[英]How can I secure Jenkins port 8080 with SSL under apache2 in ubuntu 18.04 Server?
我已經能夠成功安裝和配置 Apache2 服務器以在 HTTPS 上提供服務。 我一直在讓 Jenkins 使用相同的 SSL 證書並在安全端口 443 上運行時遇到問題。這是我的配置,請提供任何幫助,我們將不勝感激。 謝謝你。
我的服務器目前為靜態 WordPress 站點提供服務,該站點在 https 端口 80 或 443 上成功啟動。我也讓 Jenkins 在服務器的路由上成功提供服務,但端口為 8080。
有什么方法可以讓 Jenkins 直接在 Apache2 服務器下提供服務,例如 jenkins.server.com/jenkins 而不是 jenkins.server.com:8080?
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName jenkins.server.com
ServerAlias www.jenkins.server.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory /var/www/html>
Options +FollowSymlinks
AllowOverride All
Require all granted
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =jenkins.server.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine on
# SSL certificate and keys. Edit paths to whereever your SSL files are located
SSLCertificateFile /etc/letsencrypt/live/jenkins.server.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/jenkins.server.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ProxyRequests Off
ProxyPreserveHost On
RewriteEngine On
RequestHeader set X-Forwarded-Proto "https"
AllowEncodedSlashes NoDecode
ProxyPass / http://jenkins.server.com:8080 nocanon
ProxyPreserveHost On
RewriteEngine On
RequestHeader set X-Forwarded-Proto "https"
AllowEncodedSlashes NoDecode
ProxyPass / http://jenkins.server.com:8080 nocanon
ProxyPassReverse / http://jenkins.server.com:8080
<Proxy http://jenkins.server.com:8080/*>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
我能夠通過修改Apache2在/etc/apache2/sites-available/000-default-le-ssl.conf下生成的名為000-default-le-ssl.conf的文件來解決這個問題這個文件是自動生成的我修改了代理設置。
即使 localhost 不會在瀏覽器中啟動 Jenkins,我也必須維護“localhost”而不是 jenkins.server.com。
這是我的更新和工作文件...
<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName jenkins.server.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
ProxyPass /jenkins http://localhost:8080/jenkins nocanon
ProxyPassReverse /jenkins http://localhost:8080/jenkins
ProxyRequests Off
AllowEncodedSlashes NoDecode
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
# Local reverse proxy authorization override
# Most unix distribution deny proxy by default (ie /etc/apache2/mods-enabled/proxy.conf in Ubuntu)
<Proxy http://localhost:8080/jenkins*>
Order deny,allow
Allow from all
</Proxy>
SSLCertificateFile /etc/letsencrypt/live/jenkins.server.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/jenkins.server.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
如何讓 Django 在 Ubuntu 18.04 上使用 Apache2 服務 React?
[英]How can I have Django serve React using Apache2 on Ubuntu 18.04?
如何刪除安裝在Ubuntu apache2服務器上的letsencrypt SSL
[英]How to remove letsencrypt ssl installed on Ubuntu apache2 server
如何獲得狀態代碼 307 而不是 200? 我在 ubuntu 18.04 中使用 apache2
[英]How do I get the status code 307 instead of 200? I am using apache2 in ubuntu 18.04
為什么我不能讓 Apache2 mod_dumpio 在 Lucid Lynx Ubuntu 下工作?
[英]Why can't I get Apache2 mod_dumpio working under Lucid Lynx Ubuntu?
服務器監聽localhost:8080,Apache仍然可以監聽端口80嗎?
[英]Server listening to localhost:8080 can Apache still listen to port 80?
我如何讓Apache2 httpd使用ubuntu的CA證書進行Apache的出站SSL連接?
[英]How do I have Apache2 httpd use the ubuntu's CA cert for outbound SSL connections from Apache?
如何殺死運行在本地主機端口8080上的Apache / PHP服務器?
[英]How to kill Apache / PHP server running on local host port 8080?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.