安装jenkins并使用nginx反向代理https

jenkins的docker-compose.yml

version: '2.2'
services:
        jenkins:
                image: jenkinsci/blueocean
                container_name: jenkins
                mem_limit: 2048m
                extra_hosts:
                        - "git服务器:内网地址"
                restart: always
                networks:
                        gitlab:
                environment:
                        - TZ=Asia/Shanghai
                volumes:
                        - /etc/localtime:/etc/localtime:ro
                        - jenkins:/var/jenkins_home
networks:
        gitlab:
                external: true
volumes:
        jenkins:
                external: true

nginx的default.conf

server {
    listen       80;
    listen  [::]:80;
    server_name xxx;

    location / {
        return 301 https://$host$request_uri;
    }

  
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}

server {
    listen 443 ssl http2;
    server_name xxx;
    ssl_certificate certs/xxx.pem;
    ssl_certificate_key certs/xxx.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;  #使用此加密套件。
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;   #使用该协议进行配置。
    ssl_prefer_server_ciphers on;


    location / {
        proxy_pass http://jenkins:8080; ## nginx的docker-compose.yml和jenkins放在一个网络
        aio threads;
        proxy_set_header  Host $host;
        proxy_set_header  X-Real-IP $remote_addr;
        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_redirect off;
        proxy_connect_timeout  600;
        proxy_read_timeout 600;
        proxy_send_timeout 600;
        proxy_buffers    8 512k;
        proxy_buffer_size 512k;
        client_max_body_size  2048M;
        client_body_buffer_size 256K;
    }
}

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注