By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Cloudbooklet Logo
  • Artificial Intelligence
  • Applications
  • Linux
Notification

Free AI Image Generator

Submit Tool
AI Tools
Cloudbooklet AICloudbooklet AI
Search
AI Tools
Submit Tool
  • Artificial Intelligence
  • Applications
  • Google Cloud
  • Compute Engine
  • Linux

Top Articles

Explore the latest updated articles about AI and technology!
Gemini Ai

Google Gemini AI Launch: The Game-Changing Technology Explained

Gemini Ai

How to Login and Use Google Gemini AI Right now in Bard

Discord Layout

How to Change Discord Layout Back -New update

Follow US
  • About
  • Contact
  • Disclaimer
  • Privacy Policy
Cloudbooklet © 2023 All rights reserved.

Home » Google Cloud » How to Setup Jenkins with SSL with Nginx Reverse Proxy on Ubuntu 18.04

Google CloudCompute Engine

How to Setup Jenkins with SSL with Nginx Reverse Proxy on Ubuntu 18.04

Last updated: 2020/01/31 at 10:28 AM
By Cloudbooklet
How To Setup Jenkins With Ssl With Nginx Reverse Proxy On Ubuntu 18.04
SHARE
Readers like you help support Cloudbooklet. When you make a purchase using links on our site, we may earn an affiliate commission.

How to Setup Jenkins with SSL with Nginx Reverse Proxy on Ubuntu 18.04. By default Jenkins listens on port 8080 with it’s in-built web server. But it is necessary to secure Jenkins with SSL for protecting the sensitive data.

In this tutorial you are going to learn how to setup Nginx as a reverse proxy to Jenkins on Ubuntu 18.04 on Google Cloud.

Table of Contents
PrerequisitesInstall NginxSetup FirewallConfigure Nginx for JenkinsConfigure Jenkins for NginxInstall Free Let’s Encrypt SSL CertificateConfigure SSLRenewing SSL CertificateConclusion

This setup is tested on Google Cloud and it will run the same on any Linux distributions.

Prerequisites

  • A running Compute Engine, see the Setting up Compute Engine Instance with Ubuntu 18.04
  • Initial Ubuntu Server Set up.
  • Jenkins installed with the steps listed on How to install Jenkins on Ubuntu 18.04
  • DNS setup with the steps listed in Setting up Google Cloud DNS for your domain

Install Nginx

Install Nginx with the following command.

sudo apt install nginx

This command will install Nginx on your VM instance.

Setup Firewall

Once Nginx is installed you can configure firewall, Nginx registers itself with ufw. So, you can allow the necessary ports and enable ufw.

sudo ufw allow OpenSSH
sudo ufw allow 'Nginx Full'

Make sure you have added rules for SSH port 22, if you haven’t done this you cannot access the SSH. Once you have verified you can enable UFW.

sudo ufw enable

Configure Nginx for Jenkins

Now it’s time to configure Nginx as a reverse proxy for Jenkins on a subdomain.

Remove the default Nginx configuration.

sudo rm -rf /etc/nginx/sites-available/default
sudo rm -rf /etc/nginx/sites-enabled/default

Create a new configuration for Jenkins

sudo nano /etc/nginx/sites-available/jenkins.yourdomainname.com

Configuration for Jenkins on Subdomain

 server {
    listen [::]:80;
    listen 80;

    server_name jenkins.yourdomainname.com;

    location / {
        proxy_set_header        Host $host:$server_port;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        proxy_pass          http://127.0.0.1:8080;
        proxy_read_timeout  90;

        proxy_redirect      http://127.0.0.1:8080 https://jenkins.yourdomainname.com;

        proxy_http_version 1.1;
        proxy_request_buffering off;
        add_header 'X-SSH-Endpoint' 'jenkins.yourdomainname.com:50022' always;
    } 
}

Paste this new configuration setting and hit Ctrl+X followed by Y to save the file.

Configuration for Jenkins on Sub-directory

Paste this new configuration setting and hit Ctrl+X followed by Y to save the file.

 server {
    listen [::]:80;
    listen 80;

    server_name yourdomainname.com;

    location ^~ /jenkins/ {
        proxy_pass http://127.0.0.1:8080/jenkins/;
        sendfile off;

        proxy_set_header   Host             $host:$server_port;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_max_temp_file_size 0;

        client_max_body_size       10m;
        client_body_buffer_size    128k;

        proxy_connect_timeout      90;
        proxy_send_timeout         90;
        proxy_read_timeout         90;
        proxy_temp_file_write_size 64k;

        proxy_http_version 1.1;
        proxy_request_buffering off;
        proxy_buffering off;
    } 
}

Hit Ctrl + X followed by Y and Enter to save and exit the file.

Enable the configuration.

sudo ln -s /etc/nginx/sites-available/jenkins.yourdomainname.conf /etc/nginx/sites-enabled/jenkins.yourdomainname.conf

Configure Jenkins for Nginx

In order to Jenkins work with Nignx you need to make Jenkins to listen on localhost

sudo nano /etc/default/jenkins

Find the JENKINS_ARGS line and add --httpListenAddress=127.0.0.1 to the existing arguments.

So, the line will look similar to the one below.

JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=127.0.0.1"

For sub-directory configuration you need to add additional argument with the directory name with --prefix

JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=127.0.0.1 --prefix=/jenkins"

Save and exit the file. Finally restart Jenkins.

sudo systemctl restart jenkins

Check the configuration and restart Nginx.

sudo nginx -t
sudo service nginx restart

Now Nginx is setup as a reverse proxy for Jenkins.

Install Free Let’s Encrypt SSL Certificate

HTTPS
HTTPS is a protocol for secure communication between a server (instance) and a client (web browser). Due to the introduction of Let’s Encrypt, which provides free SSL certificates, HTTPS are adopted by everyone and also provides trust to your audiences.

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx

Now we have installed Certbot by Let’s Encrypt for Ubuntu 18.04, run this command to receive your certificates.

sudo certbot --nginx certonly

Enter your email and agree to the terms and conditions, then you will receive the list of domains you need to generate SSL certificate.

To select all domains simply hit Enter

The Certbot client will automatically generate the new certificate for your domain. Now we need to update the Nginx config.

Configure SSL

Once the SSL is installed, you can configure it in your Nginx file.

sudo nano /etc/nginx/sites-available/yourdomainname.com
server {
     listen [::]:80;
     listen 80;

     server_name jenkins.yourdomainname.com;

     return 301 https://jenkins.yourdomainname.com$request_uri;
 }

 server {
     listen [::]:443 ssl;
     listen 443 ssl;

     server_name jenkins.yourdomainname.com;

     ssl_certificate /etc/letsencrypt/live/jenkins.yourdomainname.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/jenkins.yourdomainname.com/privkey.pem;

     location / {
         proxy_set_header        Host $host:$server_port;
         proxy_set_header        X-Real-IP $remote_addr;
         proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header        X-Forwarded-Proto $scheme;
         proxy_pass          http://127.0.0.1:8080;
         proxy_read_timeout  90;
         proxy_redirect      http://127.0.0.1:8080 https://jenkins.yourdomainname.com;

         proxy_http_version 1.1;
         proxy_request_buffering off;
         add_header 'X-SSH-Endpoint' 'jenkins.yourdomainname.com:50022' always;
     } 
 }

Hit CTRL+X followed by Y to save the changes.

Check your configuration and restart Nginx for the changes to take effect.

sudo nginx -t
sudo service nginx restart

Renewing SSL Certificate

Certificates provided by Let’s Encrypt are valid for 90 days only, so you need to renew them often. Now you set up a cronjob to check for the certificate which is due to expire in next 30 days and renew it automatically.

sudo crontab -e

Add this line at the end of the file

0 0,12 * * * certbot renew >/dev/null 2>&1

Hit CTRL+X followed by Y to save the changes.

This cronjob will attempt to check for renewing the certificate twice daily.

That’s all now you can visit your domain name in your web browser. you can see your Jenkins login page with HTTPS.

Conclusion

In this tutorial you have installed Nginx, configured UFW, setup new reverse proxy configuration for Jenkins and installed SSL and configured Jenkins for Nginx.

TAGGED: Compute Engine, Google Cloud Platform, Jenkins, Ubuntu 18.04
Share This Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Reddit Telegram Copy Link Print
Share
6 Reviews 6 Reviews
  • Avatar Of YoniYoni says:

    A truly superb tutorial. Thank you very much!!

    Reply
    • Avatar Of CloudbookletCloudbooklet says:

      Very welcome and thank you for using Cloudbooklet

      Reply
  • Avatar Of LambovLambov says:

    Tried it on aws ec2 instance running ubuntu 16.04 and it worked like a charm 🙂
    Thank you!

    p.s. if you get “It appears that your reverse proxy set up is broken. ” after following the guide you can do the following to resolve it:
    1) go to Manage Jenkins -> Configure System
    2) In the Jenkins URL field enter https://[yourdomain].com

    Reply
    • Avatar Of CloudbookletCloudbooklet says:

      Very welcome and thank you for using Cloudbooklet

      Reply
  • Avatar Of ChrisChris says:

    This tutorial is awesome, however your final Nginx file is broken and it took me a while to figure out the fix.

    Reply
    • Avatar Of CloudbookletCloudbooklet says:

      Thank you, can you please point out the issue, I will update.

      Reply

Leave a review Cancel reply

Your email address will not be published. Required fields are marked *

Please select a rating!

Popular

Copilot Desktop Shortcut
How to Create a Copilot Desktop Shortcut in Windows 11
Artificial Intelligence
Gpt Crawler
How to Create Your Own Custom GPT from Any Website with GPT Crawler
Artificial Intelligence
Ai Spreadsheet Tools
10 Best AI Spreadsheet Tools for Faster and Easier Data Work
Artificial Intelligence
Turnitin Ai
Turnitin AI: How to Use AI Writing Detection Checker
Artificial Intelligence
- Advertisement -

Subscribe Now

loader

Subscribe to our mailing list to receives daily updates!

Email Address*

Name

Related Stories

Uncover the stories that related to the post!
Free Linux Cloud Server
Artificial Intelligence

Top 5 Free Linux Cloud Servers to Host Your Website

How To Install Git On Ubuntu 20.04
Google CloudLinux

How to Install Git on Linux

Vector Image
Data ScienceGoogle Cloud

DataStax Enhances Astra DB on Google Cloud with Vector Search Capability

How To Setup Ssh Keys On Ubuntu
Google CloudAWS

How to Setup SSH Keys on Ubuntu 20.04

Cloudbooklet Logo
  • Categories:
  • Artificial Intelligence
  • Applications
  • Google Cloud

Quick Links

  • About
  • Contact
  • Disclaimer
  • Privacy Policy
Cloudbooklet © 2023 All rights reserved.
Welcome Back!

Sign in to your account

Lost your password?