目录
项目场景:
nginx 1.12.2,jenkins 2.357,jenkins访问链接:jenkins.com:8080
需求是配置二级路径访问jenkins,如http://100.76.74.11/jenkins
原nginx配置
#Jenkins
location ^~ /jenkins/ {
proxy_pass http://jenkins.com:8080/;
# Required for Jenkins websocket agents
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
问题一:
访问jenkins.com:8080过程中,某些页面会跳至jenkins.com,导致不能访问
因为没有配置80端口,导致不能访问。
解决方案:配置反向代理
暂时查不到为什么会跳到jenkins.com,就配置jenkins.com反向代理到http://jenkins.com:8080,这样80和8080都可以访问。
server {
listen 80;
server_name jenkins.com;
location / {
proxy_pass http://jenkins.com:8080;
}
}
再把二级目录代理到jenkins.com,修改配置
server {
listen 80 default_server;
#首页,有其他配置,不能动。
location / {
proxy_pass http://xxx;
}
#Jenkins
location ^~ /jenkins/ {
proxy_pass http://jenkins.com/;
# Required for Jenkins websocket agents
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
server {
listen 80;
server_name jenkins.com;
location / {
proxy_pass http://jenkins.com:8080;
}
}
问题二:
二级路径访问404
http://100.76.74.11/jenkins访问会404,跳到http://100.76.74.11/login?from=%2F
测试http://100.76.74.11/jenkins/login?from=%2F是可以访问的。
解决方案:配置rewrite重写
观察到请求都是Referer: http://100.76.74.11/jenkins/
#referer来自100.76.74.11/jenkins的请求,且没有/jenkins路径的,转跳到/jenkins
#referer来自100.76.74.11/jenkins的请求,且没有/jenkins路径的,转跳到/jenkins
set $test1 "";
if ($http_referer ~* "100.76.74.11/jenkins") {
set $test1 "Y";
}
if ($uri !~* ^/jenkins){
set $test1 "${test1}Y";
}
if ($test1 = "YY"){
rewrite ^/(.*)$ http://100.76.74.11/jenkins/$1 last;
}
转跳是成功的,可以访问了。
问题三:
nginx将POST请求重定向后变成了GET请求
http反馈状态是405
解决方案:取消POST的重写,直接反向代理到后端
只有部分post请求改成get请求后405,单独把这部分url取消重写,再代理到后端。
#url取消重写
#Proxy|check|render是POST请求不转跳,用proxy_pass代理到后端。
if ($uri ~* (.*)(Proxy|check|render|queue|doDelete)(.*)$){
set $test1 "POST";
}
#把这部分url代理到后端
location ~* (.*)(Proxy|check|render|queue|doDelete)(.*)$ {
if ($http_referer ~* "100.76.74.11/jenkins") {
proxy_pass http://jenkins.com;
}
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
POST请求就成功了。
最终nginx配置
# Required for Jenkins websocket agents
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80 default_server;
#首页,有其他配置,不能动。
location / {
proxy_pass http://xxx;
}
#Jenkins
location ^~ /jenkins/ {
proxy_pass http://jenkins.com/;
# Required for Jenkins websocket agents
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~* (.*)(Proxy|check|render|queue|doDelete)(.*)$ {
if ($http_referer ~* "100.76.74.11/jenkins") {
proxy_pass http://jenkins.com;
}
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#referer来自100.76.74.11/jenkins的请求,且没有/jenkins路径的,转跳到/jenkins
set $test1 "";
if ($http_referer ~* "100.76.74.11/jenkins") {
set $test1 "Y";
}
if ($uri !~* ^/jenkins){
set $test1 "${test1}Y";
}
#Proxy|check|render是POST请求不转跳,用proxy_pass代理到后端。
if ($uri ~* (.*)(Proxy|check|render|queue|doDelete)(.*)$){
set $test1 "POST";
}
if ($test1 = "YY"){
rewrite ^/(.*)$ http://100.76.74.11/jenkins/$1 last;
}
server {
listen 80;
server_name jenkins.com;
location / {
proxy_pass http://jenkins.com:8080;
}
}
最后:
看了下网上大佬的方法
1、我没成功,大家可以研究试试
error_page 405 =200 @405;
location @405 {
proxy_method POST;
proxy_pass http://static_backend;
2、我也没成功,大家可以研究试试
return 307 http://xxx.xxx.com$request_uri;
3、通过修改 jenkins.xml 配置文件并将 --prefix=/jenkins 添加到 条目来设置上下文路径。
可以考虑,但我的需求是不改动jenkins,所以不合适我的环境。
附一些nginx匹配和重写的知识,可以参考
https://blog.csdn.net/weixin_48404074/article/details/121317859