Journaling the Journey: Putting Jenkins behind auth

We have all been there and done that. And a simple Nginx reverse proxy with basic password authentication is no different. But what about putting Jenkins behind the reverse proxy?

What? So you're saying Jenkins changes the whole alchemy? Yeah boy. Jenkins and similar Tomcat Java based web apps that have their own authorization mechanism need to be treated differently behind a proxy. In fact you have to instruct them beforehand by adding the following header in your proxy block:

proxy_set_header Authorization "";

The whole nginx config may then look something like this:

server {
    listen 80;

    server_name jenkins.myserver.ltd;

    access_log /var/log/nginx/jenkins_access.log;
    error_log  /var/log/nginx/jenkins_error.log;

    location / {
      proxy_pass http://localhost:8080;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $host;
      proxy_set_header Authorization "";

      auth_basic "Restricted Content";
      auth_basic_user_file "/etc/nginx/.htpasswd";
    }
}

About

I am an action-oriented digital nomad, technologist and micropreneur. I specialise in building SaaS products, driving IT strategies and managing complex IT projects with COSTANSIN.

I graduated with honours in Electrical & Electronics Engineering, and obtained a Masters degree in Business Administration with Henley business school.

In my free time I love to ride my motorbike, play the bass guitar with my garage bands, or even, travel around the world.

For business enquiries, mentoring, presentations or just an introduction, drop me an email on info [at] jamesattard.com.

Journaling the Journey

Pages

Putting Jenkins behind auth_basic Nginx reverse proxy

No comments: