Menu
I've tried at least a half a donzen examples on how to get NGINX working with Jenkins. My most recent NGINX configuration is based on the following example:
https://wiki.jenkins.io/display/JENKINS/Running+Jenkins+behind+Nginx
No mater what I try, Jenkins keeps saying It appears that your reverse proxy set up is broken. I'm hoping someone can spot what is wrong as I have spent hours trying to solve this to no avail.
Thanks!
upstream cicd {
keepalive 32;
server 127.0.0.1:8080;
}
server {
listen 443 ssl;
listen [::]:443 ssl ipv6only=on;
server_name cicd.domain.com;
root /var/run/jenkins/war/;
access_log /var/log/nginx/jenkins/access.log;
error_log /var/log/nginx/jenkins/error.log;
ssl_certificate /etc/letsencrypt/live/cicd.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/cicd.domain.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
#static files
location ~ "^/static/[0-9a-fA-F]{8}\/(.*)$" {
rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;
}
#user content
location /userContent {
root /var/lib/jenkins/;
if (!-f $request_filename){
rewrite (.*) /$1 last;
break;
}
sendfile on;
}
#cicd
location @cicd {
sendfile off;
proxy_pass http://cicd;
proxy_redirect http://localhost:8080 https://cicd.domain.com;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffering off;
proxy_request_buffering off;
proxy_set_header Connection "";
}
#optional
location / {
if ($http_user_agent ~* '(iPhone|iPod)') {
rewrite ^/$ /view/iphone/ redirect;
}
try_files $uri @cicd;
}
}
304
A 'reverse proxy' allows an alternate HTTP or HTTPS provider to communicate with web browsers on behalf of Jenkins. The alternate provider may offer additional capabilities, like SSL encryption. The alternate provider may offload some work from Jenkins, like delivering static images.
You can configure the proxy server that Jenkins will use by going to Manage Jenkins > Manage Plugins > Advanced. This is preferred over setting JVM properties. If the proxy server requires authentication, enter the name of the user here. If the proxy server requires authentication, enter the password here.
In order to allow controllers to configure their proxy compatibility settings you should go on the operations center to Manage Jenkins > Configure Global Security > Client controller Security > Policy and uncheck Enforce Cross Site Request Forgery exploits prevention settings .
This is not a NGINX problem.
Inside Jenkins you need to configure the Jenkins URL. If it is not set correctly you will get the error you observed.
Check Jenkins -> Manage Jenkins -> Configure System => Jenkins URL.
61
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
