OpenSpeak.net

At the end of this lesson you will have a platform on which to build the interface to our web services. The web services created in later lessons reside on a private network and are inaccessible from the internet. This separation adds a layer of security as your web services are not directly exposed to the internet.

We will install a web server (nginx) on our master machine. This web server acts as the graphical, web-based window into our private network of services (Jenkins, Gogs, etc.).

On Master

sudo apt-get install nginx

From your Admin machine, point your browser to http://master and you should see the nginx welcome page.

We are about to make configuration changes to nginx to reference our Gogs and Jenkins instances. These configuration changes will be handy in later lessons once those services are installed and configured.

On Master

sudo vi /etc/nginx/sites-available/master

Add the following content to the file, save and close:

master

server {
        server_name master;
 
        listen 80 default_server;
        listen [::]:80 default_server;
 
        # SSL configuration
        #
        listen 443 ssl default_server;
        listen [::]:443 ssl default_server;
 
        ssl_certificate /etc/nginx/certs/nginx.crt;
        ssl_certificate_key /etc/nginx/certs/nginx.key;
 
        root /var/www/html;
 
        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;
 
        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }
 
    location /gogs/ {
        proxy_pass http://localhost:3000/;
    }
 
    location ^~ /jenkins/ {
 
        # Convert inbound WAN requests for https://domain.tld/jenkins/ to 
        # local network requests for http://10.0.0.100:8080/jenkins/
        proxy_pass http://localhost:8080/jenkins/;
 
        # Rewrite HTTPS requests from WAN to HTTP requests on LAN
        proxy_redirect http:// https://;
 
        # The following settings from https://wiki.jenkins-ci.org/display/JENKINS/Running+Hudson+behind+Nginx
        sendfile off;
 
        proxy_set_header   Host             $host:$server_port;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_max_temp_file_size 0;
 
        #this is the maximum upload size
        client_max_body_size       10m;
        client_body_buffer_size    128k;
 
        proxy_connect_timeout      90;
        proxy_send_timeout         90;
        proxy_read_timeout         90;
 
        proxy_buffer_size          4k;
        proxy_buffers              4 32k;
        proxy_busy_buffers_size    64k;
        proxy_temp_file_write_size 64k;
    }
 
}

Enable the new site configuration

sudo ln -s /etc/nginx/sites-available/master /etc/nginx/sites-enabled/master

Restart the nginx service

sudo service nginx restart

Visit the web and application sites at:

• http://master/
• http://master/gogs
• http://master/jenkins

Since Gogs and Jenkins are not yet installed, expect an error when accessing those URLs.

Congratulations! You completed this lesson.