[Jenkins-infra] secured jenkins mirrors
R. Tyler Croy
tyler at monkeypox.org
Tue Jun 13 22:14:04 UTC 2017
(replies inline)
On Mon, 12 Jun 2017, Greg Swift wrote:
> Hey all.
>
> I work at Rackspace and as we are building out our newest environments
> we've started blocking port 80 explicitly. The Jenkins systems in that
> environment are failing on downloading plugins due to a 302 redirect
> from https to http. I'd rather avoid having to open an exception for
> downloading updates and plugins from the Jenkins mirrors.
>
> So the url:
>
> https://updates.jenkins-ci.org/download/plugins/htmlpublisher/latest/ht
> mlpublisher.hpi
>
> redirects to http://mirrors.jenkins-ci.org/plugins/htmlpublisher/latest
> /htmlpublisher.hpi
>
> which may redirect out to any number of non-ssl'd mirrors.
>
> If i add https:// to the mirrors.jenkins-ci I get a cert mismatch with
> pkgs.jenkins.io which seems to only do platform specific package repos.
>
> So I guess my question is, is it possible for the secured
> pkgs.jenkins.io to also have the plugins and update center packages? Or
> can we go about mirroring the content to Rackspace's internal mirrors?
>
> Rackspace runs a set of mirrors both internally and for our
> customers[1]. Our preference for running a mirror is to use rsync, but
> looking through your documentation i did not see any rsync links, so I
> wanted to reach out and discuss this with y'all.
We do have an rsync option, for secondary mirrors, but that's not over SSL
either :P
We're in the process of moving distribution into Azure storage, which would
then be end-to-end SSL (core releases from https://pkg.jenkins.io currently get
redirected through Azure).
- R. Tyler Croy
------------------------------------------------------
Code: <https://github.com/rtyler>
Chatter: <https://twitter.com/agentdero>
xmpp: rtyler at jabber.org
% gpg --keyserver keys.gnupg.net --recv-key 1426C7DC3F51E16F
------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20170613/945840f4/attachment.asc>
More information about the Jenkins-infra
mailing list