Owen, did your assertion turn out to be true? Is a reverse proxy required to perform this redirection of jenkins requests from http (80,8080) to https (port 8443)?
I'm currently using iptables to forward 443 to 8443 to allow my users to not require a port in the URL, however, this does still require "https://"; in the URL. So, like you (probably) I'd like to redirect http ports to jenkins default ssl/https port 8443. But I'm not sure if a simple port forward from 80/8080 to 8443 would work, or if it would break the ssl negotiation that needs to happen. So far, my attempts to add these rules have not succeeded in redirecting http requests on port 80 to https requests on port 443. I'm sure I'm missing something important here. In case someone is listening here is what my nat iptable looks like: jenkins@jenkins-testing:~$ sudo iptables -nvL -t nat Chain PREROUTING (policy ACCEPT 13 packets, 1810 bytes) pkts bytes target prot opt in out source destination 7 364 REDIRECT tcp -- ens192 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* Ansible-generated. */ redir ports 8443 0 0 REDIRECT tcp -- ens192 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 /* Ansible-generated. */ redir ports 8443 2 104 REDIRECT tcp -- ens192 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* Ansible-generated. */ redir ports 8443 1 60 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT 20 packets, 1582 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 151 packets, 10870 bytes) pkts bytes target prot opt in out source destination 0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 151 packets, 10870 bytes) pkts bytes target prot opt in out source destination 0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain DOCKER (2 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0 On Friday, March 6, 2015 at 5:20:51 PM UTC-8 Owen B. Mehegan wrote: > I guess the native Jenkins server is Winstone, not Jetty, and it doesn't > look like there's a way to do this there. It's sounding like I will need an > nginx redirect. > > > On Friday, March 6, 2015 at 3:46:35 PM UTC-8, Owen B. Mehegan wrote: >> >> I'm running Jenkins 1.596.1 on Linux, using the built-in Jetty server. I >> have it serving HTTP and HTTPS successfully, and now I'm trying to figure >> out a way to redirect all HTTP requests to HTTPS. I've searched for >> Jetty-specific ways to do this, but the answers I've found don't really >> mesh with the Jenkins configuration, as far as I can see. Can anyone >> suggest a way to do this? >> > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/bb39050b-c605-4b83-b09e-621079902c78n%40googlegroups.com.
