Jenkins behind nginx reverse proxy doesn't redirect in all situations

Question

I have jenkins and nginx running via docker-compose and they're both on the same docker network. Jenkins doesn't expose any ports to the host machine and has its default config of running on port 8080 and nginx maps 8003:443.

We have a server sitting on a private network and subdomain and I have the following nginx configuration file

upstream jenkins {
  server        jenkins:8080;
}

server {
  listen   443 ssl;
  server_name   abc.example.com;
  ssl_certificate       /etc/ssl/private/certificate.crt;
  ssl_certificate_key   /etc/ssl/private/key.pem;

  root            /var/run/jenkins/war/;

  ignore_invalid_headers off; #pass through headers from Jenkins which are considered invalid by Nginx server.

  location ~ "^/static/[0-9a-fA-F]{8}\/(.*)$" {
    #rewrite all static files into requests to the root
    #E.g /static/12345678/css/something.css will become /css/something.css
    rewrite "^/static/[0-9a-fA-F]{8}\/(.*)" /$1 last;
  }

  location /userContent {
    #have nginx handle all the static requests to the userContent folder files
    #note : This is the $JENKINS_HOME dir
        root /var/lib/jenkins/;
    if (!-f $request_filename){
      #this file does not exist, might be a directory or a /**view** url
      rewrite (.*) /$1 last;
          break;
    }
        sendfile on;
  }


  location / {
    proxy_pass  http://jenkins/;
    proxy_buffering off;
    proxy_set_header X-Real-IP $remote_addr;
      sendfile off;
      proxy_redirect     default;
      proxy_http_version 1.1;
      proxy_set_header   Host $host;
      proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header   X-Forwarded-Proto $scheme;
      proxy_set_header   X-Forwarded-Port 443;
      proxy_max_temp_file_size 0;
      #this is the maximum upload size
      client_max_body_size       10m;
      client_body_buffer_size    128k;
      proxy_connect_timeout      90;
      proxy_send_timeout         90;
      proxy_read_timeout         90;
      proxy_set_header Connection ""; # Clear for keepalive
  }

}

Most of these settings are taken from the trouble shooting guide as my initial attempt didn't list them all and I was and still am getting the notice It appears that your reverse proxy set up is broken. Currently, it seems to be only partially working. Some urls work fine like if I click people I will get https://abc.example.com:8003/asynchPeople/ but others like the login and blue ocean seem to drop the port. Adding this back in manually does make the url then work. So I'm not sure exactly what's wrong. I should also add I have set the jenkins url to abc.example.com:8003

Answer 1

After a fair amount of reading around the following helped my situation.

proxy_set_header   X-Forwarded-Host $http_host;

This maintained the port number and functionality seemed to be as expected with Jenkins.

Regarding the reverse proxy is broken, I inspected via curl the administration task. This failed and was giving me the error and redirected me here: https://curl.haxx.se/docs/sslcerts.html. Even though all browsers show the secure icon and show no problems.