You can do it on a much more recent version of Jenkins, see this PR https://github.com/jenkinsci/winstone/pull/98, it adds the --httpsRedirectHttp parameter.
Regards, Alex On Fri, Oct 23, 2020 at 12:49 PM Tim Black <[email protected]> wrote: > Owen, did your assertion turn out to be true? Is a reverse proxy required > to perform this redirection of jenkins requests from http (80,8080) to > https (port 8443)? > > I'm currently using iptables to forward 443 to 8443 to allow my users to > not require a port in the URL, however, this does still require "https://"; > in the URL. So, like you (probably) I'd like to redirect http ports to > jenkins default ssl/https port 8443. But I'm not sure if a simple port > forward from 80/8080 to 8443 would work, or if it would break the ssl > negotiation that needs to happen. > > So far, my attempts to add these rules have not succeeded in redirecting > http requests on port 80 to https requests on port 443. > > I'm sure I'm missing something important here. In case someone is > listening here is what my nat iptable looks like: > > jenkins@jenkins-testing:~$ sudo iptables -nvL -t nat > Chain PREROUTING (policy ACCEPT 13 packets, 1810 bytes) > pkts bytes target prot opt in out source > destination > 7 364 REDIRECT tcp -- ens192 * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:443 /* Ansible-generated. */ redir ports 8443 > 0 0 REDIRECT tcp -- ens192 * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:8080 /* Ansible-generated. */ redir ports > 8443 > 2 104 REDIRECT tcp -- ens192 * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:80 /* Ansible-generated. */ redir ports 8443 > 1 60 DOCKER all -- * * 0.0.0.0/0 > 0.0.0.0/0 ADDRTYPE match dst-type LOCAL > > Chain INPUT (policy ACCEPT 20 packets, 1582 bytes) > pkts bytes target prot opt in out source > destination > > Chain POSTROUTING (policy ACCEPT 151 packets, 10870 bytes) > pkts bytes target prot opt in out source > destination > 0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 > 0.0.0.0/0 > > Chain OUTPUT (policy ACCEPT 151 packets, 10870 bytes) > pkts bytes target prot opt in out source > destination > 0 0 DOCKER all -- * * 0.0.0.0/0 ! > 127.0.0.0/8 ADDRTYPE match dst-type LOCAL > > Chain DOCKER (2 references) > pkts bytes target prot opt in out source > destination > 0 0 RETURN all -- docker0 * 0.0.0.0/0 > 0.0.0.0/0 > > On Friday, March 6, 2015 at 5:20:51 PM UTC-8 Owen B. Mehegan wrote: > >> I guess the native Jenkins server is Winstone, not Jetty, and it doesn't >> look like there's a way to do this there. It's sounding like I will need an >> nginx redirect. >> >> >> On Friday, March 6, 2015 at 3:46:35 PM UTC-8, Owen B. Mehegan wrote: >>> >>> I'm running Jenkins 1.596.1 on Linux, using the built-in Jetty server. I >>> have it serving HTTP and HTTPS successfully, and now I'm trying to figure >>> out a way to redirect all HTTP requests to HTTPS. I've searched for >>> Jetty-specific ways to do this, but the answers I've found don't really >>> mesh with the Jenkins configuration, as far as I can see. Can anyone >>> suggest a way to do this? >>> >> -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/bb39050b-c605-4b83-b09e-621079902c78n%40googlegroups.com > <https://groups.google.com/d/msgid/jenkinsci-users/bb39050b-c605-4b83-b09e-621079902c78n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- Website: http://earl-of-code.com -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CAPiUgVexveqSZGM%2BnDV4E7gr-9xvVY-_EkKgVJAFFp7wk%3Df0eA%40mail.gmail.com.
