Details
-
Suggestion
-
Resolution: Unresolved
-
None
Description
The documentation (https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-apache-http-server-mod_proxy_http-806032611.html) has a section for running behind a server that seems outdated/wrong.
<VirtualHost *:80>
ServerName myconfluence.com
ProxyRequests Off
ProxyPreserveHost On
# Auth changes in 2.4 - see http://httpd.apache.org/docs/2.4/upgrading.html#run-time
<Proxy *>
Require all granted
</Proxy>
ProxyPass /synchrony http://<internal_domain>:8091/synchrony
<Location /synchrony>
Require all granted
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule .* ws://<internal_domain>:8091%{REQUEST_URI} [P]
</Location>
ProxyPass / http://<internal_domain>:8090/
ProxyPassReverse / http://<internal_domain>:8090/
<Location />
Require all granted
</Location>
</VirtualHost>
In my setup this will redirect http://myconfluence.com/synchrony/ to ws://<internal_domain>:8091/synchrony. However, the browser frontend is looking for Synchrony under http://myconfluence:8091/synchrony (or will try to use the synchrony-proxy). So the Synchrony proxying does not work.
An easy fix would be to open the firewall on port 8091. However, since the main site uses SSL, access to port 8091 was also done via SSL. My fix was to add a second virtual host to listen on 8091 which looked something like this:
Listen aaa.bbb.ccc.ddd:8091
<VirtualHost *:8091>
{{}}
<SSL configuration here>
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /synchrony/ http://localhost:8091/synchrony/
<Location /synchrony/>
Require all granted
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule .* ws://localhost:8091%{REQUEST_URI} [P]{{ }}
</Location>
</VirtualHost>
Additionally I had to restrict Synchrony to 127.0.0.1 by adding so Apache and Synchrony don't use the same port.
-Dsynchrony.bind=127.0.0.1
to my JAVA_OPTS.
Since this caused me some headache it would be great if somebody could update the documentation.
Additionally it would be great if there was a system property to tell confluence the URL by which to access Synchrony. Ideally this property would either specify the full URL (e.g. https://synchrony.wiki.com/synchrony) or just the context (/synchrony would be interpreted as https://my.wiki.com/synchrony) in case Confluence is accessible through multiple URLs.