nginx基于SSL方式代理jenkins和kibana
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了nginx基于SSL方式代理jenkins和kibana相关的知识,希望对你有一定的参考价值。
server {
server_name hanye-jenkins.hanye.net;
access_log /data/wwwlogs/jenkins-web.access.log ;
error_log /data/wwwlogs/jenkins-web.error.log;
listen 443 ssl;
ssl_certificate /usr/local/nginx/conf/ssl/hanye.net.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/hanye.net.key;
ssl_session_timeout 10m;
ssl_buffer_size 64k;
ssl_session_cache shared:SSL:10m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_redirect default;
#proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
#this is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 120;
proxy_send_timeout 120;
proxy_read_timeout 120;
proxy_buffering off;
proxy_request_buffering off; # Required for HTTP CLI commands in Jenkins > 2.54
proxy_set_header Connection ""; # Clear for keepalive
}
location /oss {
expires 3d;
rewrite /(.+)$ /$1 break;
proxy_pass https://fangx.oss-cn-shenzhen.aliyuncs.com/fangx/source/ZPMOQ2xjSwmBvNB1scM7JYwAgqCJvueKYlWbjlsu.png;
}
}
server {
server_name hanye-es.hanye.net;
access_log /data/wwwlogs/es-web.access.log ;
error_log /data/wwwlogs/es-web.error.log;
listen 443 ssl;
auth_basic "Nginx";
auth_basic_user_file /usr/local/nginx/conf/passwd;
autoindex on;
ssl_certificate /usr/local/nginx/conf/ssl/hanye.net.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/hanye.net.key;
ssl_session_timeout 10m;
ssl_buffer_size 64k;
ssl_session_cache shared:SSL:10m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://10.0.109.17:5601;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
#this is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 120;
proxy_send_timeout 120;
proxy_read_timeout 120;
proxy_buffering off;
proxy_request_buffering off; # Required for HTTP CLI commands in Jenkins > 2.54
proxy_set_header Connection ""; # Clear for keepalive
}
}以上是关于nginx基于SSL方式代理jenkins和kibana的主要内容,如果未能解决你的问题,请参考以下文章
Nginx:15---反向代理之(安全隔离:SSL流量加密SSL客户端身份验证基于原始IP地址阻止流量)
带有两种 SSL 到 weblogic 的 nginx 反向代理
nginx做正向代理https遇到SSL_do_handshake()握手失败