Skip to content
Posted by Shashi CI-CD

Install Jenkins on RHEL/CentOS behind Nginx

Install and configure Nginx and Java

Install Nginx using this guide
Install Java using this guide

Install updates and basic tools

sudo yum -y install update
sudo yum -y install git lsof wget curl

Add the Jenkins repository to available packages

sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key

Install Jenkins

sudo yum install jenkins

Start Jenkins up and make sure it starts every time we reboot

sudo service jenkins start
sudo chkconfig --add jenkins

Verify that jenkins is accessable

curl http://localhost:8080

Reverse Proxy jenkins via nginx and handle SSL [nginx.conf]

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
  worker_connections 1024;
}

http {
  include /etc/nginx/mime.types;
  default_type    application/octet-stream;

  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
  '$status $body_bytes_sent "$http_referer" '
  '"$http_user_agent" "$http_x_forwarded_for"';

  access_log  /var/log/nginx/access.log  main;

  sendfile            on;
  tcp_nopush          on;
  tcp_nodelay         on;

  #keepalive_timeout   0;
  keepalive_timeout   65;
  types_hash_max_size 2048;

  gzip                on;

  server {
    listen       443;
    server_name  jenkins.yebbare.com;

    ssl                  on;
    ssl_certificate      /opt/ssl/ssl.crt;
    ssl_certificate_key  /opt/ssl/ssl.key;

    ssl_protocols  TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    #this is the jenkins web root directory (mentioned in the /etc/default/jenkins file)
    root            /var/run/jenkins/war/;

    access_log      /var/log/nginx/jenkins.access.log;
    error_log       /var/log/nginx/jenkins.error.log;

    location ~ "^/static/[0-9a-fA-F]{8}/(.*)$" {
      rewrite "^/static/[0-9a-fA-F]{8}/(.*)" /$1 last;
    }

    location /userContent {
      root /var/lib/jenkins/;

      if (!-f $request_filename) {
        rewrite (.*) /$1 last;
        break;
      }
      sendfile on;
    }

    location @jenkins {
      sendfile off;
      proxy_pass              http://127.0.0.1:8080;
      proxy_redirect          http:// https://;

      proxy_set_header    X-Forwarded-Proto $scheme;
      proxy_set_header    Host              $host;
      proxy_set_header    X-Real-IP         $remote_addr;
      proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_max_temp_file_size 0;

      #this is the maximum upload size
      client_max_body_size       10m;
      client_body_buffer_size    128k;

      proxy_connect_timeout      90;
      proxy_send_timeout         90;
      proxy_read_timeout         90;

      proxy_buffer_size          4k;
      proxy_buffers              4 32k;
      proxy_busy_buffers_size    64k;
      proxy_temp_file_write_size 64k;
    }

    location / {

      # Optional configuration to detect and redirect iPhones
      if ($http_user_agent ~* '(iPhone|iPod)') {
        rewrite ^/$ /view/iphone/ redirect;
      }

      try_files $uri @jenkins;
    }
  }
}

Restart Nginx gracefully

sudo nginx -ts reload
sudo systemctl restart nginx

Categories

CI-CD, Linux, nginx, WebServers

Tags

, , , , , , ,

Shashi View All

A passionate devops and automation engineer

Leave a comment