Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
my site i down please see http://www.cheri3a.com/ Question Question
How do I get a SSL certificate for my WSGI Flask server so it can send data over HTTPS? Question Question

Question

Jenkins subdomain using SSL

Posted October 4, 2018 4.4k views
NginxNetworkingLet's EncryptUbuntu 18.04

Hi,

I’m trying to get a jenkins subdomain up and running alongside my normal site with both forcing HTTPS. I’ve looked around at all the available articles and I must be missing something. I think I correctly followed all of the steps in the ubuntu server setup, nginx setup and let’s encrypt tutorials. I sort of followed the jenkins one but because I want it to work with a subdomain I tried to modify some stuff.

Involved domains & subdomains:

Situation currently is:

  • Everything correctly forwards to HTTPS as expected
  • My root domain is displaying the html I have placed in /var/www/example.com
  • When I navigate to jenkins.example.com or www.jenkins.example.com I see the nginx startup page.

Here is my /etc/nginx/sites-available/example.com file:

server {
    root /var/www/example.com/html;
    index index.html index.htm index.nginx-debian.html;

    server_name example.com www.example.com;

    location / {
        try_files $uri $uri/ =404;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    access_log /var/log/nginx/example.access.log;
    error_log /var/log/nginx/example.error.log;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    listen [::]:80;

    server_name example.com www.example.com;
    return 404; # managed by Certbot
}

Here is my /etc/nginx/sites-available/jenkins.example.com file:

server {
    server_name jenkins.example.com;
    return 301 https://$host$request_uri;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
        include /etc/nginx/proxy_params;
        proxy_set_header    Host $host;
        proxy_set_header    X-Real-IP $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto $scheme;

        proxy_pass http://127.0.0.1:8080;
        proxy_read_timeout 90;

        proxy_redirect http://127.0.0.1:8080 https://jenkins.example.com;
    }
}

I think I correctly symlinked them, when I do an ls in the /etc/nginx/sites-enabled directory I see both example.com and jenkins.example.com. The only thing I did to the jenkins installation was modify the startup args as directed in the jenkins nginx tutorial:

JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=127.0.0.1"

Let me know if there is any other information I can provide. I appreciate the help, sorry if the answer is out there and I didn’t look hard enough.

Add a comment
lukedowell
By:
lukedowell

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
my site i down please see http://www.cheri3a.com/ Question Question
How do I get a SSL certificate for my WSGI Flask server so it can send data over HTTPS? Question Question
Add a comment
3 comments

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer
lukedowell October 4, 2018

My problem was that my server block didn’t have *.jenkins.example.com in addition to jenkins.example.com, and my browser or DNS or something always routed to www.jenkins.example.com. I hope this question helps someone in the future. :)

Reply Report

Related

Looking for something else?

Ask a new question Search for more help