Question

Jenkins subdomain using SSL

Posted on October 4, 2018
Let's Encrypt Ubuntu 18.04 Nginx Networking
Asked by lukedowell

Hi,

I’m trying to get a jenkins subdomain up and running alongside my normal site with both forcing HTTPS. I’ve looked around at all the available articles and I must be missing something. I think I correctly followed all of the steps in the ubuntu server setup, nginx setup and let’s encrypt tutorials. I sort of followed the jenkins one but because I want it to work with a subdomain I tried to modify some stuff.

Involved domains & subdomains:

Situation currently is:

Everything correctly forwards to HTTPS as expected
My root domain is displaying the html I have placed in /var/www/example.com
When I navigate to jenkins.example.com or www.jenkins.example.com I see the nginx startup page.

Here is my /etc/nginx/sites-available/example.com file:

server {
    root /var/www/example.com/html;
    index index.html index.htm index.nginx-debian.html;

    server_name example.com www.example.com;

    location / {
        try_files $uri $uri/ =404;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    access_log /var/log/nginx/example.access.log;
    error_log /var/log/nginx/example.error.log;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

	listen 80;
	listen [::]:80;

	server_name example.com www.example.com;
    return 404; # managed by Certbot
}

Here is my /etc/nginx/sites-available/jenkins.example.com file:

server {
	server_name jenkins.example.com;
	return 301 https://$host$request_uri;

	listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

	location / {
		include /etc/nginx/proxy_params;
		proxy_set_header	Host $host;
		proxy_set_header	X-Real-IP $remote_addr;
		proxy_set_header	X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header	X-Forwarded-Proto $scheme;

		proxy_pass http://127.0.0.1:8080;
		proxy_read_timeout 90;

		proxy_redirect http://127.0.0.1:8080 https://jenkins.example.com;
	}
}

I think I correctly symlinked them, when I do an ls in the /etc/nginx/sites-enabled directory I see both example.com and jenkins.example.com. The only thing I did to the jenkins installation was modify the startup args as directed in the jenkins nginx tutorial:

JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=127.0.0.1"

Let me know if there is any other information I can provide. I appreciate the help, sorry if the answer is out there and I didn’t look hard enough.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

lukedowell • October 4, 2018

Accepted Answer

My problem was that my server block didn’t have *.jenkins.example.com in addition to jenkins.example.com, and my browser or DNS or something always routed to www.jenkins.example.com. I hope this question helps someone in the future. :)