I had jenkins up & running using nignx but it was unsecured so I followed a couple of guides from digitalOcean this & this to secure ningx with reverse proxy & ssl.
Now I can't access jenkins - I have a blog running in port 80 so did not want to redirect straight to jenkins as per the above guides so had to toy around.
Overall is not working and have changed the default
file so many times without success.
Already tried some solutions sol1, sol2 but no joy.
Not an expert on this matter hence reaching to you guys!
my /etc/nginx/sites-available/default
looks like this:
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
root /var/www/html
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name MYDOMAIN.com www.MYDOMAIN.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
}
}
server {
listen 443 ssl; # managed by Certbot
server_name jenkins.MYDOMAIN.com;
access_log /var/log/nginx/jenkins.access.log;
error_log /var/log/nginx/jenkins.error.log;
location /jenkins/ {
include /etc/nginx/proxy_params;
proxy_pass http://localhost:8080;
proxy_read_timeout 90s;
# Fix potential "It appears that your reverse proxy set up is broken" error.
proxy_redirect http://localhost:8080 https://jenkins.MYDOMAIN.com;
}
# listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/MYDOMAIN.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/MYDOMAIN.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
}
Jenkins is running:
$ ps aux | grep jenkins
jenkins 10876 0.0 0.4 45248 4640 ? Ss 14:45 0:00 /lib/systemd/systemd --user
jenkins 10879 0.0 0.1 143280 1952 ? S 14:45 0:00 (sd-pam)
jenkins 10888 0.0 0.0 18852 196 ? S 14:45 0:00 /usr/bin/daemon --name=jenkins --inherit --env=JENKINS_HOME=/var/lib/jenkins --output=/var/log/jenkins/jenkins.log --pidfile=/var/run/jenkins/jenkins.pid -- /usr/bin/java -Djava.awt.headless=true -jar /usr/share/jenkins/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080 --httpListenAddress=127.0.0.1
jenkins 10889 2.0 23.1 2278700 235076 ? Sl 14:45 0:28 /usr/bin/java -Djava.awt.headless=true -jar /usr/share/jenkins/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080 --httpListenAddress=127.0.0.1
alberto 11067 0.0 0.1 12944 1024 pts/0 S+ 15:08 0:00 grep --color=auto --exclude-dir=.bzr --exclude-dir=CVS --exclude-dir=.git --exclude-dir=.hg --exclude-dir=.svn jenkins
Logs:
cat /var/log/nginx/jenkins.error.log
2017/07/31 13:29:49 [error] 9874#9874: *7 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 13:29:58 [error] 9874#9874: *1 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 186.28.102.74, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "www.MYDOMAIN.com"
2017/07/31 13:30:03 [error] 9874#9874: *15 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 13:32:34 [error] 9874#9874: *25 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 186.28.102.74, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "www.MYDOMAIN.com"
2017/07/31 13:37:04 [error] 9924#9924: *1 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 13:37:15 [error] 9924#9924: *3 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 14:07:20 [error] 10299#10299: *14 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: jenkins.MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 14:07:57 [error] 10299#10299: *14 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: jenkins.MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
2017/07/31 14:09:43 [error] 10299#10299: *17 SSL_do_handshake() failed (SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol) while SSL handshaking to upstream, client: 81.159.112.19, server: jenkins.MYDOMAIN.com, request: "GET /jenkins/ HTTP/1.1", upstream: "https://127.0.0.1:8080/jenkins/", host: "MYDOMAIN.com"
thanks in advance!!!