How to setup NGINX proxy for Jenkins? - nginx

I have the current jenkins configuration:
server {
listen 80;
listen [::]:80;
server_name server_name mysubdomain.maindomain.com;
# This is the jenkins web root directory (mentioned in the /etc/default/jenkins file)
root /var/run/jenkins/war/;
access_log /var/log/nginx/jenkins/access.log;
error_log /var/log/nginx/jenkins/error.log;
#pass through headers from Jenkins which are considered invalid by Nginx server.
ignore_invalid_headers off;
location ~ "^/static/[0-9a-fA-F]{8}\/(.*)$" {
# rewrite all static files into requests to the root
# e.g /static/12345678/css/something.css will become /css/something.css
rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;
}
location /userContent {
#have nginx handle all the static requests to the userContent folder files
#note : This is the $JENKINS_HOME dir
root /var/lib/jenkins/;
if (!-f $request_filename){
#this file does not exist, might be a directory or a /**view** url
rewrite (.*) /$1 last;
break;
}
sendfile on;
}
location #jenkins {
sendfile off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_pass http://127.0.0.1:2021;
}
location / {
# try_files $uri $uri/ =404;
try_files $uri #jenkins;
}
}
which is essentially a copy of this jenkins configuration and my current /etc/default/jenkins file:
NAME=jenkins
# location of java
JAVA=/usr/bin/java
JAVA_ARGS="-Djava.awt.headless=true"
# make jenkins listen on IPv4 address
JAVA_ARGS="-Djava.net.preferIPv4Stack=true"
PIDFILE=/var/run/$NAME/$NAME.pid
JENKINS_USER=$NAME
JENKINS_GROUP=$NAME
JENKINS_WAR=/usr/share/$NAME/$NAME.war
JENKINS_HOME=/var/lib/$NAME
RUN_STANDALONE=true
JENKINS_LOG=/var/log/$NAME/$NAME.log
MAXOPENFILES=8192
HTTP_PORT=2021
HTTP_HOST=127.0.0.1
# servlet context, important if you want to use apache proxying
PREFIX=/$NAME
JENKINS_ARGS="--webroot=/var/cache/$NAME/war --prefix=$PREFIX --httpListenAddress=$HTTP_HOST --httpPort=$HTTP_PORT"
a simple curl requests shows a response of Jenkins running:
$ curl http://localhost:2021/jenkins/
<html><head><meta http-equiv='refresh' content='1;url=/jenkins/login?from=%2Fjenkins%2F'/><script>window.location.replace('/jenkins/login?from=%2Fjenkins%2F');</script></head><body style='background-color:white; color:white;'>
Authentication required
<!--
You are authenticated as: anonymous
Groups that you are in:
Permission you need to have (but didn't): hudson.model.Hudson.Administer
-->
</body></html>
However I am unable to acess the Web UI from the browser. whenever I try to I get a 404. The following are the reevant versions of installed 'wares:
Nginx - 1.13.6
Jenkins - 2.73.2 (using java -jar path-to-warfile --version)
OS - ubuntu 16.04
JDK - openjdk version "1.8.0_131"

An inspection of sudo nginx -T revealed that my site config wasn't being loaded. After correcting the error in my nginx.conf (spelling error in the include directive for the directory), this resolved the issue.
Thanks to SmokedCheese on IRC for his/her help with this issue.

Related

When accessing to the path as backend from the path as frontend, wish redirecting using Nginx to show wordpress page by frontend path

Those are the environment.
■Frontend
Server: Vercel
■Backend
Server: EC2
Middle: Nginx
note: wordpress is constructed in EC2
What I want is
① Accessing to https://example2.jp/hoge which is backend
② Redirecting to https://example.jp/hoge which is frontend to use Nginx showing wordpress page
I tried rewrite to achieve, but it couldn't work at all.
server {
listen 80;
server_name example2.jp;
root /var/www/example2/current/public;
location / {
proxy_pass http://example2;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
}
location /hoge/ {
root /var/www/html;
index index.php;
try_files $uri $uri/ /hoge/index.php?$args;
expires 7d;
rewrite ^ $scheme://example.jp/hoge/ permanent;
}
}
Could you give me tips?

Gitlab and NGINX setup

I am trying to configure an existing NGINX to work with Gitlab omnibus on CentOS. I currently have another application (App A) installed that uses 127.0.0.1:3838. So far I have NGINX setup so that going to my site IP 12.345.678.910, I am able to redirect to App A. I would like to setup Gitlab so that when I go to 12.345.678.910/gitlab, it redirects me to Gitlab. The idea is to run Gitlab on http://127.0.0.1:8081, and have NGINX redirect 12.345.678.910/gitlab to localhost:8081.
I've followed these links for help:
https://docs.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server.
Forwarding to GitLab Subdomain with Existing Nginx Installation
Edited /etc/gitlab/gitlab.rb
external_url = 'http://127.0.0.1:8081'
nginx['enable'] = false
web_server['external_users'] = ['nginx']
New config file /etc/nginx/sites-enabled/gitlab
upstream gitlab-workhorse {
server unix:/var/opt/gitlab/gitlab-workhorse/socket;
}
server {
listen 0.0.0.0:8081;
listen [::]:8081;
server_name localhost;
server_tokens off;
root /opt/gitlab/embedded/service/gitlab-rails/public;
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
client_max_body_size 0;
gzip off;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
}
}
Added to /etc/nginx/conf.d/default.conf:
server {
listen 80 default_server;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
location /gitlab {
proxy_pass http://127.0.0.1:8081;
}
I've added 'nginx' to gitlab-www group. Ran the nginx restart and gitlab reconfigure commands.
sudo usermod -aG gitlab-www nginx
sudo service nginx restart
sudo gitlab-ctl reconfigure && gitlab-ctl restart
I installed Passenger per comment in the link above, but that didn't solve the issue. So when I go to 12.345.678.910/gitlab I get a Page Not Found error.
I am still new to all this and any help would be appreciated.

Why is nginx complaining of an unknown directive?

I'm trying to direct all HTTP requests resembling /<uuid4> to a specific HTTP server running on the localhost. Below is the relevant location line in my nginx.conf:
# nginx.conf
upstream django {
server unix:///app/django.sock; # for a file socket
}
server {
access_log /var/log/access.log;
error_log /var/log/error.log;
listen 80;
server_name 127.0.0.1;
charset utf-8;
client_max_body_size 75M;
# Django media
location /media {
alias /app/media;
}
location /static {
alias /app/static;
}
location ~* "[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}$" { # matches UUIDv4
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass localhost:8000;
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include /app/conf/uwsgi_params;
}
}
When starting nginx, I get the following error: nginx: [emerg] unknown directive "8}-([0-9a-f]" in /etc/nginx/sites-enabled/nginx.conf:30
What gives?
Actually you have another error. I've checked your server block and got following:
$ sudo nginx -t
nginx: [emerg] invalid URL prefix in /etc/nginx/sites-enabled/test:23
nginx: configuration file /etc/nginx/nginx.conf test failed
This is error about missing protocol in proxy_pass localhost:8000; line. After fixing it to proxy_pass http://localhost:8000; configs test passed.
Probably you're looking into old (or wrong) error log.

Why is Nginx routing all traffic to one subdomain?

I am new to nginx. I am trying to install GitLabs alongside an existing php project which is currently being served by Apache on port 80. My plan is to get them both working side by side on port 90 and then turn off Apache, switching both projects to Nginx on port 80.
Okay. The problem is that both subdomains are being captured by the server for my php project which should only be served to requests for db.mydomain.com. For the php project I have a file called: ccdb symlinked into /etc/nginx/sites-enabled. It contains:
server {
server_name db.mydomain.com;
listen 90; ## listen for ipv4; this line is default and implied
#listen [::]:80 default ipv6only=on; ## listen for ipv6
root /var/www/ccdb;
index index.html index.htm index.php;
}
However, for some reason, traffic to git.mydomain.com is being serverd from /var/www/ccdb even though I have another file symlinked alongside that one called gitlab with this content:
# GITLAB
# Maintainer: #randx
# App Version: 5.0
upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket;
}
server {
listen 90; # e.g., listen 192.168.1.1:80; In most cases *:80 is a good idea
server_name git.mydomain.com; # e.g., server_name source.example.com;
server_tokens off; # don't show the version number, a security best practice
root /home/git/gitlab/public;
# individual nginx logs for this gitlab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
# serve static files from defined root folder;.
# #gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html #gitlab;
}
# if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab unicorn)
location #gitlab {
proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitlab;
}
}
NOTE: I am accessing the two domains from an OSX machine on the same local network which has entries in it's /etc/hosts file like so:
192.168.1.100 db.mydomain.com
192.168.1.100 git.mydomain.com
Try to use:
server_name git.mydomain.com:90;
... and:
server_name db.mydomain.com:90;

Gitlab clone over http fails to authenticate from external network

I have Gitlab 5.2 + Nginx installed on a local machine in my university. Clone over http works for machines that are within the internal network, but trying to clone from a machine on an external network results in an "fatal: Authentication failed" message, even though the exact same credentials are supplied. (I use the same credentials as the ones I use to log in to Gitlab via the web interface)
The Gitlab web interface is accessible from external networks. It is only the clone over http that fails (clone over ssh is not possible because port 22 is blocked)
Here are some lines from the relevant configuration files:
from config/gitlab.yml
host: mydomain
port: 80
https: false
Here are the relevant lines from the ngnix config file
server {
listen *:80 default_server; # In most cases *:80 is a good idea
server_name mydomain; # e.g., server_name source.example.com;
root /home/git/gitlab/public;
# individual nginx logs for this gitlab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
# serve static files from defined root folder;.
# #gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html #gitlab;
}
# if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab unicorn)
location #gitlab {
proxy_read_timeout 2000; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 2000; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitlab;
}
}
Note: I have added this line to /etc/hosts: 127.0.0.1 mydomain but it doesn't really help. (based on https://github.com/gitlabhq/gitlabhq/issues/3483#issuecomment-15783597)
Any ideas on what the issue might be/how I might debug this?
I believe this is fixed in 5.3, so try updating. See:
https://github.com/gitlabhq/gitlabhq/blob/master/CHANGELOG#L41
https://github.com/gitlabhq/gitlabhq/blob/master/config/gitlab.yml.example#L151

Resources