[英]How can I secure Jenkins port 8080 with SSL under apache2 in ubuntu 18.04 Server?
我已经能够成功安装和配置 Apache2 服务器以在 HTTPS 上提供服务。 我一直在让 Jenkins 使用相同的 SSL 证书并在安全端口 443 上运行时遇到问题。这是我的配置,请提供任何帮助,我们将不胜感激。 谢谢你。
我的服务器目前为静态 WordPress 站点提供服务,该站点在 https 端口 80 或 443 上成功启动。我也让 Jenkins 在服务器的路由上成功提供服务,但端口为 8080。
有什么方法可以让 Jenkins 直接在 Apache2 服务器下提供服务,例如 jenkins.server.com/jenkins 而不是 jenkins.server.com:8080?
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName jenkins.server.com
ServerAlias www.jenkins.server.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory /var/www/html>
Options +FollowSymlinks
AllowOverride All
Require all granted
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =jenkins.server.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine on
# SSL certificate and keys. Edit paths to whereever your SSL files are located
SSLCertificateFile /etc/letsencrypt/live/jenkins.server.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/jenkins.server.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ProxyRequests Off
ProxyPreserveHost On
RewriteEngine On
RequestHeader set X-Forwarded-Proto "https"
AllowEncodedSlashes NoDecode
ProxyPass / http://jenkins.server.com:8080 nocanon
ProxyPreserveHost On
RewriteEngine On
RequestHeader set X-Forwarded-Proto "https"
AllowEncodedSlashes NoDecode
ProxyPass / http://jenkins.server.com:8080 nocanon
ProxyPassReverse / http://jenkins.server.com:8080
<Proxy http://jenkins.server.com:8080/*>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
我能够通过修改Apache2在/etc/apache2/sites-available/000-default-le-ssl.conf下生成的名为000-default-le-ssl.conf的文件来解决这个问题这个文件是自动生成的我修改了代理设置。
即使 localhost 不会在浏览器中启动 Jenkins,我也必须维护“localhost”而不是 jenkins.server.com。
这是我的更新和工作文件...
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName jenkins.server.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
ProxyPass /jenkins http://localhost:8080/jenkins nocanon
ProxyPassReverse /jenkins http://localhost:8080/jenkins
ProxyRequests Off
AllowEncodedSlashes NoDecode
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
# Local reverse proxy authorization override
# Most unix distribution deny proxy by default (ie /etc/apache2/mods-enabled/proxy.conf in Ubuntu)
<Proxy http://localhost:8080/jenkins*>
Order deny,allow
Allow from all
</Proxy>
SSLCertificateFile /etc/letsencrypt/live/jenkins.server.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/jenkins.server.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
如何让 Django 在 Ubuntu 18.04 上使用 Apache2 服务 React?
[英]How can I have Django serve React using Apache2 on Ubuntu 18.04?
如何删除安装在Ubuntu apache2服务器上的letsencrypt SSL
[英]How to remove letsencrypt ssl installed on Ubuntu apache2 server
如何获得状态代码 307 而不是 200? 我在 ubuntu 18.04 中使用 apache2
[英]How do I get the status code 307 instead of 200? I am using apache2 in ubuntu 18.04
为什么我不能让 Apache2 mod_dumpio 在 Lucid Lynx Ubuntu 下工作?
[英]Why can't I get Apache2 mod_dumpio working under Lucid Lynx Ubuntu?
服务器监听localhost:8080,Apache仍然可以监听端口80吗?
[英]Server listening to localhost:8080 can Apache still listen to port 80?
我如何让Apache2 httpd使用ubuntu的CA证书进行Apache的出站SSL连接?
[英]How do I have Apache2 httpd use the ubuntu's CA cert for outbound SSL connections from Apache?
如何杀死运行在本地主机端口8080上的Apache / PHP服务器?
[英]How to kill Apache / PHP server running on local host port 8080?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.