From: Peter Palfrader Date: Sat, 7 Nov 2015 14:24:12 +0000 (+0000) Subject: Add /http-auth-jenkins/ for jenkins X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=f6222760448f46469050366c9e8d834744270542;p=mirror%2Fdsa-puppet.git Add /http-auth-jenkins/ for jenkins --- diff --git a/modules/roles/files/jenkins/jenkins.debian.org b/modules/roles/files/jenkins/jenkins.debian.org index e8d9ebed5..e9b35eed6 100644 --- a/modules/roles/files/jenkins/jenkins.debian.org +++ b/modules/roles/files/jenkins/jenkins.debian.org @@ -28,6 +28,27 @@ Use common-debian-service-https-redirect * jenkins.debian.org Allow from all AllowEncodedSlashes NoDecode + + + AuthName "Debian Jenkins" + AuthType Digest + AuthDigestProvider file + AuthUserFile /srv/jenkins.debian.org/etc/htdigest + Require valid-user + + RewriteEngine On + # see the Apache documentation on why this has to be lookahead + RewriteCond %{LA-U:REMOTE_USER} (.+) + # this actually doesn't rewrite anything. what we do here is to set RU to the match above + # "NS" prevents flooding the error log + RewriteRule .* - [E=RU:%1,NS] + RequestHeader set X-Forwarded-User %{RU}e + + ProxyPass http://127.0.0.1:8080/ retry=15 nocanon + ProxyPassReverse http://127.0.0.1:8080/ + ProxyPassReverse http://jenkins.debian.org/http-auth-jenkins/ + + ProxyPass / http://127.0.0.1:8080/ retry=15 nocanon ProxyPassReverse / http://127.0.0.1:8080/ ProxyPassReverse / http://jenkins.debian.org/