How to configure Jenkins to run on port 80

ubuntu upstart jenkins hudson continuous-integration

I'm running Ubuntu 11.10 and have run sudo apt-get install jenkins to install Jenkins on this system.

I've seen some tutorials on how to setup a reverse proxy (Apache, Nginx, etc), however this is a VM dedicated for just jenkins and I'd like keep it as lean as possible while having jenkins running on port 80.

I've found the upstart config in /etc/init/jenkins.conf and modified the port to 80 env HTTP_PORT=80

When I start jenkins via service jenkins start, ps reveals that it runs for a few seconds then terminates.

Is this because jenkins is running as the jenkins user on a privileged port? If so, how do I fix this? Any other ideas a welcome.

Here is the upstart config:

description "jenkins: Jenkins Continuous Integration Server"
author "James Page <[email protected]>"

start on (local-filesystems and net-device-up IFACE!=lo)
stop on runlevel [!2345]

env USER="jenkins"
env GROUP="jenkins"
env JENKINS_LOG="/var/log/jenkins"
env JENKINS_ROOT="/usr/share/jenkins"
env JENKINS_HOME="/var/lib/jenkins"
env JENKINS_RUN="/var/run/jenkins"
env HTTP_PORT=80
env AJP_PORT=-1
env JAVA_OPTS=""
env JAVA_HOME="/usr/lib/jvm/default-java"

limit nofile 8192 8192

pre-start script
    test -f $JENKINS_ROOT/jenkins.war || { stop ; exit 0; }
    $JENKINS_ROOT/bin/maintain-plugins.sh   
    mkdir $JENKINS_RUN > /dev/null 2>&1  || true
    chown -R $USER:$GROUP $JENKINS_RUN || true
end script

script
    JENKINS_ARGS="--webroot=$JENKINS_RUN/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT"
    exec daemon --name=jenkins --inherit --output=$JENKINS_LOG/jenkins.log --user=$USER \
        -- $JAVA_HOME/bin/java $JAVA_OPTS -jar $JENKINS_ROOT/jenkins.war $JENKINS_ARGS \
        --preferredClassLoader=java.net.URLClassLoader
end script

Solution 1:

Another solution is to simply use iptables to reroute incoming traffic from 80 to 8080. The rules would look like:

-A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

Reformatted as an iptables.rules file:

*filter
:INPUT ACCEPT [100:100000]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [95:9000]
-A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
COMMIT

*nat
-A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
COMMIT

The advantage of a iptable.rules file is the rules can persist after reboots. Just make sure to integrate any other current iptable rules into the same file!

On Redhat/CentOS this file can go in /etc/sysconfig/iptables.

On Debian/Ubuntu systems they can be saved in /etc/iptables/rules.v4 by using the iptables-persistent package. Or the iptable.rules can be called by modifying /etc/network/interfaces or hooking into if-up/if-down scripts. The Ubuntu Community wiki has a great page explaining these methods.

As is usually the case with networking, there's a lot of different ways to accomplish the same result. Use what works best for you!

Solution 2:

  1. Go to /etc/default folder --> Open the file "jenkins"
  2. Modify the line HTTP_PORT=8080 as HTTP_PORT=80
  3. Start jenkins as root by using the command: sudo /etc/init.d/jenkins start
  4. Open a browser and browse as localhost:80

that's it

Solution 3:

Give a try to 'authbind':

sudo apt-get install authbind
sudo touch /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80 
sudo chown jenkins /etc/authbind/byport/80

Then modify the script above to have (add authbind before the $JAVA_HOME/bin/java part):

exec daemon --name=jenkins --inherit --output=$JENKINS_LOG/jenkins.log \
--user=$USER -- authbind $JAVA_HOME/bin/java $JAVA_OPTS \
-jar $JENKINS_ROOT/jenkins.war $JENKINS_ARGS \
--preferredClassLoader=java.net.URLClassLoader

For newer Jenkins installations (1.598) on newer Ubuntu installations (14.04) edit /etc/init.d/jenkins and add authbind before $JAVA

$SU -l $JENKINS_USER --shell=/bin/bash -c "$DAEMON $DAEMON_ARGS -- authbind $JAVA $JAVA_ARGS -jar $JENKINS_WAR $JENKINS_ARGS" || return 2

As mentioned by Alan (see comment below) if you need IPv6 and your system is lower than Quantal you can instead of using apt-get to install authbind download a higher version. Make sure you have libc6 and libc6-udeb installed. Here is authbind version 2.1.1 from Ubuntu:

  • amd64
  • i386

Then execute:

sudo dpkg -i authbind_2.1.1_amd64.deb
# or sudo dpkg -i authbind_2.1.1_i386.deb

sudo touch /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80 
sudo chown jenkins /etc/authbind/byport/80

Related

Primary & Foreign Keys in pgAdmin
CATransaction completion being called immediately
Java do nothing
Click event target gives element or it's child, not parent element
Exclude certain file extensions when getting files from a directory
Submit POST data from controller to another website in Rails
Get application path without using httpcontext. (asp.net)
Configure multiple sites with Varnish
Union and Intersection in PowerShell?
How do I prevent a button's background image from stretching?
How / can I display a console window in Intellij IDEA?
How can I execute a node.js module as a child process of a node.js program?