Hi
We are using Nginx as a reverse proxy, connected to a Jenkins continuous
integration server, to provide https access. Jenkins and Nginx run on the same
Linux server.
A certain Jenkins function is failing when accessed via https. It works
correctly when accessed via http (without nginx). Therefore, we suspect that
something is wrong with our Nginx configuration.
In the failure condition, the browser (Edge) shows (in Developer Tools Console):
POST https://jenkins-temptest.<snip>/pipeline-syntax/generateSnippet 500
I don't know how to access the contents of the 500 reply.
Our /etc/nginx/nginx.conf contains:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref:
POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Our /etc/nginx/conf.d/ssl.conf contains:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# ssl on;
ssl_certificate /etc/nginx/certs/jenkins-temptest.pem;
ssl_certificate_key /etc/nginx/certs/jenkins-temptest.key;
server_name jenkins-temptest.<snip>;
location / {
sendfile off;
proxy_pass "http://127.0.0.1:8080";;
proxy_redirect default;
# proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-Proto $scheme;
#this is the maximum upload size
client_max_body_size 20m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_request_buffering off; # Required for HTTP CLI commands in
Jenkins > 2.54
proxy_set_header Connection ""; # Clear for keepalive
}
location ^~ /script {
return 404;
}
location ^~ /manage/script {
return 404;
}
# index index.html index.htm;
}
Is anything obviously wrong with these?
Best regards
David
________________________________
David Aldrich | Consultant Engineer | NEC Telecom Modus Ltd | Olympus House,
Cleeve Road, Leatherhead, Surrey, KT22 7SA, GB | t: +44 (0) 1372 381857 | m: |
w: www.nec.com
This email (including any attached files) is private and confidential and the
exclusive property of NEC Telecom MODUS Ltd. This message is addressed
exclusively to its recipient. If you have received this message by mistake,
please notify the sender immediately and proceed to delete the message. Unless
you have express permission to do so, please do not distribute or copy this
email. Except as otherwise stated, the sender does not intend to create a legal
relationship and this email shall not constitute an offer or acceptance which
could give rise to a contract. View our privacy policy here :
https://uk.nec.com/en_GB/emea/privacy/index.html | Registered Office: Olympus
House, Business Park 5, Cleeve Road, Leatherhead, Surrey KT22 7SA | Registered
in England 3493954 |
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
