Hudson CI behind an Nginx Reverse Proxy with SSL

Here is a quick example nginx configuration to reverse proxy on an HTTPS virtual host to a Hudson CI server running on localhost. When I first tried to do this, the management page displays an error about the configuration being wrong. There are instructions for Running Hudson behind Apache that were helpful, and this email thread that seems to suggest terminating SSL at Hudson, not at the reverse proxy. Well, after a bit of tinkering, I worked out this configuration for nginx that worked out great:

	# Nginx config for Hudson CI behind a virtual host with SSL.
	# Replace hudson.example.com with your domain name.
	# Upstream Hudson server, e.g.: on port 3001
	upstream hudson {
	server localhost:3001
	}
	# Redirect all HTTP requests to HTTPS.
	server {
	listen 80;
	server_name hudson.example.com;
	location / {
	rewrite ^ https://hudson.example.com$request_uri? permanent;
	}
	}
	# Proxy HTTPS requests on hudson.example.com to localhost Hudson server.
	server {
	listen 443;
	server_name hudson.example.com;
	ssl_on;
	ssl_certificate /etc/pki/tls/certs/hudson_example_com.pem;
	ssl_certificate_key /etc/pki/tls/certs/hudson_example_com.pem;
	ssl_session_cache shared:SSL:1m;
	ssl_session_timeout 5m;
	# Only allow GET, HEAD, and POST requests.
	if ($request_method !~ ^(GET|HEAD|POST)$ ) {
	return 444;
	}
	location / {
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto https;
	proxy_set_header Host $http_host;
	proxy_next_upstream error;
	proxy_pass http://hudson;
	proxy_redirect http://hudson.example.com/ https://hudson.example.com/;
	}
	}

view raw hudson_nginx.conf hosted with ❤ by GitHub