Install and configure Jenkins and Nginx as reverse proxy with SSL Certificate

Author
Andri Prasetyo
Created
Comments
0
Categories: Devops Infrastructure

Jenkins is an open-source automation server. Jenkins helps automate parts of software development related to building, testing, and deploying, facilitating continuous integration and continuous delivery (CI/CD) for software development. In this case, the lab used is based on Linux CentOS.

Instalasi Jenkins

The initial step to install Jenkins is to add the Jenkins repository on the server.

$ sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo
$ sudo rpm --import https://pkg.jenkins.io/redhat/jenkins.io-2023.key

Then, install the Java application.

$ sudo yum install fontconfig java-17-openjdk

After the Java installation is complete, install Jenkins.

$ sudo yum install jenkins -y

After the Jenkins installation is complete, enable the service and check the status of the Jenkins service using the following command.

$ sudo systemctl enable jenkins
$ sudo systemctl start jenkins
$ sudo systemctl status jenkins

After all installations are complete and the Jenkins service is successfully active, access Jenkins via a web browser with the URL http://ip_jenkins-or-domain:8080. This will display a screen similar to the one below.

Enter the command sudo cat /var/lib/jenkins/secrets/initialAdminPassword on the Jenkins server to retrieve the administrator password.

Select Install suggested plugins to install the default plugins available, and wait until the plugin installation progress for Jenkins is complete.

After the plugin installation is complete, the next step is to create an admin user to access the Jenkins dashboard.

In this section, you can enter the IP address or use the specified domain.

The Jenkins installation is complete, and you have successfully accessed the Jenkins dashboard.

Setup Nginx as reverse proxy

Now it’s time to install Nginx as a reverse proxy for Jenkins, so that Jenkins runs behind Nginx and you don’t have to use port 8080 when accessing it via a web browser.

Install Nginx using the following command.

$ sudo yum install nginx -y

Then, enable the Nginx service and check the status of the Nginx service.

$ sudo systemctl enable nginx
$ sudo systemctl start nginx
$ sudo systemctl status nginx

Next, create an SSL folder to place the existing SSL files.

$ sudo mkdir -p /etc/nginx/ssl

Next, create a new file for the Nginx configuration.

$ vi /etc/nginx/conf.d/jenkins.conf

upstream jenkins{
    server 127.0.0.1:8080;
}

server {
    listen      80;
    server_name jenkins.inetmede.com;

    return 301 https://$server_name$request_uri;

}

server {
    listen 443 ssl;
    server_name jenkins.inetmede.com;

    access_log  /var/log/nginx/jenkins.access.log;
    error_log   /var/log/nginx/jenkins.error.log;

    ssl_certificate /etc/nginx/ssl/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/privkey.pem;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

    proxy_buffers 16 64k;
    proxy_buffer_size 128k;

    location / {
        proxy_pass  http://jenkins;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;

        proxy_set_header    Host            $host;
        proxy_set_header    X-Real-IP       $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto https;
    }
}

After the Nginx configuration file is created, restart the Jenkins and Nginx services.

$ sudo systemctl restart jenkins
$ sudo systemctl restart nginx

After the Nginx configuration file is complete, it’s time to try accessing it through a web browser using the HTTPS port: https://your_domain.

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *