Jenkins subdomain using SSL
Hi,
I'm trying to get a jenkins subdomain up and running alongside my normal site with both forcing HTTPS. I've looked around at all the available articles and I must be missing something. I think I correctly followed all of the steps in the ubuntu server setup, nginx setup and let's encrypt tutorials. I sort of followed the jenkins one but because I want it to work with a subdomain I tried to modify some stuff.
Involved domains & subdomains:
- example.com
- jenkins.example.com
- www.example.com
- www.jenkins.example.com
Situation currently is:
- Everything correctly forwards to HTTPS as expected
- My root domain is displaying the html I have placed in
/var/www/example.com - When I navigate to jenkins.example.com or www.jenkins.example.com I see the nginx startup page.
Here is my /etc/nginx/sites-available/example.com file:
server {
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
access_log /var/log/nginx/example.access.log;
error_log /var/log/nginx/example.error.log;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
Here is my /etc/nginx/sites-available/jenkins.example.com file:
server {
server_name jenkins.example.com;
return 301 https://$host$request_uri;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
include /etc/nginx/proxy_params;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8080;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8080 https://jenkins.example.com;
}
}
I think I correctly symlinked them, when I do an ls in the /etc/nginx/sites-enabled directory I see both example.com and jenkins.example.com. The only thing I did to the jenkins installation was modify the startup args as directed in the jenkins nginx tutorial:
JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=127.0.0.1"
Let me know if there is any other information I can provide. I appreciate the help, sorry if the answer is out there and I didn't look hard enough.
Just to be clear, I am not actually using example.com. :)
and I have A records from all of my domains but that is it, no CNAME or anything since I don't know what it is and none of the guides told me to make those records.
Part of my issue was that I still had the nginx default server in /etc/nginx/sites-enabled/, so I deleted that. Now my subdomain displays the web page from my core domain, so I think I'm getting closer.