Dockerised Jenkins with SSL support using Nginx and Let's Encrypt
Docker and docker-compose:
Your domain example.com needs to be publicly resolvable and accessible from the internet.
Modify the domain and e-mail address inside the docker-compose.yml:
# Used by `nginx-proxy` to automatically proxy the traffic to the `nginx` docker
VIRTUAL_HOST: example.com
# Used by `letsencrypt-nginx-proxy-companion` to generate SSL certificates
LETSENCRYPT_HOST: example.com
LETSENCRYPT_EMAIL: [email protected]
Bring up the services:
docker-compose up
Access your jenkins on: https://example.com Note that on the first run it could take few minutes to initialise the Let's Encrypt.
For development purposes, you could run boulder, the CA server behind Let's Encrypt: https://letsencrypt.readthedocs.io/en/latest/contributing.html#integration-testing-with-the-boulder-ca
Alternatively you can use ngrok.io. Their free service is sufficient to test this example.
- Register with https://ngrok.io and download
ngrokapp - Run locally
ngrok http 80and noteyoursubdomain.grok.io - Replace
example.cominsidedocker-compose.ymlwithyoursubdomain.ngrok.ioand[email protected]with your e-mail address - Add to your
/etc/hoststhe mapping to the ngrok domain:127.0.0.1 yoursubdomain.ngrok.io. You need this step, otherwise your call to this domain will be routed through ngrok.io. - Run
docker-compose up
What happens after running this example is the following:
- Let's encrypt will generate new certificate
- It will call
yoursubdomain.ngrok.io/.well-known/acme-challengewhich will be redirected to our localhost, courtesy of ngrok.io You can confirm this behaviour when checking: http://localhost:4040/inspect/http - Navigate to
https://yoursubdomain.ngrok.ioand setup your Jenkins.
References: