More than 5 years have passed since last update.

rundeckのhttps化

Last updated at 2018-04-11Posted at 2018-04-10

概要

httpで稼働していたrundeckをhttps化した際のメモを残します。

環境

Rundeck 2.9.2-1
Client -> ALB(443) -> rundeck(4440)
rundeckはec2で稼働
証明書はACMで取得

変更内容

/etc/rundeck/rundeck-config.propertiesの修正

http → httpsに修正

# before
grails.serverURL= http://rundeck.hogehoge.jp

# after
grails.serverURL= https://rundeck.hogehoge.jp

/etc/rundeck/profileの修正

-Drundeck.jetty.connector.forwarded=trueを追加

# before
RDECK_JVM="-Djava.security.auth.login.config=$JAAS_CONF \
           -Dloginmodule.name=$LOGIN_MODULE \
           -Drdeck.config=$RDECK_CONFIG \
           -Drundeck.server.configDir=$RDECK_SERVER_CONFIG \
           -Dserver.datastore.path=$RDECK_SERVER_DATA/rundeck \
           -Drundeck.server.serverDir=$RDECK_INSTALL \
           -Drdeck.projects=$RDECK_PROJECTS \
           -Drdeck.runlogs=$RUNDECK_LOGDIR \
           -Drundeck.config.location=$RDECK_CONFIG_FILE \
           -Djava.io.tmpdir=$RUNDECK_TEMPDIR \
           -Drundeck.server.workDir=$RUNDECK_WORKDIR \
           -Dserver.http.port=$RDECK_HTTP_PORT"

# after
RDECK_JVM="-Djava.security.auth.login.config=$JAAS_CONF \
           -Dloginmodule.name=$LOGIN_MODULE \
           -Drdeck.config=$RDECK_CONFIG \
           -Drundeck.server.configDir=$RDECK_SERVER_CONFIG \
           -Dserver.datastore.path=$RDECK_SERVER_DATA/rundeck \
           -Drundeck.server.serverDir=$RDECK_INSTALL \
           -Drdeck.projects=$RDECK_PROJECTS \
           -Drdeck.runlogs=$RUNDECK_LOGDIR \
           -Drundeck.config.location=$RDECK_CONFIG_FILE \
           -Djava.io.tmpdir=$RUNDECK_TEMPDIR \
           -Drundeck.server.workDir=$RUNDECK_WORKDIR \
           -Dserver.http.port=$RDECK_HTTP_PORT \
           -Drundeck.jetty.connector.forwarded=true"

参考情報

You get articles that match your needs
You can efficiently read back useful information
You can use dark theme

What you can do with signing up