Confluence 7.8.3 Installation with Nginx and connect with LDAP Directory(AD) on CentOS 7
Confluence is a collaboration wiki tool used to help teams to collaborate and share knowledge efficiently. We will be installing Confluence 7.8.3 version on CentOS 7 and later integrate it with Active Directory.
Install Java 11
Confluence supports oracle JDK version 1.8 or 11. So we will be installing Java version 11.
yum install java-11-openjdk
Check installed java version.
java —-version
openjdk 11.0.8 2020-07-14 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.8+10-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.8+10-LTS, mixed mode, sharing)
Confluence installation
We are going to install confluence 7.8.3 with the installer. Download the bin file and execute it.
wget www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-7.8.3-x64.bin
chmod +x atlassian-confluence-7.8.3-x64.bin
./atlassian-confluence-7.8.3-x64.bin
Follow the prompts to install Confluence. You’ll be asked for the following info:
Install type – choose option 2 (custom) for the most control. But will be choosing option 1 here.
Destination directory – this is where Confluence will be installed.
Home directory – this is where Confluence data like logs, search indexes, and files will be stored.
TCP ports – these are the HTTP connector port and control port Confluence will run on. Stick with the default unless you’re running another application on the same port.
Install as service – this option is only available if you run the installer as sudo.
Once the installation is complete head to http://localhost:8090/ in your browser to begin the setup process. But in our case, we are going to use Nginx as a proxy so we will wait further to finish the Nginx setup too.
If systemd file is not created while confluence installation then you can create it manually.
vim /usr/lib/systemd/system/confluence.service
[Unit]
Description=Confluence
After=network.target
[Service]
#Type=forking
Type=simple
User=confluence
PIDFile=/opt/atlassian/confluence/work/catalina.pid
ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh
ExecStop=/opt/atlassian/confluence/bin/stop-confluence.sh
TimeoutSec=200
LimitNOFILE=4096
LimitNPROC=4096
[Install]
WantedBy=multi-user.target
We will be using Nginx as a proxy so edit the server.xml file. Comment out the default connector and uncomment Nginx connector. Modify Schema, proxyName, proxyPort.
vim /opt/atlassian/confluence/conf/server.xml
<!--
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"/>
-->
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="https" secure="true" proxyName="confluence.bidhankhatri.com.np" proxyPort="443"/>
Nginx as a proxy
Running Confluence behind NGINX with SSL
yum install nginx
vim /etc/nginx/conf.d/confluence.bidhankhatri.com.np.conf
server {
listen 80;
listen [::]:80;
server_name confluence.bidhankhatri.com.np www.confluence.bidhankhatri.com.np;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name confluence.bidhankhatri.com.np;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_certificate /etc/nginx/ssl/bidhankhatri.com.np.crt;
ssl_certificate_key /etc/nginx/ssl/bidhankhatri.com.np.key;
access_log /var/log/nginx/confluence.bidhankhatri.com.np_access.log;
error_log /var/log/nginx/confluence.bidhankhatri.com.np_error.log;
location / {
proxy_connect_timeout 300;
proxy_send_timeout 90m;
proxy_read_timeout 90m;
send_timeout 300;
client_max_body_size 1000000m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8090;
}
location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
systemctl start nginx
systemctl enable nginx
Install MySQL 8
Confluence will not work on MySQL variants such as MariaDB or Percona Server. Therefore we will be installing MySQL version 8 in our production.
rpm -Uvh https://repo.mysql.com/mysql80-community-release-el7-3.noarch.rpm
sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/mysql-community.repo
yum --enablerepo=mysql80-community install mysql-community-server
systemctl start mysqld
grep pass /var/log/mysqld.log
2020-11-09T04:40:51.809523Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: jKfm8,eFj3Zz
mysql_secure_instalation
Add below parameters to my.cnf file.
vim /etc/my.cnf
[mysqld]
character-set-server=utf8mb4
collation-server=utf8mb4_bin
default-storage-engine=INNODB
max_allowed_packet=256M
innodb_log_file_size=2GB
transaction-isolation=READ-COMMITTED
binlog_format=row
Confluence Database Setup For MySQL
CREATE DATABASE confluence CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;
CREATE USER 'info_admin'@'localhost' IDENTIFIED BY '********';
GRANT ALL PRIVILEGES ON confluence.* TO 'info_admin'@'localhost';
flush privileges;
systemctl start mysqld
systemctl enable mysqld
MySQL Connector java jar file setup
Download MySQL connector java jar file ( version 8.0.21 ) Go to MySQL connector link and download mysql-connector-java-8.0.21.jar file.
cp /home/bidhan/mysql-connector-java-8.0.21.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/
systemctl start confluence
systemctl enable confluence
Now Go to confluence.bidhankhatri.com.np and start configuring it. Follow screenshots.
Confluence setup screenshot
fig 1. How do you want to install confluence? Choose Production Installation and Next.
fig 2. License Key: Click on Get an evaluation License. It will redirect to the Atlassian webpage where you have to log in and click on New Trial License.
Choose Product: Confluence
License Type: Tick on Confluence(Server)
Organization: bidhankhatri.com.np
Your Instance ID: up and running
Server ID: Your confluence server ID
To get your Server ID:
- Log in as a Confluence administrator
- Click on the Settings icon and choose General configuration
- Click on the License Details link (under ‘Administration’)
- Your Server ID is listed in the Server ID field .
Please note that trial support for 90 days per product.
Now click on generate License and copy it to confluence installation License key box in fig 2.
fig 3. Setup your database: Choose My own database. and click NEXT
fig 4. Set up your database:
Database Name: confluence
Hostname: localhost
Password: *
Port: 3306
Setup Type: Simple
Username: info_admin
Click on Test Connection now.
fig 7. click on Manage Users and groups within Confluence and create Administrator user.
Confluence with Active Directory
I’ve created a new AD user for the confluence setup.
username: confluence_admin
password:**
Now, Login confluence through a browser with an Administrator privileged.
Go to Cog Icon and then General Configuration. Now to User Directories > Add Directory. Choose Directory Type: Microsoft Active Directory and NEXT.
Now, provide all details as below.
Configuring LDAP User Directory
Server Settings:
Name: Active Directory Server
Directory Type: Microsoft Active Directory
Hostname: dc.bidhankhatri.com.np
Port: 389
Username: confluence_admin
Password: *******
LDAP Schema:
Base DN: dc=bidhankhatri,dc=com,dc=np
Additional User DN: ou=Exchange Users
Additional Group DN: ou=Exchange Users
LDAP Permissions:
Tick on Read Only, with Local Groups
Leave Empty Default Group Memberships box.
Leave Advanced Settings as it is.
User Schema Settings:
User Object Class: user
User Object Filter: (&(objectCategory=Person)(sAMAccountName=*))
User Name Attribute: sAMAccountName
User Name RDN Attribute: cn
User First Name Attribute: givenName
User Last Name Attribute: sn
User Display Name Attribute: displayName
User Email Attribute: mail
User Password Attribute: unicodePwd
User Unique ID Attribute: objectGUID
Group Schema Settings:
Group Object Class: group
Group Object Filter: (objectCategory=Group)
Group Name Attribute: cn
Group Description Attribute: description
Membership Schema Settings:
Group Members Attribute: member
User Membership Attribute: memberOf
That’s it. We have successfully installed Confluence version 7.8.3 on our production environment and integrated it with Active Directory.
Comments