You are here: start » faq » support » linux » jenkins » secure-with-nginx

This tutorial will help you hide your jenkins http page behind VPN

  1. Edit jenkins config /etc/default/jenkins:
    • Change:
      HTTP_PORT=8080

      to 

      HTTP_PORT=8081
HTTP_HOST=127.0.0.1
    • Change:
      JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT"

      to: 

      JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=$HTTP_HOST"
  2. Restart jenkins: 
    service jenkins restart
  3. Install nginx: 
    apt install nginx-light
  4. Create config file /etc/nginx/sites-available/jenkins: 
    upstream app_server {
    server 127.0.0.1:8081 fail_timeout=0;
}

server {
    listen 8080;
    listen [::]:8080 default ipv6only=on;
    server_name <domain>;

    location / {
        # allow VPNs
        allow   <whitelisted ip>;
        allow   <another whitelisted ip>;

        # drop rest of the world
        deny    all;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_redirect off;

        if (!-f $request_filename) {
            proxy_pass http://app_server;
            break;
        }
    }
}
  5. Enable config: 
     ln -s /etc/nginx/sites-available/jenkins /etc/nginx/sites-enabled/jenkins
  6. Restart nginx: 
    service nginx restart
  7. #Profit

If you have any questions regarding this - ask Kamil

faq/support/linux/jenkins/secure-with-nginx.txt · Last modified: 2019/04/10 08:51 by 127.0.0.1
Back to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0