如何让 Jenkins 使用 Nginx、Gunicorn 在端口 8080 上显示？

Question

我正在尝试设置 Jenkins，以便可以在 an existing website 上设置管道，但 Jenkins 没有出现在端口 8080 上。

我的项目网站已经建立并运行了几个月。我在 AWS EC2 实例上使用 Nginx、Gunicorn、Ubuntu 20.04 和 Django。我现在正在尝试建立一个包含测试/beta 环境的管道。根据 AWS 教程，这需要 Jenkins。我关注了the example from Digital Ocean 和this example from Digital Ocean。

当我尝试 URL https://theafricankinshipreunion.com:8080/ 时，它说无法访问该站点。当我尝试使用 URL https://theafricankinshipreunion.com（没有端口）时，它会将我带到 Unlock Jenkins 页面。在我从sudo cat /var/lib/jenkins/secrets/initialAdminPassword 输入密码后，网络浏览器只是进入一个空白页面。看页面源码，这个页面是Setup Wizard[Jenkins]页面，但是显示是空白的。

sudo systemctl status jenkins 的结果是active。 sudo ufw status 端口 8080 的结果是 ALLOW。在 AWS 上，EC2 入站规则包括端口 8080 TCP 0.0.0.0/0 和 ::/0。所以看来8080端口不错。检查端口使用情况，netstat -nlp | grep 8080 导致 tcp6 0 0 127.0.0.1:8080 :::* LISTEN -。我杀死了进程并重新启动了 nginx、gunicorn 和 jenkins。结果相同：8080 端口的域无法连接，但域转到 Unlock Jenkins 页面。

我确实查找了其他帮助页面，例如 the reverse proxy page from Jenkins，但我不确定如何将其集成到我当前的设置中。非常感谢您的帮助。

我的/etc/nginx/sites-available/myproject文件如下：

server {
listen 80;
server_name 3.131.27.142;

location = /favicon.ico { access_log off; log_not_found off; }

location /static/ {
    root /home/ubuntu/myprojectdir;
}

location /media/ {
    root /home/ubuntu/myprojectdir;
}

location / {
    include proxy_params;
    proxy_pass http://unix:/run/gunicorn.sock;
    proxy_connect_timeout 300s;
    proxy_read_timeout 300s;
}
}

server {
server_name theafricankinshipreunion.com www.theafricankinshipreunion.com;

location = /favicon.ico { access_log off; log_not_found off; }

location /static/ {
    root /home/ubuntu/myprojectdir;
}

location /media/ {
    root /home/ubuntu/myprojectdir;
}

location / {
    include /etc/nginx/proxy_params;
    # proxy_pass http://unix:/run/gunicorn.sock;
    proxy_pass http://localhost:8080;
    proxy_connect_timeout 300s;
    proxy_read_timeout 300s;
    proxy_redirect http://localhost:8080 https://theafricankinshipreunion.com;
}

# SSL Configuration
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/theafricankinshipreunion.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/theafricankinshipreunion.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
access_log            /var/log/nginx/jenkins.access.log;
error_log             /var/log/nginx/jenkins.error.log;


}

# skipped lines show similar blocks for other domains

server {
if ($host = www.theafricankinshipreunion.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot


if ($host = theafricankinshipreunion.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot


listen 80;
server_name theafricankinshipreunion.com www.theafricankinshipreunion.com;
return 404; # managed by Certbot

}

而我的/etc/default/jenkins 文件如下（根据 DigitalOcean 的说明添加了最后一行：

# defaults for Jenkins automation server

# pulled in from the init script; makes things easier.
NAME=jenkins

# arguments to pass to java

# Allow graphs etc. to work even when an X server is present
JAVA_ARGS="-Djava.awt.headless=true"

#JAVA_ARGS="-Xmx256m"

# make jenkins listen on IPv4 address
#JAVA_ARGS="-Djava.net.preferIPv4Stack=true"

PIDFILE=/var/run/$NAME/$NAME.pid

# user and group to be invoked as (default to jenkins)
JENKINS_USER=$NAME
JENKINS_GROUP=$NAME

# location of the jenkins war file
JENKINS_WAR=/usr/share/$NAME/$NAME.war

# jenkins home location
JENKINS_HOME=/var/lib/$NAME

# set this to false if you don't want Jenkins to run by itself
# in this set up, you are expected to provide a servlet container
# to host jenkins.
RUN_STANDALONE=true

# log location.  this may be a syslog facility.priority
JENKINS_LOG=/var/log/$NAME/$NAME.log
#JENKINS_LOG=daemon.info

# Whether to enable web access logging or not.
# Set to "yes" to enable logging to /var/log/$NAME/access_log
JENKINS_ENABLE_ACCESS_LOG="no"

# OS LIMITS SETUP
#   comment this out to observe /etc/security/limits.conf
#   this is on by default because http://github.com/jenkinsci/jenkins/commit/2fb288474e980d0e7ff9c4a3b768874835a3e92e
#   reported that Ubuntu's PAM configuration doesn't include pam_limits.so, and as a result the # of file
#   descriptors are forced to 1024 regardless of /etc/security/limits.conf
MAXOPENFILES=8192

# set the umask to control permission bits of files that Jenkins creates.
#   027 makes files read-only for group and inaccessible for others, which some security sensitive users
#   might consider benefitial, especially if Jenkins runs in a box that's used for multiple purposes.
#   Beware that 027 permission would interfere with sudo scripts that run on the master (JENKINS-25065.)
#
#   Note also that the particularly sensitive part of $JENKINS_HOME (such as credentials) are always
#   written without 'others' access. So the umask values only affect job configuration, build records,
#   that sort of things.
#
#   If commented out, the value from the OS is inherited,  which is normally 022 (as of Ubuntu 12.04,
#   by default umask comes from pam_umask(8) and /etc/login.defs

# UMASK=027

# port for HTTP connector (default 8080; disable with -1)
HTTP_PORT=8080


# servlet context, important if you want to use apache proxying
PREFIX=/$NAME

# arguments to pass to jenkins.
# --javahome=$JAVA_HOME
# --httpListenAddress=$HTTP_HOST (default 0.0.0.0)
# --httpPort=$HTTP_PORT (default 8080; disable with -1)
# --httpsPort=$HTTP_PORT
# --argumentsRealm.passwd.$ADMIN_USER=[password]
# --argumentsRealm.roles.$ADMIN_USER=admin
# --webroot=~/.jenkins/war
# --prefix=$PREFIX

JENKINS_ARGS="--webroot=/var/cache/$NAME/war --httpPort=$HTTP_PORT --httpListenAddress=127.0.0.1"

Answer 1

运行jenkins时使用以下命令更改端口

java -jar jenkins.war --httpPort=9090

如果您想使用 https，请使用以下命令：

java -jar jenkins.war --httpsPort=9090