In situations where you have existing web sites on your server, you may find it useful to run Hudson (or the servlet container that Hudson runs in) behind Apache, so that you can bind Hudson to the part of a bigger website that you may have. This document discusses some of the approaches for doing this.

mod_proxy

mod_proxy works by making Apache perform "reverse proxy" — when a request arrives for certain URLs, Apache becomes a proxy and further forward that request to Hudson, then it forwards the response back to the client.

The following Apache modules must be installed :

a2enmod proxy
a2enmod proxy_http

A typical set up for mod_proxy would look like this:

ProxyPass         /hudson  http://localhost:8081/hudson
ProxyPassReverse  /hudson  http://localhost:8081/hudson
ProxyRequests     Off

# Local reverse proxy authorization override
# Most unix distribution deny proxy by default (ie /etc/apache2/mods-enabled/proxy.conf in Ubuntu)
<Proxy http://localhost:8081/hudson*>
  Order deny,allow
  Allow from all
</Proxy>

This assumes that you run Hudson on port 8081. For this set up to work, the context path of Hudson must be the same between your Apache and Hudson (that is, you can't run Hudson on http://localhost:8081/ci and have it exposed at http://localhost:80/hudson)

The ProxyRequests Off prevents Apache from functioning as a forward proxy server (except for ProxyPass), it is advised to include it unless the server should function as a proxy.

mod_proxy with HTTPS

If you'd like to run Hudson with reverse proxy in HTTPS, one user reported that HTTPS needs to be terminated at Hudson, not at the front-end Apache. See this e-mail thread for more discussion.

mod_ajp/mod_proxy_ajp

More info welcome. Probably we should move the contents from here

I wanted to have Hudson running in a different workspace than my normal Tomcat server, but both available via the Apache web server. So, first up, modify Hudson to use a different web and ajp port than Tomcat:

HTTP_PORT=9080
AJP_PORT=9009
...
nohup java -jar "$WAR" --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --prefix=/hudson >> "$LOG" 2>&1 &

Then setup Apache so that it knows that the prefix /hudson is being served by AJP in the httpd.conf file:

LoadModule jk_module          libexec/httpd/mod_jk.so

AddModule     mod_jk.c

#== AJP hooks ==
JkWorkersFile /etc/httpd/workers.properties
JkLogFile     /private/var/log/httpd/mod_jk.log
JkLogLevel    info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkOptions     +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat     "%w %V %T"
# Here are 3 sample applications - 2 that are being served by Tomcat, and Hudson
JkMount  /friki/* worker1
JkMount  /pebble/* worker1
JkMount  /hudson/* worker2

Then finally the workers.conf file specified above, that just tells AJP which port to use for which web application:

# Define 2 real workers using ajp13
worker.list=worker1,worker2
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.lbfactor=50
worker.worker1.cachesize=10
worker.worker1.cache_timeout=600
worker.worker1.socket_keepalive=1
# Set properties for worker2 (ajp13)
worker.worker2.type=ajp13
worker.worker2.host=localhost
worker.worker2.port=9009
worker.worker2.lbfactor=50
worker.worker2.cachesize=10
worker.worker2.cache_timeout=600
worker.worker2.socket_keepalive=1
worker.worker2.recycle_timeout=300

mod_rewrite

Some people attempted to use mod_rewrite to do this, but this will never work if you do not add a ProxyPassReverse.
See the thread if you'd like to know why.