenkins 10889 2.0 23.1 2278700 235076 ? Sl 14:45 0:28 /usr/bin/java -Djava.awt.headless=true -jar /usr/share/jenkins/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080 --httpListenAddress=127.0.0.1
alberto 11067 0.0 0.1 12944 1024 pts/0 S+ 15:08 0:00 grep --color=auto --exclude-dir=.bzr --exclude-dir=CVS --exclude-dir=.git --exclude-dir=.hg --exclude-dir=.svn jenkins
日志:
cat /var/log/nginx/jenkins.error.log
2017/07/31 13:29:49 [error] 9874#9874: *7 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 13:29:58 [error] 9874#9874: *1 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 186.28.102.74, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "www.MYDOMAIN.com"
2017/07/31 13:30:03 [error] 9874#9874: *15 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 13:32:34 [error] 9874#9874: *25 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 186.28.102.74, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "www.MYDOMAIN.com"
2017/07/31 13:37:04 [error] 9924#9924: *1 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 13:37:15 [error] 9924#9924: *3 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 14:07:20 [error] 10299#10299: *14 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: jenkins.MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 14:07:57 [error] 10299#10299: *14 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: jenkins.MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 14:09:43 [error] 10299#10299: *17 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: jenkins.MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
提前致谢!!!