This guide assumes that you have Jenkins installed and configured to run on http://example.com:8080.
If you do not yet have Jenkins installed, you can follow this link to install Jenkins on Ubuntu 18.04
From your Jenkins dashboard, navigate to Manage Jenkins > Configure System. Here you will find the Jenkins URL field. Be sure to set this to your new subdomain, ie. https://jenkins.example.com/
We need to create the nginx server block for the subdomain:
# Create the server block
$ sudo nano /etc/nginx/sites-available/jenkins.example.com
Add the following to the file, replacing the server_name and ssl certificate keys where applicable:
upstream jenkins {
server 127.0.0.1:8080 fail_timeout=0;
}
server {
listen 80;
server_name jenkins.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name jenkins.example.com;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://jenkins;
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off;
add_header 'X-SSH-Endpoint' 'jenkins.example.com:50022' always;
}
}
Enable the Server Block and restart Nginx:
# Create the server block symlink
$ sudo ln -s /etc/nginx/sites-available/jenkins.example.com /etc/nginx/sites-enabled/
# Test for nginx config errors
$ sudo nginx -t
# Restart nginx
$ sudo systemctl restart nginx
By default Jenkins runs on port 8080 of your domain. You can prevent access to Jenkins via http://example.com:8080 by disabling the port in the firewall:
# Block access to port 8080 in the firewall
$ sudo ufw deny 8080
# Check that the port was successfully blocked
$ sudo ufw status