From f6222760448f46469050366c9e8d834744270542 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sat, 7 Nov 2015 14:24:12 +0000 Subject: [PATCH] Add /http-auth-jenkins/ for jenkins --- .../roles/files/jenkins/jenkins.debian.org | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/modules/roles/files/jenkins/jenkins.debian.org b/modules/roles/files/jenkins/jenkins.debian.org index e8d9ebed5..e9b35eed6 100644 --- a/modules/roles/files/jenkins/jenkins.debian.org +++ b/modules/roles/files/jenkins/jenkins.debian.org @@ -28,6 +28,27 @@ Use common-debian-service-https-redirect * jenkins.debian.org Allow from all AllowEncodedSlashes NoDecode + + + AuthName "Debian Jenkins" + AuthType Digest + AuthDigestProvider file + AuthUserFile /srv/jenkins.debian.org/etc/htdigest + Require valid-user + + RewriteEngine On + # see the Apache documentation on why this has to be lookahead + RewriteCond %{LA-U:REMOTE_USER} (.+) + # this actually doesn't rewrite anything. what we do here is to set RU to the match above + # "NS" prevents flooding the error log + RewriteRule .* - [E=RU:%1,NS] + RequestHeader set X-Forwarded-User %{RU}e + + ProxyPass http://127.0.0.1:8080/ retry=15 nocanon + ProxyPassReverse http://127.0.0.1:8080/ + ProxyPassReverse http://jenkins.debian.org/http-auth-jenkins/ + + ProxyPass / http://127.0.0.1:8080/ retry=15 nocanon ProxyPassReverse / http://127.0.0.1:8080/ ProxyPassReverse / http://jenkins.debian.org/ -- 2.20.1