DEV Community

loading...

Confluence 7.8.3 Installation with Nginx and connect with LDAP Directory(AD) on CentOS 7

Bidhan Khatri
Linux guy
Originally published at bidhankhatri.com.np ・6 min read

Confluence is a collaboration wiki tool used to help teams to collaborate and share knowledge efficiently. We will be installing Confluence 7.8.3 version on CentOS 7 and later integrate it with Active Directory.

Install Java 11

Confluence supports oracle JDK version 1.8 or 11. So we will be installing Java version 11.

yum install java-11-openjdk
Enter fullscreen mode Exit fullscreen mode

Check installed java version.

java —-version
openjdk 11.0.8 2020-07-14 LTS
OpenJDK Runtime Environment 18.9 (build 11.0.8+10-LTS)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.8+10-LTS, mixed mode, sharing)
Enter fullscreen mode Exit fullscreen mode

Confluence installation

We are going to install confluence 7.8.3 with the installer. Download the bin file and execute it.

wget www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-7.8.3-x64.bin
chmod +x atlassian-confluence-7.8.3-x64.bin
./atlassian-confluence-7.8.3-x64.bin
Enter fullscreen mode Exit fullscreen mode

Follow the prompts to install Confluence. You'll be asked for the following info:

Install type – choose option 2 (custom) for the most control. But will be choosing option 1 here.
Destination directory – this is where Confluence will be installed.
Home directory – this is where Confluence data like logs, search indexes, and files will be stored.
TCP ports – these are the HTTP connector port and control port Confluence will run on. Stick with the default unless you're running another application on the same port.
Install as service – this option is only available if you run the installer as sudo.

Once the installation is complete head to http://localhost:8090/ in your browser to begin the setup process. But in our case, we are going to use Nginx as a proxy so we will wait further to finish the Nginx setup too.

Alt Text

If systemd file is not created while confluence installation then you can create it manually.

vim /usr/lib/systemd/system/confluence.service

[Unit]
Description=Confluence
After=network.target

[Service]
#Type=forking
Type=simple
User=confluence
PIDFile=/opt/atlassian/confluence/work/catalina.pid
ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh
ExecStop=/opt/atlassian/confluence/bin/stop-confluence.sh
TimeoutSec=200
LimitNOFILE=4096
LimitNPROC=4096

[Install]
WantedBy=multi-user.target
Enter fullscreen mode Exit fullscreen mode

We will be using Nginx as a proxy so edit the server.xml file. Comment out the default connector and uncomment Nginx connector. Modify Schema, proxyName, proxyPort.

vim /opt/atlassian/confluence/conf/server.xml

<!--
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"/>

-->

<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="https" secure="true" proxyName="confluence.bidhankhatri.com.np" proxyPort="443"/>
Enter fullscreen mode Exit fullscreen mode

Nginx as a proxy

Running Confluence behind NGINX with SSL

yum install nginx
Enter fullscreen mode Exit fullscreen mode

vim /etc/nginx/conf.d/confluence.bidhankhatri.com.np.conf

server {
    listen 80;
    listen [::]:80;
    server_name confluence.bidhankhatri.com.np www.confluence.bidhankhatri.com.np;
    return 301 https://$host$request_uri;
    }

server {
    listen 443 ssl;
    server_name confluence.bidhankhatri.com.np;
    ssl_protocols TLSv1.1 TLSv1.2;
    ssl_certificate /etc/nginx/ssl/bidhankhatri.com.np.crt;
    ssl_certificate_key /etc/nginx/ssl/bidhankhatri.com.np.key;
    access_log /var/log/nginx/confluence.bidhankhatri.com.np_access.log;
    error_log /var/log/nginx/confluence.bidhankhatri.com.np_error.log;

location / {
    proxy_connect_timeout 300;
    proxy_send_timeout 90m;
    proxy_read_timeout 90m;
    send_timeout 300;
    client_max_body_size 1000000m;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass http://localhost:8090;
    }

location /synchrony {
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass http://localhost:8091/synchrony;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    }
}

Enter fullscreen mode Exit fullscreen mode
systemctl start nginx
systemctl enable nginx
Enter fullscreen mode Exit fullscreen mode

Install MySQL 8

Confluence will not work on MySQL variants such as MariaDB or Percona Server. Therefore we will be installing MySQL version 8 in our production.

rpm -Uvh https://repo.mysql.com/mysql80-community-release-el7-3.noarch.rpm
sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/mysql-community.repo
yum --enablerepo=mysql80-community install mysql-community-server
systemctl start mysqld
Enter fullscreen mode Exit fullscreen mode
grep pass /var/log/mysqld.log
2020-11-09T04:40:51.809523Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: jKfm8,eFj3Zz
Enter fullscreen mode Exit fullscreen mode
mysql_secure_instalation
Enter fullscreen mode Exit fullscreen mode

Add below parameters to my.cnf file.
vim /etc/my.cnf

[mysqld]
character-set-server=utf8mb4
collation-server=utf8mb4_bin
default-storage-engine=INNODB
max_allowed_packet=256M
innodb_log_file_size=2GB
transaction-isolation=READ-COMMITTED
binlog_format=row
Enter fullscreen mode Exit fullscreen mode

Confluence Database Setup For MySQL

CREATE DATABASE confluence CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;
CREATE USER 'info_admin'@'localhost' IDENTIFIED BY '********';
GRANT ALL PRIVILEGES ON confluence.* TO 'info_admin'@'localhost';
flush privileges;
Enter fullscreen mode Exit fullscreen mode
systemctl start mysqld
systemctl enable mysqld
Enter fullscreen mode Exit fullscreen mode

MySQL Connector java jar file setup

Download MySQL connector java jar file ( version 8.0.21 )
Go to MySQL connector link and download mysql-connector-java-8.0.21.jar file.

cp /home/bidhan/mysql-connector-java-8.0.21.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/
Enter fullscreen mode Exit fullscreen mode
systemctl start confluence
systemctl enable confluence
Enter fullscreen mode Exit fullscreen mode

Now Go to confluence.bidhankhatri.com.np and start configuring it. Follow screenshots.

Confluence setup screenshot

fig 1. How do you want to install confluence? Choose Production Installation and Next.
fig 2. License Key: Click on Get an evaluation License. It will redirect to the Atlassian webpage where you have to log in and click on New Trial License.
Choose Product: Confluence
License Type: Tick on Confluence(Server)
Organization: bidhankhatri.com.np
Your Instance ID: up and running
Server ID: Your confluence server ID

To get your Server ID:

  1. Log in as a Confluence administrator
  2. Click on the Settings icon and choose General configuration
  3. Click on the License Details link (under 'Administration')
  4. Your Server ID is listed in the Server ID field . Please note that trial support for 90 days per product. Now click on generate License and copy it to confluence installation License key box in fig 2.

fig 3. Setup your database: Choose My own database. and click NEXT
fig 4. Set up your database:
Database Name: confluence
Hostname: localhost
Password: *
Port: 3306
Setup Type: Simple
Username: info_admin

Click on Test Connection now.

fig 7. click on Manage Users and groups within Confluence and create Administrator user.

Alt TextAlt TextAlt TextAlt TextAlt TextAlt Text

Confluence with Active Directory

I've created a new AD user for the confluence setup.
username: confluence_admin
password:******

Now, Login confluence through a browser with an Administrator privileged.

Go to Cog Icon and then General Configuration. Now to User Directories > Add Directory. Choose Directory Type: Microsoft Active Directory and NEXT.

Now, provide all details as below.

Configuring LDAP User Directory

Server Settings:
Name: Active Directory Server
Directory Type: Microsoft Active Directory
Hostname: dc.bidhankhatri.com.np
Port: 389
Username: confluence_admin
Password: *******

LDAP Schema:
Base DN: dc=bidhankhatri,dc=com,dc=np
Additional User DN: ou=Exchange Users
Additional Group DN: ou=Exchange Users

LDAP Permissions:
Tick on Read Only, with Local Groups
Leave Empty Default Group Memberships box.

Leave Advanced Settings as it is.

User Schema Settings:
User Object Class: user
User Object Filter: (&(objectCategory=Person)(sAMAccountName=*))
User Name Attribute: sAMAccountName
User Name RDN Attribute: cn
User First Name Attribute: givenName
User Last Name Attribute: sn
User Display Name Attribute: displayName
User Email Attribute: mail
User Password Attribute: unicodePwd
User Unique ID Attribute: objectGUID

Group Schema Settings:
Group Object Class: group
Group Object Filter: (objectCategory=Group)
Group Name Attribute: cn
Group Description Attribute: description

Membership Schema Settings:
Group Members Attribute: member
User Membership Attribute: memberOf
Enter fullscreen mode Exit fullscreen mode

That's it. We have successfully installed Confluence version 7.8.3 on our production environment and integrated it with Active Directory.

Discussion (0)