0

I want to set up Jenkins dashboard to be accessed by a team of engineers so that I am not the only one managing it. Ideally, anyone on the team can access the url in their browser at jenkins.HOST.com and be directed to the Jenkins dashboard I have created.

I set the jenkins url in the config to jenkins.HOST.com but obviously this isn't enough, and I want to avoid using nginx to tunnel to my localhost:8080 - however I can do this if it's the best feasible option - I'm just wondering if there's a better way.

I'm completely new to using Jenkins and would appreciate any help!

dude8998
  • 135
  • 2
  • 13

1 Answers1

3

As you expected, using nginx as a proxy is probably the best way to manage the Jenkins URL. Just setting it in the config won't work; Jenkins will still be listening on the configured port. Port defaults to 8080 but you can try chaning that to port 80. This post (while dated) gives some details on How to configure Jenkins to run on port 80.

I've always used the nginx option and its never failed me. You even get the benefit of being able to add SSL certificates. I recommend using let's encrypt.

Here's the configuration I've used for years, updated with your jenkins.HOST.com URL. Just install Jenkins as usual, fix any selinux issues (either disable it or configure access for nginx to access localhost port 8080) and you should be good to go!

upstream jenkins {
    server 127.0.0.1:8080;
}

server {
    listen 80 default_server;
    listen [::]:80;
    server_name jenkins.HOST.com;
    return 301 https://jenkins.HOST.com$request_uri;
}

server {
    listen 443 ssl default_server;
    listen [::]:443 ssl ipv6only=on;
    server_name jenkins.HOST.com;

    location / {
        proxy_pass       http://jenkins;
        proxy_set_header Host            $host;
        proxy_set_header X-Forwarded-For $remote_addr;
    }

    ssl_certificate     /etc/letsencrypt/live/jenkins.HOST.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/jenkins.HOST.com/privkey.pem;
    include             /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam         /etc/letsencrypt/ssl-dhparams.pem;
}
Michael J
  • 1,383
  • 2
  • 14
  • 25
  • Its beyond the scope of your original question but, along with HTTPS, I would suggest using a security group or firewall that limits access to the jenkins server to the IPs of the remote users. If your server is out there on the internet you'll want to try to lock it down as much as possible. Having nginx in front helps but if you can eliminate anyone from getting to the system altogether with a firewall, that would be 100% better. :) – Michael J Aug 28 '19 at 00:43
  • Awesome! Thank you so much – dude8998 Sep 03 '19 at 20:22