How to configure Jenkins to run on port 80
I'm running Ubuntu 11.10 and have run sudo apt-get install jenkins to install Jenkins on this system.
I've seen some tutorials on how to setup a reverse proxy (Apache, Nginx, etc), however this is a VM dedicated for just jenkins and I'd like keep it as lean as possible while having jenkins running on port 80.
I've found the upstart config in /etc/init/jenkins.conf and modified the port to 80 env HTTP_PORT=80
When I start jenkins via service jenkins start, ps reveals that it runs for a few seconds then terminates.
Is this because jenkins is running as the jenkins user on a privileged port? If so, how do I fix this? Any other ideas a welcome.
Here is the upstart config:
description "jenkins: Jenkins Continuous Integration Server"
author "James Page <[email protected]>"
start on (local-filesystems and net-device-up IFACE!=lo)
stop on runlevel [!2345]
env USER="jenkins"
env GROUP="jenkins"
env JENKINS_LOG="/var/log/jenkins"
env JENKINS_ROOT="/usr/share/jenkins"
env JENKINS_HOME="/var/lib/jenkins"
env JENKINS_RUN="/var/run/jenkins"
env HTTP_PORT=80
env AJP_PORT=-1
env JAVA_OPTS=""
env JAVA_HOME="/usr/lib/jvm/default-java"
limit nofile 8192 8192
pre-start script
test -f $JENKINS_ROOT/jenkins.war || { stop ; exit 0; }
$JENKINS_ROOT/bin/maintain-plugins.sh
mkdir $JENKINS_RUN > /dev/null 2>&1 || true
chown -R $USER:$GROUP $JENKINS_RUN || true
end script
script
JENKINS_ARGS="--webroot=$JENKINS_RUN/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT"
exec daemon --name=jenkins --inherit --output=$JENKINS_LOG/jenkins.log --user=$USER \
-- $JAVA_HOME/bin/java $JAVA_OPTS -jar $JENKINS_ROOT/jenkins.war $JENKINS_ARGS \
--preferredClassLoader=java.net.URLClassLoader
end script
Answer
Another solution is to simply use iptables to reroute incoming traffic from 80 to 8080. The rules would look like:
-A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
Reformatted as an iptables.rules file:
*filter
:INPUT ACCEPT [100:100000]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [95:9000]
-A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
COMMIT
*nat
-A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
COMMIT
The advantage of a iptable.rules file is the rules can persist after reboots. Just make sure to integrate any other current iptable rules into the same file!
On Redhat/CentOS this file can go in /etc/sysconfig/iptables.
On Debian/Ubuntu systems they can be saved in /etc/iptables/rules.v4 by using the iptables-persistent package. Or the iptable.rules can be called by modifying /etc/network/interfaces or hooking into if-up/if-down scripts. The Ubuntu Community wiki has a great page explaining these methods.
As is usually the case with networking, there's a lot of different ways to accomplish the same result. Use what works best for you!