summaryrefslogtreecommitdiffstats
path: root/roles/jenkins/templates/jenkins_nginx.conf.j2
diff options
context:
space:
mode:
Diffstat (limited to 'roles/jenkins/templates/jenkins_nginx.conf.j2')
-rw-r--r--roles/jenkins/templates/jenkins_nginx.conf.j243
1 files changed, 43 insertions, 0 deletions
diff --git a/roles/jenkins/templates/jenkins_nginx.conf.j2 b/roles/jenkins/templates/jenkins_nginx.conf.j2
new file mode 100644
index 0000000..765eba0
--- /dev/null
+++ b/roles/jenkins/templates/jenkins_nginx.conf.j2
@@ -0,0 +1,43 @@
+# {{ ansible_managed }}
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ jenkins_subdomain }};
+
+ include snippets/letsencrypt.conf;
+
+ location / {
+ return 301 https://$host$request_uri;
+ }
+}
+
+upstream jenkins {
+ server 127.0.0.1:8090 fail_timeout=0;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name {{ jenkins_subdomain }};
+
+ root /srv/http;
+ index index.html index.htm;
+
+ ssl_certificate /etc/letsencrypt/live/{{ jenkins_subdomain }}/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/{{ jenkins_subdomain }}/privkey.pem;
+ ssl_trusted_certificate /etc/letsencrypt/live/{{ jenkins_subdomain }}/chain.pem;
+
+ location / {
+ proxy_set_header Host $host:$server_port;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_redirect http:// https://;
+ proxy_pass http://jenkins;
+ # Required for new HTTP-based CLI
+ proxy_http_version 1.1;
+ proxy_request_buffering off;
+ proxy_buffering off; # Required for HTTP-based CLI to work over SSL
+ }
+}
generated by cgit v1.2.3-70-g09d2 (git 2.49.0) at 2025-05-03 17:08:09 +0000