Created
May 3, 2011 22:19
-
-
Save claylo/954387 to your computer and use it in GitHub Desktop.
Perform the steps to get Confluence ready to be proxied and locked down
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # JIRA and Confluence have the same default ports. So, let's avoid a conflict. | |
| sed -i -e 's/8000/8015/g' confluence/conf/server.xml | |
| sed -i -e 's/8080/8090/g' confluence/conf/server.xml | |
| # Restrict to localhost addresses, nevermind about IPv6 | |
| sed -i -e 's/headless=true/headless=true -Djava.net.preferIPv4Stack=true/' confluence/bin/setenv.sh | |
| # Block anyone not on localhost IP | |
| sed -i -e '/<Context>/ a\ | |
| \ <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\\.0\\.0\\.1" /> | |
| ' confluence/conf/context.xml | |
| # Make sure Tomcat knows it's behind a proxy | |
| # UPDATE THIS FOR YOUR ATLASSIAN SUITE SERVER HOSTNAME | |
| sed -i -e 's/port="8090"/port="8090" scheme="https" proxyHost="atlassian.example.com" proxyPort="443"/' confluence/conf/server.xml | |
| # We want to run at '/wiki' in our unified suite, so adjust where Tomcat's going to look | |
| sed -i -e 's/Context path=""/Context path="\/wiki"/' confluence/conf/server.xml | |
| # Tell Apache that Confluence will be coming through | |
| echo "" >> /Users/atlassian/Documents/handcrafted.conf | |
| echo "ProxyPass /wiki http://localhost:8090/wiki" >> /Users/atlassian/Documents/handcrafted.conf | |
| echo "ProxyPassReverse /wiki http://localhost:8090/wiki" >> /Users/atlassian/Documents/handcrafted.conf | |
| # don't forget to restart Apache |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment