Ubuntu – Setting jenkins CI behind apache

apache-2.2JenkinsUbuntu

I am trying to set-up jenkins behind apache2 (Both fresh install with the package manager) OS used : ubuntu 12.04 LTS

Actually I am setting up a couple services behind this Apache. First is artifactory. Here my site file

<VirtualHost *:80>
ServerAdmin anEmail@SomeDomain.com
DocumentRoot "/var/www"
ServerName aDomain.com
ErrorLog "/path/to/artifactoryVirtualHost.log"
ProxyRequests off
ProxyPass /artifactory http://127.0.0.1:8081/artifactory
ProxyPassReverse /artifactory http://127.0.0.1:8081/artifactory
ProxyPreserveHost on 
</VirtualHost>

It is working as intended when I go to aDomain.com/artifactory it redirect me to the artifactory embedded tomcat.

Here is my jenkins site file

<VirtualHost *:80>
ServerAdmin anEmail@SomeDomain.com
DocumentRoot "/var/www"
ServerName aDomain.com
ErrorLog "/path/to/jenkinsVirtualHost.log"
ProxyRequests off
ProxyPass /jenkins ajp://127.0.0.1:8102/jenkins
ProxyPassReverse /jenkins ajp://127.0.0.1:8102/jenkins
ProxyPreserveHost on
</VirtualHost>

Notice the difference here I am using AJP connector here since jenkins allow it without much configuration. Also jenkins require a bit more configuration
in my /etc/default/jenkins file

JENKINS_ARGS="--webroot=$JENKINS_RUN/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --preferredClassLoader=java.net.URLClassLoader **--prefix=/jenkins**
 HTTP_PORT -1
 AJP_PORT : 8102

I disable the http since I want my user to go trough Apache And I also added the prefix jenkins as written in the jenkins manual. Unfortunately I am doing something wrong because when I go to aDomain.com/jenkins Apache serve me a 404 which make me a sad panda.

More information: I'm doing this as a test on a virtual machine, I am using:

Linux hostname 3.5.0-23-generic #35~precise1-Ubuntu SMP Fri Jan 25 17:13:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

Server version: Apache/2.2.22 (Ubuntu)

Jenkins ver. 1.509.2

Also I loaded those on Apache2

sudo a2enmode proxy
sudo a2enmode proxy_http
sudo a2enmode proxy_ajp

Edit: I forgot to let you know that my httpd.conf is an empty file
Thank you for your time

Best Answer

this is a working config behind a reverse proxy apache2 in centos 6 that also does ssl/tls offloading:

<VirtualHost *:443>
    ServerName  jenkins.domain.tld
    ServerAdmin webmaster@localhost

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel info

    CustomLog /var/log/httpd/jenkins.access.log combined
    ErrorLog /var/log/httpd/jenkins.error.log

    SSLEngine on
    SSLProxyEngine On

    # List the enable protocol levels with which clients will be able to
    # connect. 
    SSLProtocol All -SSLv2 -SSLv3

    SSLHonorCipherOrder On

    # List the ciphers that the client is permitted to negotiate.
    # See the mod_ssl documentation for a complete list.
    SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 


    SSLCertificateFile    /etc/pki/tls/certs/file.cer
    SSLCertificateChainFile /etc/pki/tls/certs/chain.cer
    SSLCertificateKeyFile /etc/pki/tls/private/file.key

    ProxyRequests Off
    ProxyPreserveHost On
    <Proxy *>
       Order deny,allow
       Allow from all
    </Proxy>

    ProxyPass / http://internal.domain.tld:8070/ retry=5 nocanon
    ProxyPassReverse / http://internal.domain.tld:8070/
    AllowEncodedSlashes On

   Header edit Location ^http://(.*)$ https://$1

</VirtualHost>
Related Topic