0

I have an Artifactory running on a server on port 8081. I need to have the standard http access, so there is also nginx acting as a reverse proxy with those simple rules:

incoming port 80 -> redirect to 443 (http -> https)
incoming port 443 -> proxy to localhost:8081

It works well with a browser. However, I have a TeamCity server running which needs to resolve artifacts from this repository. It can find the files it needs, but when they should be downloaded, I get an connection refused error:

[10:21:38][Step 3/5] Resolving published dependencies with pattern UNIX-SDK:linux32_builds/build/sdk/*
[10:21:38][Step 3/5] Found 54 dependencies by doing a pattern search.
[10:21:38][Step 3/5] Target directory: /Users/steve/teamcity/buildAgent/work/d6dd50479f4d9106/build/sdk/openssl/current/include/openssl/dh.h
[10:21:38][Step 3/5] Error occurred while resolving published or build dependencies: Connection refused
[10:21:38]
[Step 3/5] java.net.ConnectException: Connection refused
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
    at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
    at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
    at java.net.Socket.connect(Socket.java:579)
    at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:117)
    at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
    at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
    at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
    at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
    at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
    at org.jfrog.build.client.PreemptiveHttpClient.execute(PreemptiveHttpClient.java:88)
    at org.jfrog.build.extractor.clientConfiguration.client.ArtifactoryDependenciesClient.execute(ArtifactoryDependenciesClient.java:185)
    at org.jfrog.build.extractor.clientConfiguration.client.ArtifactoryDependenciesClient.getArtifactChecksums(ArtifactoryDependenciesClient.java:174)
    at org.jfrog.build.extractor.clientConfiguration.util.DependenciesDownloaderHelper.getDependencyLocally(DependenciesDownloaderHelper.java:116)
    at org.jfrog.build.extractor.clientConfiguration.util.DependenciesDownloaderHelper.downloadArtifact(DependenciesDownloaderHelper.java:77)
    at org.jfrog.build.extractor.clientConfiguration.util.DependenciesDownloaderHelper.downloadDependencies(DependenciesDownloaderHelper.java:40)
    at org.jfrog.teamcity.agent.DependenciesDownloaderImpl.download(DependenciesDownloaderImpl.java:57)
    at org.jfrog.build.extractor.clientConfiguration.util.DependenciesHelper.retrievePublishedDependencies(DependenciesHelper.java:52)
    at org.jfrog.teamcity.agent.DependenciesResolver.retrievePublishedDependencies(DependenciesResolver.java:50)
    at org.jfrog.teamcity.agent.listener.AgentListenerBuildInfoHelper.retrievePublishedAndBuildDependencies(AgentListenerBuildInfoHelper.java:99)
    at org.jfrog.teamcity.agent.listener.AgentListenerBuildInfoHelper.beforeRunnerStart(AgentListenerBuildInfoHelper.java:84)
    at org.jfrog.teamcity.agent.ArtifactoryAgentListener.beforeRunnerStart(ArtifactoryAgentListener.java:80)
    at sun.reflect.GeneratedMethodAccessor55.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at jetbrains.buildServer.util.EventDispatcher.dispatch(EventDispatcher.java:120)
    at jetbrains.buildServer.util.EventDispatcher$2.invoke(EventDispatcher.java:67)
    at com.sun.proxy.$Proxy6.beforeRunnerStart(Unknown Source)
    at jetbrains.buildServer.agent.impl.buildStages.runnerStages.start.FireBeforeRunnerStartedStage.fireEvent(FireBeforeRunnerStartedStage.java:27)
    at jetbrains.buildServer.agent.impl.buildStages.runnerStages.start.FireEventRunnerStageBase.doBuildStage(FireEventRunnerStageBase.java:29)
    at jetbrains.buildServer.agent.impl.buildStages.RunnerStagesExecutor$1.callStage(RunnerStagesExecutor.java:25)
    at jetbrains.buildServer.agent.impl.buildStages.RunnerStagesExecutor$1.callStage(RunnerStagesExecutor.java:18)
    at jetbrains.buildServer.agent.impl.buildStages.StagesExecutor.callRunStage(StagesExecutor.java:78)
    at jetbrains.buildServer.agent.impl.buildStages.StagesExecutor.doStages(StagesExecutor.java:37)
    at jetbrains.buildServer.agent.impl.buildStages.RunnerStagesExecutor.doStages(RunnerStagesExecutor.java:18)
    at jetbrains.buildServer.agent.impl.buildStages.startStages.steps.RunnerContextExecutor.callRunnerStages(RunnerContextExecutor.java:43)
    at jetbrains.buildServer.agent.impl.buildStages.startStages.steps.StepExecutor.processNextStep(StepExecutor.java:25)
    at jetbrains.buildServer.agent.impl.buildStages.startStages.steps.ForEachBuildRunnerStage.executeRunnerStep(ForEachBuildRunnerStage.java:138)
    at jetbrains.buildServer.agent.impl.buildStages.startStages.steps.ForEachBuildRunnerStage.runStep(ForEachBuildRunnerStage.java:123)
    at jetbrains.buildServer.agent.impl.buildStages.startStages.steps.ForEachBuildRunnerStage.executeBuildRunners(ForEachBuildRunnerStage.java:83)
    at jetbrains.buildServer.agent.impl.buildStages.startStages.steps.ForEachBuildRunnerStage.doBuildStage(ForEachBuildRunnerStage.java:44)
    at jetbrains.buildServer.agent.impl.buildStages.BuildStagesExecutor$1.callStage(BuildStagesExecutor.java:31)
    at jetbrains.buildServer.agent.impl.buildStages.BuildStagesExecutor$1.callStage(BuildStagesExecutor.java:24)
    at jetbrains.buildServer.agent.impl.buildStages.StagesExecutor.callRunStage(StagesExecutor.java:78)
    at jetbrains.buildServer.agent.impl.buildStages.StagesExecutor.doStages(StagesExecutor.java:37)
    at jetbrains.buildServer.agent.impl.buildStages.BuildStagesExecutor.doStages(BuildStagesExecutor.java:24)
    at jetbrains.buildServer.agent.impl.BuildRunActionImpl.doStages(BuildRunActionImpl.java:70)
    at jetbrains.buildServer.agent.impl.BuildRunActionImpl.runBuild(BuildRunActionImpl.java:50)
    at jetbrains.buildServer.agent.impl.BuildAgentImpl.doActualBuild(BuildAgentImpl.java:284)
    at jetbrains.buildServer.agent.impl.BuildAgentImpl.access$100(BuildAgentImpl.java:52)
    at jetbrains.buildServer.agent.impl.BuildAgentImpl$1.run(BuildAgentImpl.java:248)
    at java.lang.Thread.run(Thread.java:745)

When I connect directly to the 8081 port, it goes well. Is there some nginx config I am missing? I followed various guides to set it up but none mention anything relevant.

The nginx reverse proxy config is this:

server {
        listen 80;
        server_name artifactory.ourdomain.com;
        return 301 https://$server_name$request_uri;
    }

    server {
        listen 443;
        server_name artifactory.ourdomain.com;

        ssl on;
        ssl_certificate /etc/nginx/cert/artifactory-cert-chain.crt;
        ssl_certificate_key /etc/nginx/cert/artifactory.key;

        location / {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            proxy_pass http://localhost:8081;
            proxy_read_timeout 90;

            proxy_redirect http://localhost:8081 https://artifactory.ourdomain.com;
        }
    }

Thank you for your help!

Martin Melka
  • 7,177
  • 16
  • 79
  • 138
  • 1
    Where did teamcity try to connect? – Alexey Ten Oct 08 '15 at 09:07
  • you could try a minimal config in your 443 section of the config: `proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # Fix the "It appears that your reverse proxy set up is broken" error. proxy_pass http://127.0.0.1:8081; proxy_read_timeout 90;` – semm0 Oct 08 '15 at 12:16
  • I found out there is actually a page about setting up nginx in Artifactory docs. https://www.jfrog.com/confluence/display/RTF/nginx Now it works but I'm having a nginx-specific issue. I'll open another thread for that. Thanks – Martin Melka Oct 08 '15 at 13:32
  • This would be the new issue http://stackoverflow.com/questions/33017719/nginx-redirect-to-https-works-once-of-every-two-attempts – Martin Melka Oct 08 '15 at 13:48
  • Nice, thanks for posting a hint to the solution and the new thread. – semm0 Oct 08 '15 at 13:57

0 Answers0