我在 AWS EC2 中有 Jenkins 实例。我已经安装了 Jenkins 端口8080。并且我有。 我nginx的:reverse-proxyjenkins.mydomain.com.conf
server {
listen 80;
server_name jenkins.mydomain.com;
server_name_in_redirect on;
location /.well-known {
root /usr/share/nginx/html/letsencrypt-pig/jenkins.mydomain.com;
}
location / {
rewrite ^ https://$server_name$request_uri? permanent;
#proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 443 ssl;
server_name jenkins.mydomain.com;
# server_name_in_redirect on;
access_log /var/log/nginx/ssl-access.log;
error_log /var/log/nginx/ssl-error.log;
#ssl on;
ssl_certificate /etc/letsencrypt/live/jenkins.mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/jenkins.mydomain.com/privkey.pem;
location /.well-known {
root /usr/share/nginx/html/letsencrypt-pig/jenkins.mydomain.com;
}
location / {
proxy_pass http://127.0.0.1:8080; # internal ip
# add_header Access-Control-Allow-Origin *;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
一切都很好。它工作正常。但是,我不想80 port在安全组中打开。因此,当我删除80 port
从security group,我可以https://jenkins.mydomain.com看看Login page
但当我采取Sign in行动时,我有timeout然后
答案1
我的詹金斯location块中有以下几行:
proxy_set_header X-Forwarded-Host "jenkins.example.com";
proxy_set_header X-Forwarded-Proto "https";
尤其是后者非常重要,它告诉 Jenkins 它应该生成httpsURL。
有关在 nginx 反向代理后运行 Jenkins 的更多信息:https://wiki.jenkins.io/display/JENKINS/Jenkins+behind+an+NGinX+reverse+proxy