I'm just getting started with Jenkins: I installed it on my VPS, I linked it to a sub-domain I own (ci.example.com) and I can correctly log in and do whatever I need to do.
Question: I don't like the login page to be publicly accessible, how can I make it accessible only from specific IP addresses or hide it behind VPN?
This is more or less a duplicate of
Make Jenkins invisible to remote users
... and there is an answer, too!
In short:
--httpListenAddress=127.0.0.1
(e.g. in Debian, add it to /etc/default/jenkins )
Related
I am using the latest docker image for jenkins (jenkins/jenkins:lts JENKINS_VERSION 2.208). I have started the container, configured jenkins and can manually build against a public repo. However, on my github account I have 2FA, which must remain. I have created a personal access token in Github, and used this in my jenkins config for github server section. I have validated that the connection is working by pressing the test connection link (I added secret text that used my personal access token from github):
In Github, I have wekhook settings with the IP address for where jenkins is hosted (the IP for the docker container) follwed by github-webhook (I have also tried using a dns mapped address for jenkins as well, e.g., http://jenkins-local/github-webhook), content type is application/json:.
I have github polling enabled in jenkins as well, however, it does not work on push requests to the repo. I see failure logs in Github within the webhooks section, this increases each time I make a push (the request keeps failing). I have searched wide across the internet and found documentation of suggestions on what to do, including this link here: securing your webhooks, but nothing is giving me the desired polling effect when a push is initiated and a build triggered. So my question is, is it possible to use 2FA and github webhooks? If it is possible, then what are the exact steps to do it?
If you have 2FA enabled, you cannot authenticate with a login/pass from your tools anymore. You need to create a token that you will use in place of your password.
The official documentation should get you there in almost no time.
In the end the solution was to download ngrok. The IP address that the I had previously tried and the dns mapped address were not publicly available. I tried using my public ip address as well, but that also didn't work. In the end, downloading ngrok gave me a publicly accessible ip address (the address will look like the following: http://1212344a.ngrok.io). If you also plan to use ngrok then ensure that when you start it from the command line/terminal that you also pass the same port for the application that is running locally, if one is required. Next, in github - settings - webhooks set the payload url to the url that ngrok provides in the terminal output, but also append /github-webhook/ on to the end of the address to complete the payload url (in my case this was http://1212344a.ngrok.io/github-webhook/ as the full payload url).
I want to do automatic build in Jenkins when code gets pushed into the Gitlab.
For the same doing webhooks configuration in Gitlab, but getting error :
Url is blocked: Requests to the local network are not allowed.
Even not able to do the activity mentioned in the image :
I am not able to go to the admin area.
if you have the gitlab server locally
from doc
This behavior can be overridden by enabling the option “Allow requests to the local network from web hooks and services” in the “Outbound requests” section inside the Admin Area > Settings (/admin/application_settings/network):
url to the entire article here
Use the root login and check the outbound option, you should be good.
Let me know if you get any other error.
I had faced the same issue yesterday, but all good now.
I already have a website running and want to install JIRA Server on it. So how do I add a sub directory to my main website, example www.mywebsite.com is my actual website so want www.mywebsite.com/Jira how do I achieve this?
I had downloaded the windows JIRA Installer and ran it locally connecting to the database hosted on my server and it worked using localhost(http://localhost:8080/secure/Dashboard.jspa) however now I want to access it through the web link i.e base URL.
I am new to this so any help would be really appreciated.
Well I understand you do have a domain and you want to run your JIRA with context path /jira un that domain. If that's the case, you may need to consider running your JIRA behind proxy. Take a look at Atlassian documentation since it contains all the information that you need for this:
https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-apache-http-server-mod_proxy_http-806032611.html
I am creating a build envirnoment and freshly installed jenkins with ActiveDirectory/LDAP auth.
We will have external users which should not be able to login to our domain computers but they should have access to jenkins/jira/... in order to develop with us (perhaps vpn for accessing some dev backends).
So for these users in active directory I set a dummy host they are able to logon (which means no computer at all). Jira/Confluence and dav_svn have no problem with this but it seems jenkins checks this property and refuses the access.
Can anybody tell me what "host" I have to put in there so that jenkins accepts a logon of these users? Or if I have to set a hidden config value in jenkins?
The users to accept are all in a special developer group. If I could simply pass the name of the group but even this does not help (matrix based): the user cannot login.
Thanks ver much!
Aurel
I want to set up Jenkins. When I go to install or update plugins, Jenkins automatically checks for "Internet connectivity". For reasons unclear to me, it appears that the Jenkins definition of "Internet connectivity" is "able to reach google.com". I am located in China, and trying to contact google over an unprotected connection is guaranteed to fail.
I'd like to skip (or at least redirect) this check, which takes a long time, can never succeed, isn't relevant to the task that triggers it, and isn't even used by Jenkins (the actual plugin download goes through fine after Jenkins gives up on reaching google). Is there a way?
open /var/lib/jenkins/updates/default.json file, you will see the connectionCheckUrl is set to www.google.com. change it to www.baidu.com, and restart.
As an alternative to proxy, you can always modify the hosts file on the Jenkins machine (location depends on the OS), and redirect google.com to whatever IP you want.