├── .env.sample ├── .gitignore ├── Makefile ├── README.md ├── docker-clean.sh ├── docker-compose.yml ├── docker ├── Dockerfile.cje-test ├── Dockerfile.jnlp-agent ├── Dockerfile.ssh-agent └── Dockerfile.swarm-agent └── nginx └── nginx.conf /.env.sample: -------------------------------------------------------------------------------- 1 | MAVEN_CACHE=/Users/schottsfired/.m2:/home/jenkins/.m2 2 | SSH_AGENT_COMMAND=ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC693QYbxxSveSPC12Q+CvjWrRExV1kNgH3an6v5+tI3n2swoGhXEDelGGlJLQQC6wSm2v6RV6kqCnhg9Pz7Tfm5vHf5MlmbEXr8rkwau1ZowP6/iQwLlLSz/35tGh3MeZo3bTyu5nUMCxFDlG7ZQX6JxeOY3EuqhsGK+qe1BmMN/6oCAsvxZv3ehUzs+SzYkCqrQzdlkh6gT368KqdxWipkpmK6uyIpqon7ptzJB0fMWdexP1GxuicovxE45mr61FdiqgrEemCjQbHTcU/aKv8mbEDm5IR5x/YB7j/z1fZPLr7gOg2VJJN2eNqD/JDcyJv9V02PaxZX+dE7xzOzD5D jenkins@471714444c1d 3 | SHARED_CLOUD_NAME=shared-cloud 4 | JNLP_AGENT_COMMAND=906aba6cde236a74f96ac790ad7d4171115a8a4a20d5ef901fb9a91afd9ca464 5 | SWARM_CONTROLLER=http://cjp.local/cje-prod/ 6 | SWARM_USER=swarmagent 7 | SWARM_PASS=swarmagent 8 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | nginx/logs/ 2 | data/ 3 | .env 4 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | include .env 2 | 3 | default: clean 4 | 5 | network: 6 | docker network create cjp-demo-environment || true 7 | 8 | build-jnlp-agent: 9 | docker build --rm \ 10 | -f docker/Dockerfile.jnlp-agent \ 11 | -t jnlp-agent ./docker 12 | 13 | jnlp-agent: 14 | docker run -d \ 15 | --network=cjp-demo-environment \ 16 | -e "JENKINS_URL=http://cjp.local/cjoc" \ 17 | -v $(MAVEN_CACHE) \ 18 | -v /var/run/docker.sock:/var/run/docker.sock \ 19 | jnlp-agent \ 20 | $(JNLP_AGENT_COMMAND) \ 21 | $(SHARED_CLOUD_NAME) 22 | 23 | destroy-jnlp: 24 | docker rm $$(docker stop $$(docker ps -a -q --filter="ancestor=jnlp-agent")) 25 | 26 | build-swarm-agent: 27 | docker build --rm \ 28 | -f docker/Dockerfile.swarm-agent \ 29 | -t swarm-agent . 30 | 31 | swarm-agent: 32 | docker run -d \ 33 | --network=cjp-demo-environment \ 34 | swarm-agent \ 35 | java -jar swarm-client-3.3.jar \ 36 | -master $(SWARM_MASTER) \ 37 | -username $(SWARM_USER) \ 38 | -password $(SWARM_PASS) 39 | 40 | destroy-swarm-agents: 41 | docker rm $$(docker stop $$(docker ps -a -q --filter="ancestor=swarm-agent")) 42 | 43 | clean: 44 | ./docker-clean.sh 45 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Docker Compose Demo Environment for CloudBees CI Traditional 2 | 3 | A great way to run CloudBees CI on your laptop, with support for "Docker stuff"! 4 | 5 | Feel free to clone/fork/extend this repo to meet your specific needs, and shoot me a PR if I missed anything! 6 | 7 | My goal for this repo is to help people learn about CloudBees CI and Docker while journeying through the README below. 8 | 9 | ## What does this include? 10 | * Nginx reverse proxy at http://cjp.local (404 means it's running, home page is TODO) 11 | * CloudBees Jenkins Operations Center (CJOC) at http://cjp.local/cjoc 12 | * CloudBees Jenkins Enterprise (CJE) "prod" at http://cjp.local/cje-prod 13 | * CloudBees Jenkins Enterprise (CJE) "test" at http://cjp.local/cje-test 14 | * A Docker-enabled, shared SSH agent based on [jenkinsci/ssh-slave](https://hub.docker.com/r/jenkinsci/ssh-slave/) 15 | * The ability to spawn Docker-enabled, shared JNLP agents based on [cloudbees/jnlp-slave-with-java-build-tools](https://hub.docker.com/r/cloudbees/jnlp-slave-with-java-build-tools/) 16 | 17 | *NOTE: All services are intended to run on the same host in this example, but similar practices can be applied to e.g. Docker Swarm (multi host) setups.* 18 | 19 | ## Prerequisites 20 | 21 | Go get [Docker for Mac](https://docs.docker.com/docker-for-mac/). 22 | 23 | *NOTE: Docker on Docker support has not been tested on other platforms.* 24 | 25 | 1. Increase CPU/Memory limits in Docker preferences to as much as you can spare (e.g. CPU: 4, Memory: 6GB). 26 | 27 | 2. Open terminal and type: 28 | 29 | sudo vi /etc/hosts 30 | 31 | then add (or append) this entry: 32 | 33 | 127.0.0.1 cjp.local 34 | 35 | so that your host file will look like the following example: 36 | 37 | ## 38 | # Host Database 39 | # 40 | # localhost is used to configure the loopback interface 41 | # when the system is booting. Do not change this entry. 42 | ## 43 | 127.0.0.1 localhost 44 | 127.0.0.1 cjp.local 45 | 255.255.255.255 broadcasthost 46 | ::1 localhost 47 | 48 | 49 | 3. Create a file called ``.env`` in the project directory (alongside ``docker-compose.yml``) and copy everything into it from the provided ``.env.sample``. Update the ``MAVEN_CACHE`` so that it's specific to your environment. If you don't have a Maven cache, or want to use additional/other caches, then update (or remove) the ``ssh-agent:`` ``volumes:`` in ``docker-compose.yml`` accordingly. For now this is the only change needed in ``.env``. 50 | 51 | 4. Create a Docker network by running this from the project directory: 52 | 53 | make network 54 | 55 | ## How to run (and restart after shutting down) 56 | 57 | Simply type the following command 58 | 59 | docker-compose up -d 60 | 61 | ..from the project directory, and wait a while :) 62 | 63 | You can view logs (and safely ctrl+c out of them) via: 64 | 65 | docker-compose logs -t -f 66 | 67 | To stop all runnning containers, run the following command: 68 | 69 | docker-compose down 70 | 71 | Important directories like JENKINS_HOME(s), Nginx logs, etc. are volume mapped (persisted) to the working project directory. Treat JENKINS_HOME directories (under ``./data/...``) with care, and consider regular backups. 72 | 73 | ## Post-Startup Checklist 74 | 75 | ### Connect Client Controllers (one time) 76 | 77 | 1. Navigate to CJOC at http://cjp.local/cjoc and retrieve the initial admin password using ``docker exec -it cjoc cat /var/jenkins_home/secrets/initialAdminPassword`` 78 | 79 | 1. Activate CJOC using the recommended settings 80 | 81 | 2. Follow the same process for http://cjp.local/cje-prod and http://cjp.local/cje-test, again with recommended settings 82 | 83 | 3. In CJOC, create Client Controller items for ``cje-prod`` and ``cje-test``, and use the URLs from step 2 to make the connection 84 | 85 | ### Connect ssh-agent as a Shared Agent (one time) 86 | 87 | 1. `` exec `` into the CJOC container and generate a key pair: 88 | 89 | docker exec -it cjoc bash 90 | 91 | ssh-keygen 92 | 93 | 2. Stick with the defaults and choose a password (or leave blank). 94 | 95 | 3. Copy your private key to a text editor: 96 | 97 | cat /var/jenkins_home/.ssh/id_rsa 98 | 99 | 4. In CJOC, click "Credentials", "System", "Global credentials (unrestricted)", "Add Credentials", select ``SSH Username with private key``. Enter ``jenkins`` as the username and select ``Enter Directly`` for the Private key option. 100 | 101 | 5. In ``.env``, replace ``SSH_AGENT_COMMAND`` with the public key that was just generated, save, and refresh the environment with ``docker-compose up`` 102 | 103 | 6. Create a Shared Agent item in CJOC (named e.g. ``shared-ssh-agent``), using the credentials above, host: ``ssh-agent``, and a Remote FS root of ``/home/jenkins``. Give it some labels, like ``shared``, ``ssh``, ``docker``, ``docker-cloud``. 104 | 105 | ### Add JNLP Agent(s) to a Shared Cloud (config once, then repeat step 4) 106 | 107 | 1. Add a Shared Cloud item in CJOC (named e.g. `` shared-cloud ``). Remote FS root is ``/home/jenkins``. Give it some labels, like ``shared``, ``jnlp``, ``java-build-tools``, ``docker``, ``docker-cloud`` and click Save. You should now be taken to a screen that displays the agent command to run. 108 | 109 | 2. In ``.env``, replace ``SHARED_CLOUD_NAME`` if needed, and replace ``JNLP_SLAVE_COMMAND`` with the ``-secret`` you find the Jenkins UI, then save your changes. 110 | 111 | 3. Build the JNLP agent: 112 | 113 | make build-jnlp-agent 114 | 115 | 3. Launch a JNLP agent into the Shared Cloud, repeatedly if desired: 116 | 117 | make jnlp-agent 118 | 119 | 4. Finally, destroy all JNLP agents: 120 | 121 | make destroy-jnlp 122 | 123 | ## What Next? 124 | 125 | Automate all the things! 126 | 127 | ### Consider the following plugins 128 | 129 | * [Mock Security Realm](https://wiki.jenkins-ci.org/display/JENKINS/Mock+Security+Realm+Plugin) 130 | * [CloudBees Docker Build and Publish](https://wiki.jenkins-ci.org/display/JENKINS/CloudBees+Docker+Build+and+Publish+plugin) 131 | * [CloudBees Docker Custom Build Environment](https://wiki.jenkins-ci.org/display/JENKINS/CloudBees+Docker+Custom+Build+Environment+Plugin) 132 | * [CloudBees Docker Pipeline](https://wiki.jenkins-ci.org/display/JENKINS/CloudBees+Docker+Pipeline+Plugin) 133 | * [Docker Agents Plugin](https://wiki.jenkins-ci.org/display/JENKINS/Docker+Agents+Plugin) (use in tandem with ``docker-service`` in ``docker-compose.yml``) 134 | 135 | ## Miscellaneous 136 | 137 | ### Upgrades 138 | 139 | Please refer to the [Releases Page](https://github.com/schottsfired/cjp-demo-environment/releases) for upgrade instructions. 140 | 141 | ### Docker on Docker (a.k.a "Docker inception") 142 | 143 | Is supported by the following services: 144 | 145 | * ``cje-test`` 146 | * ``ssh-agent`` 147 | * ``jnlp-agent`` 148 | * ``docker-service`` (tcp://docker-service:2375) 149 | 150 | When executing a ``docker`` command from within these containers, the Docker client installed inside the container communicates with the Docker server outside the container. This magic is provided by Docker socket volume mapping; see ``-v /var/run/docker.sock:/var/run/docker.sock`` in ``docker-compose.yml``. For more information, read [this famous blog post](https://jpetazzo.github.io/2015/09/03/do-not-use-docker-in-docker-for-ci/). 151 | 152 | ### Pro tips 153 | * See what's running: 154 | 155 | docker ps 156 | 157 | * Shutdown command(s): 158 | 159 | docker-compose down 160 | 161 | make destroy-jnlp 162 | 163 | * Clean Docker after shutting down: 164 | 165 | make clean 166 | 167 | * Tail the logs for a running container: 168 | 169 | docker logs -f $CONTAINER_NAME_OR_ID 170 | 171 | * Open an interactive terminal on a running container: 172 | 173 | docker exec -it $CONTAINER_NAME_OR_ID sh 174 | 175 | * Run a command within a container immediately, e.g. to test networking 176 | 177 | docker exec -it $CONTAINER_NAME_OR_ID ping cjp.proxy 178 | -------------------------------------------------------------------------------- /docker-clean.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | docker system prune 3 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | 3 | networks: 4 | default: 5 | external: 6 | name: cjp-demo-environment 7 | 8 | services: 9 | 10 | proxy: 11 | container_name: cjp.local 12 | #https://hub.docker.com/_/nginx/ 13 | image: nginx:1.10-alpine 14 | ports: 15 | - "80:80" 16 | #- "443:443" 17 | volumes: 18 | - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro 19 | - ./nginx/logs:/var/log/nginx 20 | depends_on: #to force proxy to start after: 21 | - cjoc 22 | - cje-test 23 | - cje-prod 24 | 25 | cjoc: 26 | container_name: cjoc 27 | #https://hub.docker.com/r/cloudbees/jenkins-operations-center/ 28 | image: cloudbees/jenkins-operations-center:2.289.3.2 29 | environment: 30 | JENKINS_SLAVE_AGENT_PORT: "50000" 31 | JENKINS_HA: "false" 32 | #https://wiki.jenkins-ci.org/display/JENKINS/Features+controlled+by+system+properties 33 | JAVA_OPTS: " 34 | -Dhudson.TcpSlaveAgentListener.hostName=cjoc 35 | -Dhudson.TcpSlaveAgentListener.port=50000 36 | -Dhudson.udp=-1 37 | -Dhudson.DNSMultiCast.disabled=true 38 | -Djava.awt.headless=true 39 | -Dorg.apache.commons.jelly.tags.fmt.timeZone=America/New_York" 40 | JENKINS_OPTS: "--prefix=/cjoc" 41 | volumes: 42 | - ./data/cjoc:/var/jenkins_home 43 | - ./data/backups:/backups 44 | 45 | cje-prod: 46 | container_name: cje-prod 47 | #https://hub.docker.com/r/cloudbees/jenkins-enterprise/ 48 | image: cloudbees/jenkins-enterprise:2.289.3.2 49 | environment: 50 | JENKINS_SLAVE_AGENT_PORT: "50000" 51 | JENKINS_HA: "false" 52 | JAVA_OPTS: " 53 | -Dhudson.TcpSlaveAgentListener.hostName=cje-prod 54 | -Dhudson.TcpSlaveAgentListener.port=50000 55 | -Dhudson.udp=-1 56 | -Dhudson.DNSMultiCast.disabled=true 57 | -Djava.awt.headless=true 58 | -Dorg.apache.commons.jelly.tags.fmt.timeZone=America/New_York 59 | " 60 | JENKINS_OPTS: "--prefix=/cje-prod" 61 | volumes: 62 | - ./data/cje-prod:/var/jenkins_home 63 | - ./data/backups:/backups 64 | volumes_from: 65 | - ssh-agent 66 | 67 | cje-test: 68 | container_name: cje-test 69 | build: 70 | context: ./docker/ 71 | dockerfile: Dockerfile.cje-test #based on the same image as cje-prod 72 | environment: 73 | JENKINS_SLAVE_AGENT_PORT: "50000" 74 | JENKINS_HA: "false" 75 | JAVA_OPTS: " 76 | -Dhudson.TcpSlaveAgentListener.hostName=cje-test 77 | -Dhudson.TcpSlaveAgentListener.port=50000 78 | -Dhudson.udp=-1 79 | -Dhudson.DNSMultiCast.disabled=true 80 | -Djava.awt.headless=true 81 | -Dorg.apache.commons.jelly.tags.fmt.timeZone=America/New_York 82 | " 83 | JENKINS_OPTS: "--prefix=/cje-test" 84 | volumes: 85 | - ./data/cje-test:/var/jenkins_home 86 | - ./data/backups:/backups 87 | volumes_from: 88 | - ssh-agent 89 | 90 | ssh-agent: 91 | container_name: ssh-agent 92 | build: 93 | context: ./docker/ 94 | dockerfile: Dockerfile.ssh-agent 95 | #this part is specific to your environment.. see README 96 | command: ["${SSH_AGENT_COMMAND}"] 97 | volumes: 98 | - /var/run/docker.sock:/var/run/docker.sock #aka "docker socket volume mapping" 99 | - ${MAVEN_CACHE} #to persist and share the precious maven cache 100 | 101 | #https://hub.docker.com/r/verb/socat/ 102 | #clever way to expose host docker engine to internal services 103 | docker-service: 104 | container_name: docker-service 105 | image: verb/socat:alpine 106 | command: tcp-listen:2375,reuseaddr,fork unix:/docker.sock 107 | expose: 108 | - "2375" 109 | volumes: 110 | - /var/run/docker.sock:/docker.sock 111 | -------------------------------------------------------------------------------- /docker/Dockerfile.cje-test: -------------------------------------------------------------------------------- 1 | FROM cloudbees/jenkins-enterprise:2.289.3.2 2 | 3 | #add Docker 4 | USER root 5 | RUN curl -L -o /tmp/docker-latest.tgz https://get.docker.com/builds/Linux/x86_64/docker-latest.tgz \ 6 | && tar xzf /tmp/docker-latest.tgz -C /tmp/ \ 7 | && mv /tmp/docker/* /usr/bin/ \ 8 | && chmod a+x /usr/bin/docker* \ 9 | && rm -rf /tmp/docker* \ 10 | && delgroup staff \ 11 | && groupadd -g 50 docker \ 12 | && groupadd staff \ 13 | && adduser jenkins docker \ 14 | && adduser root docker 15 | 16 | USER jenkins -------------------------------------------------------------------------------- /docker/Dockerfile.jnlp-agent: -------------------------------------------------------------------------------- 1 | FROM cloudbees/jnlp-slave-with-java-build-tools:latest 2 | 3 | #add Docker 4 | USER root 5 | RUN curl -L -o /tmp/docker-latest.tgz https://get.docker.com/builds/Linux/x86_64/docker-latest.tgz \ 6 | && tar xzf /tmp/docker-latest.tgz -C /tmp/ \ 7 | && mv /tmp/docker/* /usr/bin/ \ 8 | && chmod a+x /usr/bin/docker* \ 9 | && rm -rf /tmp/docker* \ 10 | && delgroup staff \ 11 | && groupadd -g 50 docker \ 12 | && groupadd staff \ 13 | && adduser jenkins docker \ 14 | && adduser root docker 15 | 16 | USER jenkins 17 | -------------------------------------------------------------------------------- /docker/Dockerfile.ssh-agent: -------------------------------------------------------------------------------- 1 | FROM jenkinsci/ssh-slave:latest 2 | 3 | #add Docker 4 | USER root 5 | RUN curl -L -o /tmp/docker-latest.tgz https://get.docker.com/builds/Linux/x86_64/docker-latest.tgz \ 6 | && tar xzf /tmp/docker-latest.tgz -C /tmp/ \ 7 | && mv /tmp/docker/* /usr/bin/ \ 8 | && chmod a+x /usr/bin/docker* \ 9 | && rm -rf /tmp/docker* \ 10 | && delgroup staff \ 11 | && groupadd -g 50 docker \ 12 | && groupadd staff \ 13 | && adduser jenkins docker \ 14 | && adduser root docker 15 | -------------------------------------------------------------------------------- /docker/Dockerfile.swarm-agent: -------------------------------------------------------------------------------- 1 | # Image installs with latest Java 8 OpenJDK on Alpine Linux 2 | FROM openjdk:8-jdk-alpine 3 | 4 | USER root 5 | 6 | # Update and upgrade apk then install curl, maven, git, and nodejs 7 | RUN apk update && \ 8 | apk upgrade && \ 9 | apk --no-cache add curl && \ 10 | apk --no-cache add maven && \ 11 | apk --no-cache add git && \ 12 | apk --no-cache add nodejs 13 | 14 | # Download and install docker 15 | RUN curl -L -o /tmp/docker-latest.tgz https://get.docker.com/builds/Linux/x86_64/docker-latest.tgz && \ 16 | tar xzf /tmp/docker-latest.tgz -C /tmp/ && \ 17 | mv /tmp/docker/* /usr/bin/ && \ 18 | chmod a+x /usr/bin/docker* && \ 19 | rm -rf /tmp/docker* 20 | 21 | # Create user groups and users 22 | RUN addgroup -g 50 docker && \ 23 | addgroup staff && \ 24 | adduser -S jenkins && \ 25 | adduser jenkins docker && \ 26 | adduser root docker 27 | 28 | # Create workspace directory to build in 29 | RUN mkdir /workspace && \ 30 | chmod 777 /workspace 31 | 32 | # Download the latest Jenkins swarm client with curl - version 3.3 33 | # Browse all versions here: https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/swarm-client/ 34 | RUN curl -O https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/swarm-client/3.3/swarm-client-3.3.jar 35 | -------------------------------------------------------------------------------- /nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user nginx; 2 | worker_processes 2; 3 | 4 | error_log /var/log/nginx/error.log info; 5 | pid /var/run/nginx.pid; 6 | 7 | events { 8 | worker_connections 1024; 9 | use epoll; 10 | accept_mutex off; 11 | } 12 | 13 | http { 14 | include /etc/nginx/mime.types; 15 | proxy_set_header X-Real-IP $remote_addr; 16 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 17 | 18 | default_type application/octet-stream; 19 | 20 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 21 | '$status $body_bytes_sent "$http_referer" ' 22 | '"$http_user_agent" "$http_x_forwarded_for"'; 23 | 24 | access_log /var/log/nginx/access.log main; 25 | 26 | sendfile on; 27 | #tcp_nopush on; 28 | 29 | keepalive_timeout 65; 30 | 31 | client_max_body_size 300m; 32 | client_body_buffer_size 128k; 33 | 34 | gzip on; 35 | gzip_http_version 1.0; 36 | gzip_comp_level 6; 37 | gzip_min_length 0; 38 | gzip_buffers 16 8k; 39 | gzip_proxied any; 40 | gzip_types text/plain text/css text/xml text/javascript application/xml application/xml+rss application/javascript application/json; 41 | gzip_disable "MSIE [1-6]\."; 42 | gzip_vary on; 43 | 44 | #include /etc/nginx/conf.d/*.conf; 45 | 46 | server { 47 | listen 80; 48 | server_name cjp.local; 49 | 50 | access_log off; 51 | 52 | location /nginx_status { 53 | stub_status on; 54 | } 55 | 56 | #location = / { 57 | # rewrite ^ http://$server_name/cjoc permanent; 58 | #} 59 | 60 | location /cjoc { 61 | proxy_pass http://cjoc:8080; 62 | 63 | proxy_set_header Host $host:$server_port; 64 | proxy_set_header X-Real-IP $remote_addr; 65 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 66 | proxy_set_header X-Forwarded-Proto $scheme; 67 | proxy_max_temp_file_size 0; 68 | 69 | proxy_connect_timeout 150; 70 | proxy_send_timeout 100; 71 | proxy_read_timeout 100; 72 | 73 | proxy_buffer_size 8k; 74 | proxy_buffers 4 32k; 75 | proxy_busy_buffers_size 64k; 76 | proxy_temp_file_write_size 64k; 77 | } 78 | 79 | location /cje-prod { 80 | proxy_pass http://cje-prod:8080; 81 | 82 | proxy_set_header Host $host:$server_port; 83 | proxy_set_header X-Real-IP $remote_addr; 84 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 85 | proxy_set_header X-Forwarded-Proto $scheme; 86 | proxy_max_temp_file_size 0; 87 | 88 | proxy_connect_timeout 150; 89 | proxy_send_timeout 100; 90 | proxy_read_timeout 100; 91 | 92 | proxy_buffer_size 8k; 93 | proxy_buffers 4 32k; 94 | proxy_busy_buffers_size 64k; 95 | proxy_temp_file_write_size 64k; 96 | } 97 | 98 | location /cje-test { 99 | proxy_pass http://cje-test:8080; 100 | 101 | proxy_set_header Host $host:$server_port; 102 | proxy_set_header X-Real-IP $remote_addr; 103 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 104 | proxy_set_header X-Forwarded-Proto $scheme; 105 | proxy_max_temp_file_size 0; 106 | 107 | proxy_connect_timeout 150; 108 | proxy_send_timeout 100; 109 | proxy_read_timeout 100; 110 | 111 | proxy_buffer_size 8k; 112 | proxy_buffers 4 32k; 113 | proxy_busy_buffers_size 64k; 114 | proxy_temp_file_write_size 64k; 115 | } 116 | } 117 | } 118 | 119 | #reference: https://engineering.riotgames.com/news/jenkins-docker-proxies-and-compose 120 | --------------------------------------------------------------------------------