Application of more open ports are mostly deployed on the cloud server, for security reasons, shut down the server port 8080
Jenkins modify access method, by Nginx reverse proxy access through port 80 Jenkins
Nginx modify configuration files
sudo vim /etc/nginx/sites-available/mysite.conf
Modify the results
upstream jenkins_server {
server 127.0.0.1:8080;
}
server {
listen 80;
server_name www.sitven.cn; # 名称
charset utf-8; # 格式
client_max_body_size 75M;
location /jenkins/ { # jenkins访问路径
proxy_http_version 1.1; ## For websocket
proxy_set_header Upgrade $http_upgrade; ## For websocket
proxy_set_header Connection "upgrade"; ## For websocket
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_pass http://jenkins_server;
}
}
Other configuration is not modified, continue to be used to configure the project blog
Note: nginx reverse proxy to achieve the increased demand ngx_http_proxy_module
module, which proxy_set_header
instruction is required to read the module configuration file
Host meaning that the request is the host name, as used nginx as a reverse proxy, and if provided with a back-end server is really anti-theft chain or the like, or to route determining function according to the http request of the host field of the header, then, if the reverse nginx agent layer is not overwritten host request header field will cause the default request failure [reverse proxy server sends a request to the real server back-end, and requests the host header field should be proxy_pass
the server set command]
X_Forward_For
Field indicates that the article http request is initiated by who? If the reverse proxy server does not rewrite the request header, then the real back-end server when processing would think that all requests to the reverse proxy server, if there is back-end attack defense policy, then the machine will be sealing of . Thus, in the configuration as a reverse proxy Nginx generally increases in two configurations, modify the http request header:
proxy_set_header Host $http_host;
proxy_set_header X-Forward-For $remote_addr;
Here $http_host
and $remote_addr
are Nginx derived variables, you can configure file directly. If the Host request header is not present in the request header, the $http_host
value is null, but the $host
value of the primary domain. Thus, in general, will be replaced by the $ host $http_host
variable, so as to avoid the loss of the case http request header Host Host not be rewritten mistakes
Jenkins modify configuration files
In ubuntu system, located /etc/default/jenkins
in the JENKINS_ARGS
additional inprefix
vim /etc/default/jenkins
# 追加
--prefix=/jenkins
# 追加结果
JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --prefix=/jenkins"
Inspection Nginx configuration file is correct
sudo nginx -t
Jenkins and restart Nginx
sudo service nginx restart # 重启Nginx
sudo service jenkins restart # 重启Jenkins
Access Jenkins
Modify the configuration jenkins
Jenkins modify system management - System Settings -Jenkins Location-Jnekins URL, otherwise it will prompt a reverse proxy configuration error
Close to enter the cloud service console port 8080 inbound rule