在 Apache 后面设置 jenkins CI

tag-icon tag-icon apache-2.2 ubuntu jenkins
在 Apache 后面设置 jenkins CI

我正在尝试在 apache2 后面设置 jenkins(使用包管理器全新安装)使用的操作系统:ubuntu 12.04 LTS

实际上,我正在为这个 Apache 设置几个服务。首先是artifactory。这是我的站点文件

<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot "/var/www"
ServerName aDomain.com
ErrorLog "/path/to/artifactoryVirtualHost.log"
ProxyRequests off
ProxyPass /artifactory http://127.0.0.1:8081/artifactory
ProxyPassReverse /artifactory http://127.0.0.1:8081/artifactory
ProxyPreserveHost on 
</VirtualHost>

当我访问 aDomain.com/artifactory 时,它按预期工作,它将我重定向到嵌入在artifactory 中的 tomcat。

这是我的詹金斯网站文件

<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot "/var/www"
ServerName aDomain.com
ErrorLog "/path/to/jenkinsVirtualHost.log"
ProxyRequests off
ProxyPass /jenkins ajp://127.0.0.1:8102/jenkins
ProxyPassReverse /jenkins ajp://127.0.0.1:8102/jenkins
ProxyPreserveHost on
</VirtualHost>

注意这里的区别,我在这里使用 AJP 连接器,因为 jenkins 允许它不需要太多配置。此外,jenkins 在我的 /etc/default/jenkins 文件中需要更多配置

JENKINS_ARGS="--webroot=$JENKINS_RUN/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --preferredClassLoader=java.net.URLClassLoader **--prefix=/jenkins**
 HTTP_PORT -1
 AJP_PORT : 8102

我禁用了 http,因为我希望我的用户通过 Apache,我还添加了前缀 jenkins,如 jenkins 手册中所述。不幸的是,我做错了,因为当我访问 aDomain.com/jenkins 时,Apache 给我提供了一个 404,这让我很伤心。

更多信息:我正在虚拟机上进行测试,我正在使用:

Linux 主机名 3.5.0-23-generic #35~precise1-Ubuntu SMP 2013 年 1 月 25 日星期五 17:13:26 UTC x86_64 x86_64 x86_64 GNU/Linux

服务器版本:Apache/2.2.22(Ubuntu)

Jenkins 版本 1.509.2

我也在 Apache2 上加载了这些

sudo a2enmode proxy
sudo a2enmode proxy_http
sudo a2enmode proxy_ajp

编辑:我忘了告诉你我的 httpd.conf 是一个空文件,谢谢你的时间

答案1

这是 centos 6 中反向代理 apache2 背后的工作配置,它也可以执行 ssl/tls 卸载:

<VirtualHost *:443>
    ServerName  jenkins.domain.tld
    ServerAdmin webmaster@localhost

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel info

    CustomLog /var/log/httpd/jenkins.access.log combined
    ErrorLog /var/log/httpd/jenkins.error.log

    SSLEngine on
    SSLProxyEngine On

    # List the enable protocol levels with which clients will be able to
    # connect. 
    SSLProtocol All -SSLv2 -SSLv3

    SSLHonorCipherOrder On

    # List the ciphers that the client is permitted to negotiate.
    # See the mod_ssl documentation for a complete list.
    SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 


    SSLCertificateFile    /etc/pki/tls/certs/file.cer
    SSLCertificateChainFile /etc/pki/tls/certs/chain.cer
    SSLCertificateKeyFile /etc/pki/tls/private/file.key

    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
       Order deny,allow
       Allow from all
    </Proxy>

    ProxyPass / http://internal.domain.tld:8070/ retry=5 nocanon
    ProxyPassReverse / http://internal.domain.tld:8070/
    AllowEncodedSlashes On

   Header edit Location ^http://(.*)$ https://$1

</VirtualHost>

答案2

ProxyPassReverse使用 AJP 代理请求到后端时不需要该指令。

如果您需要将多个应用程序代理到、或任何其他容器,只需使用ProxyPass或。ProxyPassMatchtomcatjboss

<VirtualHost *:80>
  ServerAdmin [email protected]
  DocumentRoot "/var/www"
  ServerName aDomain.com
  ErrorLog "/path/to/jenkinsVirtualHost.log"
  ProxyRequests off
  ProxyPass /jenkins ajp://127.0.0.1:8102/jenkins
  #ProxyPassMatch ^/(alfresco|jenkins|nexus)(.*) ajp://localhost:8102/$1$2
  ProxyPreserveHost on
</VirtualHost>

相关内容