0

I am trying to set-up jenkins behind apache2 (Both fresh install with the package manager) OS used : ubuntu 12.04 LTS

Actually I am setting up a couple services behind this Apache. First is artifactory. Here my site file

<VirtualHost *:80>
ServerAdmin anEmail@SomeDomain.com
DocumentRoot "/var/www"
ServerName aDomain.com
ErrorLog "/path/to/artifactoryVirtualHost.log"
ProxyRequests off
ProxyPass /artifactory http://127.0.0.1:8081/artifactory
ProxyPassReverse /artifactory http://127.0.0.1:8081/artifactory
ProxyPreserveHost on 
</VirtualHost>

It is working as intended when I go to aDomain.com/artifactory it redirect me to the artifactory embedded tomcat.

Here is my jenkins site file

<VirtualHost *:80>
ServerAdmin anEmail@SomeDomain.com
DocumentRoot "/var/www"
ServerName aDomain.com
ErrorLog "/path/to/jenkinsVirtualHost.log"
ProxyRequests off
ProxyPass /jenkins ajp://127.0.0.1:8102/jenkins
ProxyPassReverse /jenkins ajp://127.0.0.1:8102/jenkins
ProxyPreserveHost on
</VirtualHost>

Notice the difference here I am using AJP connector here since jenkins allow it without much configuration. Also jenkins require a bit more configuration in my /etc/default/jenkins file

JENKINS_ARGS="--webroot=$JENKINS_RUN/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --preferredClassLoader=java.net.URLClassLoader **--prefix=/jenkins**
 HTTP_PORT -1
 AJP_PORT : 8102

I disable the http since I want my user to go trough Apache And I also added the prefix jenkins as written in the jenkins manual. Unfortunately I am doing something wrong because when I go to aDomain.com/jenkins Apache serve me a 404 which make me a sad panda.

More information: I'm doing this as a test on a virtual machine, I am using:

Linux hostname 3.5.0-23-generic #35~precise1-Ubuntu SMP Fri Jan 25 17:13:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

Server version: Apache/2.2.22 (Ubuntu)

Jenkins ver. 1.509.2

Also I loaded those on Apache2

sudo a2enmode proxy
sudo a2enmode proxy_http
sudo a2enmode proxy_ajp

Edit: I forgot to let you know that my httpd.conf is an empty file Thank you for your time

Community
  • 1
drgn
  • 101
  • 1
  • 2

2 Answers2

1

this is a working config behind a reverse proxy apache2 in centos 6 that also does ssl/tls offloading:

<VirtualHost *:443>
    ServerName  jenkins.domain.tld
    ServerAdmin webmaster@localhost

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel info

    CustomLog /var/log/httpd/jenkins.access.log combined
    ErrorLog /var/log/httpd/jenkins.error.log

    SSLEngine on
    SSLProxyEngine On

    # List the enable protocol levels with which clients will be able to
    # connect. 
    SSLProtocol All -SSLv2 -SSLv3

    SSLHonorCipherOrder On

    # List the ciphers that the client is permitted to negotiate.
    # See the mod_ssl documentation for a complete list.
    SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 


    SSLCertificateFile    /etc/pki/tls/certs/file.cer
    SSLCertificateChainFile /etc/pki/tls/certs/chain.cer
    SSLCertificateKeyFile /etc/pki/tls/private/file.key

    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
       Order deny,allow
       Allow from all
    </Proxy>

    ProxyPass / http://internal.domain.tld:8070/ retry=5 nocanon
    ProxyPassReverse / http://internal.domain.tld:8070/
    AllowEncodedSlashes On

   Header edit Location ^http://(.*)$ https://$1

</VirtualHost>
natxo asenjo
  • 5,739
  • 2
  • 26
  • 27
0

You don't need the ProxyPassReverse directive when using AJP to proxy request to the backend.

Just use ProxyPass or ProxyPassMatch if you need to proxy more than one application to a tomcat, jboss, or any other container.

<VirtualHost *:80>
  ServerAdmin anEmail@SomeDomain.com
  DocumentRoot "/var/www"
  ServerName aDomain.com
  ErrorLog "/path/to/jenkinsVirtualHost.log"
  ProxyRequests off
  ProxyPass /jenkins ajp://127.0.0.1:8102/jenkins
  #ProxyPassMatch ^/(alfresco|jenkins|nexus)(.*) ajp://localhost:8102/$1$2
  ProxyPreserveHost on
</VirtualHost>
dawud
  • 15,096
  • 3
  • 42
  • 61
  • I tried your solution by removing the ProxyPassReverse, Unfortunately there is still something wrong, I have opened jenkins on http port 8090 and I can access it via aDomain.com:8090/jenkins so the problem is not on the jenkins side. But I must say thanks! I did not know that you could use regex in the site file for proxy. That will be usefull! – drgn Jul 29 '13 at 16:28
  • I found the solution by myself you cannot have multiple site listening *:80, if I put everything in the same file/site it work. I cannot answer my question since I don't have enough reputation. I will answer it in 4 hour. Thank for your time – drgn Jul 29 '13 at 18:35
  • Sure you can, it is called name-based virtual hosting – dawud Jul 29 '13 at 18:38
  • Oh you are totally right, but it wasn’t working with my configuration. I wish to have www.aDomain.com/ and not .aDomain.com or maybe there is something I don't understand I am new to apache2 and I am still reading the manual. Thanks – drgn Jul 29 '13 at 18:53