afeld
commented
7 years ago @yfuksenko This pull request has changed a bit - mind taking another look? I suggest we take care of any additional hardening as follow-up(s).
Closed afeld closed 7 years ago
afeld
commented
7 years ago @yfuksenko This pull request has changed a bit - mind taking another look? I suggest we take care of any additional hardening as follow-up(s).
afeld
commented
7 years ago Got verbal re-approval from @yfuksenko, so merging!
Closes #12.
This pull request adds an nginx proxy in front of Jenkins to serve requests - this seemed more trustworthy and configurable than relying on Jenkins to do HTTPS termination itself. While the example security group setup leaves port 80 open, this is simply to redirect to 443. My test deployment, using a self-signed cert (hence why it says "Not Secure"):
Note that all the files under
test/roles/are vendored third-party dependencies.