Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Refactor nginx and Apache2 HTTP proxy support.

* Both strategies are broken out into the `proxy_nginx` and
  `proxy_apache2` recipes. They will be activated when the attribute
  `jenkins/http_proxy/variant` is set to either `nginx` or `apache2`.
* The nginx family of attributes has been changed to
  `jenkins/http_proxy/*` so that they can work for both nginx and Apache2.
* The Apache2 support has been beefed up.
  • Loading branch information...
commit fe0f9808e324a528ccb3acf1129d38c8026a4538 1 parent d4ba923
@fnichol fnichol authored
View
20 README.rdoc
@@ -63,12 +63,12 @@ Where the jenkins_login recipe is simply:
* jenkins[:node][:ssh_private_key] - jenkins master defaults to: `~/.ssh/id_rsa` (created by the default recipe)
* jenkins[:node][:jvm_options] - SSH slave JVM options
* jenkins[:iptables_allow] - if iptables is enabled, add a rule passing 'jenkins[:server][:port]'
-* jenkins[:nginx][:proxy] - use nginx to proxy traffic to jenkins backend ("disable" by default)
-* jenkins[:nginx][:www_redirect] - add a redirect rule for 'www.*' URL requests ("disable" by default)
-* jenkins[:nginx][:listen_ports] - list of HTTP ports for nginx to listen on ([80] by default)
-* jenkins[:nginx][:host_name] - primary vhost name for nginx to respond to ("_" by default)
-* jenkins[:nginx][:host_aliases] - optional list of other host aliases to respond to (empty by default)
-* jenkins[:nginx][:client_max_body_size] - max client upload size ("1024m" by default)
+* jenkins[:nginx][:http_proxy][:variant] - use `nginx` or `apache2` to proxy traffic to jenkins backend (`nil` by default)
+* jenkins[:http_proxy][:www_redirect] - add a redirect rule for 'www.*' URL requests ("disable" by default)
+* jenkins[:http_proxy][:listen_ports] - list of HTTP ports for the HTTP proxy to listen on ([80] by default)
+* jenkins[:http_proxy][:host_name] - primary vhost name for the HTTP proxy to respond to (`node[:fqdn]` by default)
+* jenkins[:http_proxy][:host_aliases] - optional list of other host aliases to respond to (empty by default)
+* jenkins[:http_proxy][:client_max_body_size] - max client upload size ("1024m" by default, nginx only)
= USAGE:
@@ -96,6 +96,14 @@ Creates the home directory for the node slave and sets 'JENKINS_HOME' and 'JENKI
[2] http://wiki.jenkins-ci.org/display/JENKINS/Distributed+builds
[3] http://wiki.jenkins-ci.org/display/JENKINS/Installing+Jenkins+as+a+Windows+service
+== 'proxy_nginx' recipe
+
+Uses the nginx::source recipe from the nginx cookbook to install an HTTP frontend proxy. To automatically activate this recipe set the `node[:jenkins][:http_proxy][:variant]` to `nginx`.
+
+== 'proxy_apache2' recipe
+
+Uses the apache2 recipe from the apache2 cookbook to install an HTTP frontend proxy. To automatically activate this recipe set the `node[:jenkins][:http_proxy][:variant]` to `apache2`.
+
== 'jenkins_cli' resource provider
This resource can be used to execute the Jenkins cli from your recipes. For example, install plugins via update center and restart Jenkins:
View
14 attributes/default.rb
@@ -114,11 +114,9 @@
#jenkins master defaults to: "#{ENV['HOME']}/.ssh/id_rsa"
default[:jenkins][:node][:ssh_private_key] = nil
-default[:jenkins][:apache][:proxy] = "disable"
-
-default[:jenkins][:nginx][:proxy] = "disable"
-default[:jenkins][:nginx][:www_redirect] = "disable"
-default[:jenkins][:nginx][:listen_ports] = [ 80 ]
-default[:jenkins][:nginx][:host_name] = "_"
-default[:jenkins][:nginx][:host_aliases] = []
-default[:jenkins][:nginx][:client_max_body_size] = "1024m"
+default[:jenkins][:http_proxy][:variant] = nil
+default[:jenkins][:http_proxy][:www_redirect] = "disable"
+default[:jenkins][:http_proxy][:listen_ports] = [ 80 ]
+default[:jenkins][:http_proxy][:host_name] = nil
+default[:jenkins][:http_proxy][:host_aliases] = []
+default[:jenkins][:http_proxy][:client_max_body_size] = "1024m"
View
72 recipes/default.rb
@@ -218,72 +218,12 @@
end
end
-if node[:jenkins][:apache][:proxy] && node[:jenkins][:apache][:proxy] == "enable"
- include_recipe "apache2"
-
- package_provider = Chef::Provider::Package::Apt
- package "libapache2-mod-proxy-html"
-
- apache_module "proxy"
- apache_module "proxy_http"
-
- template "#{node[:apache][:dir]}/sites-available/jenkins" do
- source "apache_jenkins.erb"
- owner 'root'
- group 'root'
- mode '0644'
-
- if File.exists?("#{node[:apache][:dir]}/sites-enabled/jenkins")
- notifies :restart, 'service[apache2]'
- end
- end
-
- apache_site "jenkins" do
- if node[:jenkins][:apache][:proxy] &&
- node[:jenkins][:apache][:proxy] == "disable"
- enable false
- else
- enable true
- end
- end
-end
-
-if node[:jenkins][:nginx][:proxy] && node[:jenkins][:nginx][:proxy] == "enable"
- include_recipe "nginx::source"
-
- if node[:jenkins][:nginx][:www_redirect] &&
- node[:jenkins][:nginx][:www_redirect] == "disable"
- www_redirect = false
- else
- www_redirect = true
- end
-
- template "#{node[:nginx][:dir]}/sites-available/jenkins.conf" do
- source "nginx_jenkins.conf.erb"
- owner 'root'
- group 'root'
- mode '0644'
- variables(
- :host_name => node[:jenkins][:nginx][:host_name],
- :host_aliases => node[:jenkins][:nginx][:host_aliases],
- :listen_ports => node[:jenkins][:nginx][:listen_ports],
- :www_redirect => www_redirect,
- :max_upload_size => node[:jenkins][:nginx][:client_max_body_size]
- )
-
- if File.exists?("#{node[:nginx][:dir]}/sites-enabled/jenkins.conf")
- notifies :restart, 'service[nginx]'
- end
- end
-
- nginx_site "jenkins.conf" do
- if node[:jenkins][:nginx][:proxy] &&
- node[:jenkins][:nginx][:proxy] == "disable"
- enable false
- else
- enable true
- end
- end
+# Front Jenkins with an HTTP server
+case node[:jenkins][:http_proxy][:variant]
+when "nginx"
+ include_recipe "jenkins::proxy_nginx"
+when "apache2"
+ include_recipe "jenkins::proxy_apache2"
end
if platform?("redhat","centos","debian","ubuntu")
View
67 recipes/proxy_apache2.rb
@@ -0,0 +1,67 @@
+#
+# Cookbook Name:: jenkins
+# Recipe:: proxy_apache2
+#
+# Author:: Fletcher Nichol <fnichol@nichol.ca>
+#
+# Copyright 2011, Fletcher Nichol
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "apache2"
+
+package_provider = Chef::Provider::Package::Apt
+package "libapache2-mod-proxy-html"
+
+apache_module "proxy"
+apache_module "proxy_http"
+apache_module "vhost_alias"
+
+if node[:jenkins][:http_proxy][:www_redirect] == "enable"
+ www_redirect = true
+ apache_module "rewrite"
+else
+ www_redirect = false
+end
+
+host_name = node[:jenkins][:http_proxy][:host_name] || node[:fqdn]
+
+template "#{node[:apache][:dir]}/sites-available/jenkins" do
+ source "apache_jenkins.erb"
+ owner 'root'
+ group 'root'
+ mode '0644'
+ variables(
+ :host_name => host_name,
+ :host_aliases => node[:jenkins][:http_proxy][:host_aliases],
+ :listen_ports => node[:jenkins][:http_proxy][:listen_ports],
+ :www_redirect => www_redirect
+ )
+
+ if File.exists?("#{node[:apache][:dir]}/sites-enabled/jenkins")
+ notifies :restart, 'service[apache2]'
+ end
+end
+
+apache_site "000-default" do
+ enable false
+end
+
+apache_site "jenkins" do
+ if node[:jenkins][:http_proxy][:variant] == "apache2"
+ enable true
+ else
+ enable false
+ end
+end
View
56 recipes/proxy_nginx.rb
@@ -0,0 +1,56 @@
+#
+# Cookbook Name:: jenkins
+# Recipe:: proxy_nginx
+#
+# Author:: Fletcher Nichol <fnichol@nichol.ca>
+#
+# Copyright 2011, Fletcher Nichol
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "nginx::source"
+
+if node[:jenkins][:http_proxy][:www_redirect] == "enable"
+ www_redirect = true
+else
+ www_redirect = false
+end
+
+host_name = node[:jenkins][:http_proxy][:host_name] || node[:fqdn]
+
+template "#{node[:nginx][:dir]}/sites-available/jenkins.conf" do
+ source "nginx_jenkins.conf.erb"
+ owner 'root'
+ group 'root'
+ mode '0644'
+ variables(
+ :host_name => host_name,
+ :host_aliases => node[:jenkins][:http_proxy][:host_aliases],
+ :listen_ports => node[:jenkins][:http_proxy][:listen_ports],
+ :www_redirect => www_redirect,
+ :max_upload_size => node[:jenkins][:http_proxy][:client_max_body_size]
+ )
+
+ if File.exists?("#{node[:nginx][:dir]}/sites-enabled/jenkins.conf")
+ notifies :restart, 'service[nginx]'
+ end
+end
+
+nginx_site "jenkins.conf" do
+ if node[:jenkins][:http_proxy][:variant] == "nginx"
+ enable true
+ else
+ enable false
+ end
+end
View
25 templates/default/apache_jenkins.erb
@@ -1,13 +1,32 @@
+<% if @www_redirect -%>
<VirtualHost *:80>
- ProxyPass / http://localhost:8080/
- ProxyPassReverse / http://localhost:8080/
+ ServerName www.<%= @host_name %>
+<% @host_aliases.each do |a| -%>
+ ServerAlias www.<%= a %>
+<% end -%>
+
+ RewriteEngine On
+ RewriteCond %{HTTP_HOST} ^www.<%= @host_name %>$ [NC]
+ RewriteRule ^/(.*)$ http://<%= @host_name %>/$1 [R=301,L]
+</VirtualHost>
+
+<% end -%>
+<VirtualHost *:80>
+ ServerName <%= @host_name %>
ProxyRequests Off
+<% @host_aliases.each do |a| -%>
+ ServerAlias <%= a %>
+<% end -%>
# Local reverse proxy authorization override
# Most unix distribution deny proxy by default
# (ie /etc/apache2/mods-enabled/proxy.conf in Ubuntu)
- <Proxy http://localhost:8080/*>
+ <Proxy http://localhost:<%= node[:jenkins][:server][:port] %>/*>
Order deny,allow
Allow from all
</Proxy>
+
+ ProxyPreserveHost on
+ ProxyPass / http://localhost:<%= node[:jenkins][:server][:port] %>/
+ ProxyPassReverse / http://localhost:<%= node[:jenkins][:server][:port] %>/
</VirtualHost>
Please sign in to comment.
Something went wrong with that request. Please try again.