反向代理- Squid

表的内容

如果您需要一个用户友好的url来访问Jenkins(而不是8080端口),那么在Squid后面运行Jenkins是有意必威国际有限公司义的,这样您就可以在80或443端口上访问Jenkins。本节讨论一些实现此目的的方法。

鱿鱼2.6

使用鱿鱼2.6:

acl所有src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl经理原型cache_object acl to_localhost dst 127.0.0.0/8 acl valid_dst dstdomain .YOUR_DOMAIN ci cache_replacement_policy堆LFUDA memory_replacement_policy堆GDSF cache_dir ufs /var/spool/squid 512 16 256 cache_mem 512 MB maximum_object_size 12000 KB # # http - > https定向# #别忘了更新“詹金斯URL”https://ci.YOUR_DOMAIN/configure acl httpP必威国际有限公司ort myport 80 # http_access否认httpPort # deny_infohttps://ci.YOUR_DOMAIN/ httpPort cache_peer localhost parent 8080 0 originserver name=myAccel coredump_dir /var/spool/squid hierarchy_stoplist cgi-bin http_access allow localhost http_access allow manager localhost http_access allow valid_dst http_access deny all http_access deny manager ## mkdir /etc/squid/ssl/ && cd /etc/squid/ssl/ ## to generate your self-signed certificate ## openssl genrsa -out jenkins.key 1024 ## openssl req -new -key jenkins.key -x509 -out jenkins.crt -days 999 http_port 80 vhost #https_port 443 cert=/etc/squid/ssl/jenkins.crt key=/etc/squid/ssl/jenkins.key vhost http_reply_access allow all icp_access allow all refresh_pattern -i \.jp(e?g|gif|png|ico) 300 20% 600 override-expire # Combine following THREE LINES into a SINGLE LINE for Squid logformat combined %>a %ui %un \[%tl\] "%rm %ru HTTP/%rv" %Hs %h" "%{User-Agent}>h" %Ss:%Sh strip_query_terms off access_log /var/log/squid/access.log combined visible_hostname ci.YOUR_DOMAIN

这假设您在本地主机端口8080上运行Jenkins。必威国际有限公司但你可以在其他服务器/不同的端口(调整行以cache_peer开始)

当然要用你的域名替换YOUR_DOMAIN。

使用ssl

删除一个级别的注释

sed s / ^ # / / /etc/squid/squid.conf

注意:如果你使用群客户端插件,节点可能会报告:

sun.security.validator.ValidatorException: PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法在sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)在sun.security.validator. pkixvalidator . engineevalidate (PKIXValidator.java:191)在sun.security.validator.Validator.validate(Validator.java:218)在c.s.n.s.i.s.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)在c.s.n.s.i.s.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)在c.s.n.s.s.i.s. x509trustmanagerimpl . checkservertrusted (X509TrustManagerImpl.java:249)sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径

您可以使用-noCertificateCheck参数agent.jar.这将禁用来自代理的服务器证书检查。



这个页面有用吗?

请通过此页面提交您的反馈快速形成

或者,如果您不希望填写快速表格,您可以简单地指出,您认为这一页是否有用?


看到现有的反馈在这里

Baidu