iac/rproxy
3
0
Fork 0
Code Issues Pull Requests Packages Releases 9 Activity
139 Commits 2 Branches 9 Tags
ed7594cea8488108fc6323e1aed4c9c4e552ed46
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Rproxy

Description

This job handles Nginx 1.29 installation and includes the following components:

  • Nginx as Reverse Proxy:

    • Acts as a reverse proxy for secure traffic routing
    • Supports SSL termination

  • HTTP Repository:

    • Provides a base for hosting and managing web content

  • Infrastructure:

    • Includes Podman installation
    • Contains a management job for proxy configuration
      • Allows seamless addition of new services (e.g., enabling SSL access to Jenkins)

Nginx as Reverse Proxy

Setup:

  • Installs Nginx container in Podman environment

Configuration Structure:

  • Root directory: /opt/rproxy
    • Main config: /opt/rproxy/nginx.conf
    • Site-specific configs: /opt/rproxy/sites/*.conf
    • Certificates: /opt/rproxy/certs/ (stores unique certificates for each connected site)

Operation:

  • Listens on https://$hostname/
  • Maps incoming requests to /opt/rproxy/sites/$hostname.conf
  • Forwards traffic to https://$hostname:[port] with SSL termination

Entrypoint:

  • Proxy endpoint: https://$hostname/

HTTP Repository

Configuration:

  • A repo.conf file is added to the /opt/rproxy/sites/ directory
  • DAVFS functionality is enabled for file management
  • Data storage path: /opt/repodata

Access Point:

  • Proxy endpoint: https://localhost:9000/

Example Usage

Upload a file to the repository using curl:

# Upload example: kafka_4.1.tar to /podman/kafka/4.1/
curl -T kafka_4.1.tar https://rproxy.olsson.ul:9000/podman/kafka/4.1/kafka_4.1.tar

Add configuration via management job

Import management/AddService.groovy to Jenkins

To integrate http://jenkins-master.olsson.ul:8080 with the SSL proxy, configure these parameters:

  • target_host: Host with rproxy installed
  • rproxy_service_name: Service identifier (e.g., jenkins)
  • rproxy_service_port: Port (e.g., 8080)
  • rproxy_service_address: Address (e.g., jenkins-master.olsson.ul or 10.10.10.1)

Result:
https://jenkins.olsson.ul/ will securely route to http://jenkins-master.olsson.ul:8080.

CNAME configuration (jenkins.olsson.ul → rproxy) is automatically handled during deployment in FreeIPA.

Software Requirements

  • OS - AlmaLinux 10
  • FreeIPA domain (for certificates request)

Jenkins credentials

  • JENKINS_DEPLOYER_PASS (domain)
  • JENKINS_DEPLOYER_KEY (domain)

Jenkins paramethers

  • target_hosts - is basic inventory line for ansible
  • images_repo_url - image registry with nginx repository
  • update_job - download changes from git and finish job
Description
Deploy nginx as reverse proxy server + add custom configs
Readme 158 KiB
Releases 9
v4.1 Latest
2026-02-13 01:04:59 +03:00
Languages
Groovy 65.6%
Jinja 34.4%