Docker将Docker compose和nginx配置为让jenkins支持nginx
我是docker和nginx的新手,我设法让nginx在容器中运行HTTPS,我想在nginx后面添加jenkins。我不想在我的服务器上打开新端口,我希望所有流量都通过我的nginx 我如何编写我的Docker将Docker compose和nginx配置为让jenkins支持nginx,docker,nginx,jenkins,docker-compose,Docker,Nginx,Jenkins,Docker Compose,我是docker和nginx的新手,我设法让nginx在容器中运行HTTPS,我想在nginx后面添加jenkins。我不想在我的服务器上打开新端口,我希望所有流量都通过我的nginx 我如何编写我的docker compose.yaml和我的app.conf(nginx的配置文件)来让它一起工作?这是我的配置文件,我已经用一个虚拟域名替换了我的域名example.com,我希望jenkins可以访问jenkins.example.com docker compose.yml nginx:
docker compose.yamlapp.confexample.comjenkins.example.comdocker compose.ymlnginx:
image: nginx:1.17-alpine
container_name: nginx-docker
ports:
- "80:80"
- "443:443"
volumes:
- ./data/nginx:/etc/nginx/conf.d
- ./data/html:/etc/nginx/html
jenkins:
image: "jenkins/jenkins:lts"
container_name: jenkins-docker
volumes:
- ./data/jenkins:/var/jenkins_home
expose:
- "8080"
ports:
- "50000:50000"
app.confserver {
listen 80;
server_name example.com;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
root html;
index index.html;
}
}
要使nginx的工作配置能够作为Jenkins的反向代理,您应该看看。在这里,您可以找到许多不同用例的示例(有/没有SSL、AWS等等) 考虑到nginx也在Docker容器(在同一网络中)中运行,您必须在这里进行一些更改,即您不重定向到
localhost:8080jenkins:8080除此之外,您的docker-compose.yml看起来不错。这里唯一需要做的是将端口50000映射到主机的端口50000。如果您不想在机器上打开任何新端口,并且希望所有流量都通过nginx,那么我认为这样做没有什么意义。公开它(就像您对8080端口所做的那样)就足够了,然后您可以向nginx添加一行代码来直接请求特定子域,例如。以下是我的配置文件的最终版本:
docker compose nginx:
image: nginx:1.17-alpine
container_name: nginx-docker
ports:
- "80:80"
- "443:443"
volumes:
- ./data/nginx:/etc/nginx/conf.d
- ./data/html:/etc/nginx/html
jenkins:
image: "jenkins/jenkins:lts"
container_name: jenkins-docker
volumes:
- ./data/jenkins:/var/jenkins_home
expose:
- "8080"
server {
listen 80;
server_name example.com *.example.com;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
root html;
index index.html;
}
}
upstream jenkins {
server jenkins:8080 fail_timeout=0;
}
server {
listen 443 ssl;
server_name jenkins.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http:// https://;
proxy_pass http://jenkins;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
# workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651
add_header 'X-SSH-Endpoint' 'jenkins.domain.tld:50022' always;
}
}