How to configure Jenkins to run on port 80

Question

I\'m running Ubuntu 11.10 and have run sudo apt-get install jenkins to install Jenkins on this system.

I\'ve seen some tutorials on how to setup a rever

Answer 1

Since I used docker. You can use it to run jenkins on port 80, hereafter a snippet of my script:

JENKINS_PORT=80
JENKINS_HOME=/home/jenkins
/usr/bin/docker run -d -p $JENKINS_PORT:8080 -v $JENKINS_HOME jenkins

Answer 2

Give a try to 'authbind':

sudo apt-get install authbind
sudo touch /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80 
sudo chown jenkins /etc/authbind/byport/80

Then modify the script above to have (add authbind before the $JAVA_HOME/bin/java part):

exec daemon --name=jenkins --inherit --output=$JENKINS_LOG/jenkins.log \
--user=$USER -- authbind $JAVA_HOME/bin/java $JAVA_OPTS \
-jar $JENKINS_ROOT/jenkins.war $JENKINS_ARGS \
--preferredClassLoader=java.net.URLClassLoader

For newer Jenkins installations (1.598) on newer Ubuntu installations (14.04) edit /etc/init.d/jenkins and add authbind before $JAVA

$SU -l $JENKINS_USER --shell=/bin/bash -c "$DAEMON $DAEMON_ARGS -- authbind $JAVA $JAVA_ARGS -jar $JENKINS_WAR $JENKINS_ARGS" || return 2

As mentioned by Alan (see comment below) if you need IPv6 and your system is lower than Quantal you can instead of using apt-get to install authbind download a higher version. Make sure you have libc6 and libc6-udeb installed. Here is authbind version 2.1.1 from Ubuntu:

• amd64
• i386

Then execute:

sudo dpkg -i authbind_2.1.1_amd64.deb
# or sudo dpkg -i authbind_2.1.1_i386.deb

sudo touch /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80 
sudo chown jenkins /etc/authbind/byport/80

Answer 3

I'd suggest using apache and mod_proxy. This is what I do, and my vhost config looks kinda like this (I also redirect for SSL but you can omit that):

<VirtualHost *:443>
ServerAdmin webmaster@example.com
ServerName ci.example.com

ProxyRequests Off
<Proxy *>
    Order deny,allow
    Allow from all
</Proxy>
ProxyPreservehost on
ProxyPass / http://localhost:8080/

Header edit Location ^http://ci.example.com/ https://ci.example.com/

SSLEngine on
SSLCertificateFile /etc/apache2/keys/apache.pem
</VirtualHost>

Answer 4

In Ubuntu 16.04, this wiki explains how to do it.

sudo nano /etc/rc.local

Then add the following just before the exit 0

#Requests from outside
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
#Requests from localhost
iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 80 -j REDIRECT --to-ports 8080

Now reboot or run sudo /etc/rc.local to enable port forwarding

Answer 5

Another solution is to simply use iptables to reroute incoming traffic from 80 to 8080. The rules would look like:

-A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

Reformatted as an iptables.rules file:

*filter
:INPUT ACCEPT [100:100000]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [95:9000]
-A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
COMMIT

*nat
-A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
COMMIT

The advantage of a iptable.rules file is the rules can persist after reboots. Just make sure to integrate any other current iptable rules into the same file!

On Redhat/CentOS this file can go in /etc/sysconfig/iptables.

On Debian/Ubuntu systems they can be saved in /etc/iptables/rules.v4 by using the iptables-persistent package. Or the iptable.rules can be called by modifying /etc/network/interfaces or hooking into if-up/if-down scripts. The Ubuntu Community wiki has a great page explaining these methods.

As is usually the case with networking, there's a lot of different ways to accomplish the same result. Use what works best for you!

Answer 6

You can achieve this using the following methods.

1. An IP table forwarding rule.
2. Using a reverse proxy like Nginx.
3. Running Jenkins behind a load balancer.

Method 1: Running Jenkins On 80 Using IP Table Forwarding Rule

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080

Now, you should save these rules so that it will persist even after an IPtable or a system restart.

For Redhat based systems, run the following.

sudo iptables-save > /etc/sysconfig/iptables

For Debian based systems, execute the following command.

sudo sh -c "iptables-save > /etc/iptables.rules"

Now if you access Jenkins on port 80, IP table will automatically forward the requests to 8080.

Method 2: Running Jenkins Behind Nginx Reverse Proxy

Step1: Install Nginx

sudo yum install nginx

Step 2: Open the Nginx configuration file.

sudo vi /etc/nginx/nginx.conf

Step 3: Find the following snippet in the nginx.conf file.

location / {
}

Step 4: Add the following lines between the curly braces.

proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

Step 5: Execute the SELinux command for the Nginx reverse proxy.

sudo setsebool httpd_can_network_connect 1 -P

Step 6: Restart the Nginx server.

sudo systemctl restart nginx

Now if you will be able to access Jenkins on port 80.

Method 3: Jenkins Behind A Load Balancer

Adding a load balancer will add extra cost to the Jenkins setup. If you are on a cloud, you can opt for a cloud-specific load balancer which will send all its port 80 traffic to backend Jenkins 8080 port.