ansible-jenkins-php-v1/roles/jenkins-php-v1/templates/nginx-vhost.j2


{% if (nginx_vhost_ssl is defined and nginx_vhost_ssl) %}

# The HTTP is a simple redirect to the HTTPS part
server {
  listen 80;       # Listen on port 80 for IPv4 requests
  listen [::]:80;
  server_name {{ nginx_vhost_main_hostname }} {{ nginx_vhost_resource_hostname }};
  rewrite ^ https://$http_host$request_uri? permanent;    # force redirect http to https
  server_tokens off;
}

server {
  listen 443;
  listen [::]:443;

  ssl on;
  ssl_certificate {{ nginx_vhost_ssl_certificate_file }};
  ssl_certificate_key {{ nginx_vhost_ssl_key_file }};
  ssl_session_timeout 5m;
  ssl_session_cache shared:SSL:5m;

  #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
  server_tokens off;

{% else %}
# Plain HTTP
server {
  listen 80;       # Listen on port 80 for IPv4 requests
  listen [::]:80;
{% endif %}

  server_name {{ nginx_vhost_main_hostname }} {{ nginx_vhost_resource_hostname }};

  #this is the jenkins web root directory (mentioned in the /etc/default/jenkins file)
  root            /var/cache/jenkins/war/;

  access_log      /var/log/nginx/jenkins-access.log;
  error_log       /var/log/nginx/jenkins-error.log;
  ignore_invalid_headers off; #pass through headers from Jenkins which are considered invalid by Nginx server.

  location ~ "^/static/[0-9a-fA-F]{8}\/(.*)$" {
    #rewrite all static files into requests to the root
    #E.g /static/12345678/css/something.css will become /css/something.css
    rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;
  }

  location /userContent {
    #have nginx handle all the static requests to the userContent folder files
    #note : This is the $JENKINS_HOME dir
    root /var/lib/jenkins/;
    if (!-f $request_filename){
      #this file does not exist, might be a directory or a /**view** url
      rewrite (.*) /$1 last;
        break;
    }
    sendfile on;
  }

  location / {
    sendfile off;
    proxy_pass         http://127.0.0.1:8080;
    proxy_redirect     default;
    proxy_http_version 1.1;

    proxy_set_header   Host              $host;
    proxy_set_header   X-Real-IP         $remote_addr;
    proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_max_temp_file_size 0;

    #this is the maximum upload size
    client_max_body_size       10m;
    client_body_buffer_size    128k;

    proxy_connect_timeout      90;
    proxy_send_timeout         90;
    proxy_read_timeout         90;
    proxy_buffering            off;
    proxy_request_buffering    off; # Required for HTTP CLI commands in Jenkins > 2.54
    proxy_set_header Connection ""; # Clear for keepalive
  }

}
First functional nginx version 2020-01-18 01:04:37 +01:00
			`{% if (nginx_vhost_ssl is defined and nginx_vhost_ssl) %}`

			`# The HTTP is a simple redirect to the HTTPS part`
			`server {`
			`listen 80; # Listen on port 80 for IPv4 requests`
			`listen [::]:80;`
			`server_name {{ nginx_vhost_main_hostname }} {{ nginx_vhost_resource_hostname }};`
			`rewrite ^ https://$http_host$request_uri? permanent; # force redirect http to https`
			`server_tokens off;`
			`}`

			`server {`
			`listen 443;`
			`listen [::]:443;`

			`ssl on;`
			`ssl_certificate {{ nginx_vhost_ssl_certificate_file }};`
			`ssl_certificate_key {{ nginx_vhost_ssl_key_file }};`
			`ssl_session_timeout 5m;`
			`ssl_session_cache shared:SSL:5m;`

			`#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";`
			`server_tokens off;`

			`{% else %}`
			`# Plain HTTP`
			`server {`
			`listen 80; # Listen on port 80 for IPv4 requests`
			`listen [::]:80;`
			`{% endif %}`

			`server_name {{ nginx_vhost_main_hostname }} {{ nginx_vhost_resource_hostname }};`

			`#this is the jenkins web root directory (mentioned in the /etc/default/jenkins file)`
			`root /var/cache/jenkins/war/;`

			`access_log /var/log/nginx/jenkins-access.log;`
			`error_log /var/log/nginx/jenkins-error.log;`
			`ignore_invalid_headers off; #pass through headers from Jenkins which are considered invalid by Nginx server.`

			`location ~ "^/static/[0-9a-fA-F]{8}\/(.*)$" {`
			`#rewrite all static files into requests to the root`
			`#E.g /static/12345678/css/something.css will become /css/something.css`
			`rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;`
			`}`

			`location /userContent {`
			`#have nginx handle all the static requests to the userContent folder files`
			`#note : This is the $JENKINS_HOME dir`
			`root /var/lib/jenkins/;`
			`if (!-f $request_filename){`
			`#this file does not exist, might be a directory or a /view url`
			`rewrite (.*) /$1 last;`
			`break;`
			`}`
			`sendfile on;`
			`}`

			`location / {`
			`sendfile off;`
			`proxy_pass http://127.0.0.1:8080;`
			`proxy_redirect default;`
			`proxy_http_version 1.1;`

			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`
			`proxy_max_temp_file_size 0;`

			`#this is the maximum upload size`
			`client_max_body_size 10m;`
			`client_body_buffer_size 128k;`

			`proxy_connect_timeout 90;`
			`proxy_send_timeout 90;`
			`proxy_read_timeout 90;`
			`proxy_buffering off;`
			`proxy_request_buffering off; # Required for HTTP CLI commands in Jenkins > 2.54`
			`proxy_set_header Connection ""; # Clear for keepalive`
			`}`

			`}`