- [[Ubuntu]]
- [[Nginx]]
- [[Ubuntu#Java]]
- [[Certbot]]
curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \
/usr/share/keyrings/jenkins-keyring.asc > /dev/null
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt update
sudo apt install jenkins
## Edit Port
sudo systemctl edit jenkins
[Service]
Environment="JENKINS_PORT=8090"
sudo systemctl status jenkins
- copy the admin password for later
sudo nano /etc/nginx/sites-available/jenkins.kaliburg.de
upstream jenkins {
keepalive 64;
server 85.10.205.213:8443;
}
# Required for Jenkins websocket agents
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# Redirect HTTP -> HTTPS
server {
listen 80;
server_name jenkins.kaliburg.de;
include snippets/letsencrypt.conf;
return 301 https://jenkins.kaliburg.de$request_uri;
}
server {
listen 443 ssl http2;
server_name jenkins.kaliburg.de;
# this is the jenkins web root directory
# (mentioned in the output of "systemctl cat jenkins")
root /var/run/jenkins/war/;
# SSL parameters
ssl_certificate /etc/letsencrypt/live/jenkins.kaliburg.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/jenkins.kaliburg.de/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/jenkins.kaliburg.de/chain.pem;
include snippets/ssl.conf;
include snippets/letsencrypt.conf;
access_log /var/log/nginx/jenkins.access.log;
error_log /var/log/nginx/jenkins.error.log;
# pass through headers from Jenkins that Nginx considers invalid
ignore_invalid_headers off;
location ~ "^/static/[0-9a-fA-F]{8}\/(.*)$" {
# rewrite all static files into requests to the root
# E.g /static/12345678/css/something.css will become /css/something.css
rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;
}
location /userContent {
# have nginx handle all the static requests to userContent folder
# note : This is the $JENKINS_HOME dir
root /var/lib/jenkins/;
if (!-f $request_filename){
# this file does not exist, might be a directory or a /**view** url
rewrite (.*) /$1 last;
break;
}
sendfile on;
}
location / {
sendfile off;
proxy_pass http://jenkins;
proxy_redirect default;
proxy_http_version 1.1;
# Required for Jenkins websocket agents
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
#this is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffering off;
proxy_request_buffering off; # Required for HTTP CLI commands
proxy_set_header Connection ""; # Clear for keepalive
}
}
sudo ln -s /etc/nginx/sites-available/jenkins.kaliburg.de /etc/nginx/sites-enabled/
sudo service nginx reload
- paste the admin password into the website