Setting Up Jenkins with Reverse Proxy, Domain, and SSL Certification
"Hello, I'm Kiran Pawar, a passionate Cloud and Devops Engineer with a strong background in cloud automation, configuration, and deployment. My journey in the world of technology has been a thrilling adventure, where I've had the privilege to work with cutting-edge tools and practices.
๐ As a DevOps Engineer:
I specialize in automating, configuring, and deploying instances in cloud environments and data centers. My expertise extends to DevOps, GitOps, CI/CD pipeline management, HashiCorp Terraform, and containerization. I'm proficient in AWS and Linux/Unix administration, ensuring robust infrastructure and application performance.
๐ง My Tech Stack:
Front-end skills: HTML, CSS, SCSS, Tailwind CSS, Bootstrap, React, Material-UI, JavaScript DevOps toolbox: GIT, OWASP,Nexus,Trivy, Github, Gitlab, Terraform, Ansible, Docker, Kubernetes, Helm, Jenkins, Prometheus, Grafana, Argo CD, AWS EKS.
๐ My Cloud Expertise:
I have hands-on experience managing AWS services, including EC2, S3, EBS, VPC, ELB, RDS, IAM, Route53, and more.
๐ Networking and Security:
My skills include managing networking concepts such as TCP/IP protocols, security policies, and subnet interfacing. I have a strong understanding of infrastructure and networking, covering topics like firewalls, IP addressing, DNS, and more.
๐ก What Sets Me Apart:
I bring a positive attitude, a strong work ethic, and a collaborative spirit to every project. I'm a self-starter, a fast learner, and an effective team player with strong interpersonal skills. In addition to my DevOps skills, I've developed shell scripts (Bash) for automating tasks and have proficiency in Python scripting. My ability to communicate and manage projects, along with a track record of resolving client issues, adds value to every team I work with. If you're looking for a DevOps engineer who is also well-versed in front-end technologies, feel free to connect with me. Let's explore new possibilities and create exceptional technical solutions together!"
Introduction
Jenkins is a popular open-source automation server used for CI/CD pipelines. To enhance its security and accessibility, setting up a reverse proxy, assigning a domain, and securing it with an SSL certificate is essential. This guide will walk you through installing Jenkins, configuring Nginx as a reverse proxy, and applying an SSL certificate using Let's Encrypt.
Step 1: Install Jenkins
Jenkins requires Java to run. Install OpenJDK 17 and Jenkins on a Debian-based system using the following steps:
Install Java
sudo apt update -y
sudo apt install fontconfig openjdk-17-jre -y
Verify Java installation:
java -version
Install Jenkins
Follow the official Jenkins installation guide:
sudo wget -O /usr/share/keyrings/jenkins-keyring.asc \
https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key
echo "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc]" \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update -y
sudo apt-get install jenkins
Start Jenkins
sudo systemctl enable jenkins
sudo systemctl start jenkins
sudo systemctl status jenkins
Step 2: Install and Configure Nginx as a Reverse Proxy
Nginx is a high-performance web server that can serve as a reverse proxy for Jenkins.
Install Nginx
sudo apt install nginx -y
sudo service nginx start
sudo systemctl enable nginx
sudo systemctl status nginx
Verify the installation by entering your server's public IP in a browser. The default Nginx welcome page should appear.
Configure Nginx for Jenkins
Create a new Nginx server block configuration:
sudo vim /etc/nginx/sites-available/jenkins
Add the following configuration:
server {
listen 80;
server_name jenkins.example.com; # Replace with your domain
location / {
proxy_pass http://localhost:8080; # Jenkins is running on default port
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ /\. {
deny all;
}
}
Enable the configuration:
sudo ln -s /etc/nginx/sites-available/jenkins /etc/nginx/sites-enabled/
Test and Restart Nginx
sudo nginx -t
sudo systemctl restart nginx
Now, access Jenkins via http://jenkins.example.com.
Step 3: Apply SSL Certificate
To secure Jenkins with SSL, install Certbot and configure SSL.
Install Certbot
sudo apt install python3-certbot-nginx
certbot --version
Obtain and Apply SSL Certificate
Replace xyz.com with your actual domain:
certbot --nginx -d xyz.com
Follow the on-screen instructions to complete the SSL setup.
Renew SSL Certificate Automatically
sudo certbot renew --dry-run
Conclusion
By following this guide, you've successfully set up Jenkins with a reverse proxy, assigned a domain, and secured it with SSL certification. This setup enhances security and allows easy access to your Jenkins instance using a domain name with HTTPS.
For further reading, check out the official Jenkins documentation. Happy DevOps!