You must set the base URL in Artifactory itself so that the links in the user interface appear correctly.
In the example below, the configuration assumes that the Tomcat HTTP connector runs on port 8081.
Seeing timeouts on large file uploads?
Up-to-date versions of Nginx have proxy_request_buffering
enabled by default. With request buffering enabled, Nginx buffers the entire client payload prior to sending it to the Artifactory upstream.
As a result, you might see a certain stall that could range from several seconds to several minutes depending on your network performance, after the client finishes transmitting all the bytes to Nginx, as Nginx would be busy transmitting all the bytes to the Artifactory upstream at once. If this stall ranges more than a few seconds, you may start seeing client request timeouts depending on which client is used. If you are seeing timeouts, consider turning off proxy_request_buffering with the following directives:
proxy_request_buffering off;
proxy_http_version 1.1;
Configure nginx to use HTTP or HTTPS
## add ssl entries when https has been set in config ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_certificate /etc/nginx/ssl/yourdomain.com.crt; ssl_certificate_key /etc/nginx/ssl/yourdomain.com.key; ssl_session_cache shared:SSL:1m; ssl_prefer_server_ciphers on; ## server configuration server { listen 443 ssl; listen 80 ; server_name yourdomain.com; if ($http_x_forwarded_proto = '') { set $http_x_forwarded_proto $scheme; } ## Application specific logs ## access_log /var/log/nginx/yourdomain.com-access.log timing; ## error_log /var/log/nginx/yourdomain.com-error.log; rewrite ^/$ /ui/ redirect; rewrite ^/ui$ /ui/ redirect; chunked_transfer_encoding on; client_max_body_size 0; location / { proxy_read_timeout 2400s; proxy_pass_header Server; proxy_cookie_path ~*^/.* /; proxy_pass http://<artifactory-ip>:8082; proxy_next_upstream error timeout non_idempotent; proxy_next_upstream_tries 1; proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location ~ ^/artifactory/ { proxy_pass http://<artifactory-ip>:8081; } } }
Internal Proxies
Regular expression (using java.util.regex
) that a proxy's IP address must match to be considered an internal proxy. Internal proxies that appear in the remoteIpHeader
are trusted and do not appear in the proxiesHeader
value.
If not specified, the default value of 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}
is used.
Warning
Although binary caching can be enabled on Nginx reverse proxies, it is not supported by Artifactory at this time. There are known stability problems when a cache layer is set up between a client and Artifactory, such as stale metadata and upload issues. Consider setting up a Smart Remote Repository if you wish to cache artifacts.