Server Fault Asked by ujjain on November 24, 2021
This is a Docker container with NGINX and Jenkins in the same container, running with supervisord. The Docker container is running behind an ELB in AWS ECS.
NGINX is supposed to forward traffic from http://jenkins to https://jenkins.
What happens is that traffic:
https://jenkins/computer/ –> goes to https ✅
https://jenkins/computer –> goes to http and port 443 ❌
Config:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/;
index index.html index.htm;
client_max_body_size 10M;
server_name jenkins;
ignore_invalid_headers off;
location / {
allow vpnip/32;
deny all;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the "It appears that your reverse proxy set up is broken" error.
proxy_pass http://127.0.0.1:8080;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8080 https://jenkins;
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
if ($http_x_forwarded_proto != "https") {
rewrite ^(.*)$ https://$server_name$1 permanent;
}
}
Output:
https://jenkins/computer
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
302 Found
Date: Tue, 21 Jul 2020 13:35:47 GMT
Location: http://jenkins:443/computer/
Server: nginx
X-Content-Type-Options: nosniff
Content-Length: 0
Connection: keep-alive
What could be the reasons that this happens?
By assuming that you want to redirect http to https. This is what I have as a config:
upstream jenkins {
server jenkins:8080 fail_timeout=10;
}
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name _;
# Add ssl related configs
location / {
client_max_body_size 200M;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http:// https://;
proxy_pass http://jenkins;
}
}
In addition to this, the jenkins config updated with the server https://... url
Jenkins -> Manage Jenkins -> Configure System -> Jenkins Location -> Jenkins URL
Answered by kofemann on November 24, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP