Login with ec2-user using pem.key
1 sudo vi /etc/environment
Add following lines:
1 2 LANG=en_US.utf-8 LC_ALL=en_US.utf-8
1 2 chmod 600 pem.key ssh -i pem.key ec2-user@ec2_ip
Add ops account
1 2 3 4 5 6 7 8 9 10 11 12 13 yum update sudo adduser ops sudo usermod -a -G wheel ops sudo echo "ops ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/cloud-init sudo su ops cd mkdir .ssh echo "your_pub_key" >> .ssh/authorized_keyschmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys exit
then login as ops account
Install Confluenct with binary package
1 ./atlassian-confluence-6.6.0-x64.bin
Configure the Confluence Tomcat connector:
Change confluence configuration to allow run behind NGINX with SSL
Running Confluence behind NGINX with SSL
Next, in the same /conf/server.xml file, locate this code segment:
1 2 3 4 <Connector port="8090" connectionTimeout="20000" redirectPort="8443" maxThreads="48" minSpareThreads="10" enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11NioProtocol"/>
And add the last line as follows:
1 2 3 4 5 <Connector port="8090" connectionTimeout="20000" redirectPort="8443" maxThreads="48" minSpareThreads="10" enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11NioProtocol" proxyName="www.yourdomain.com" proxyPort="443" scheme="https"/>
Install nginx & postgresql server
Nginx reverse proxy to confluence
1 sudo openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout /etc/ssl/certs/yourdomain.key -out /etc/ssl/certs/yourdomain.pem
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 server{ listen 80; server_name yourdomain; rewrite ^(.*)$ https://yourdomain$1 permanent; } server { listen 443 default_server ssl; server_name yourdomain; access_log /var/log/nginx/yourdomain-access; error_log /var/log/nginx/yourdomain-error; ssl_certificate /etc/ssl/certs/yourdomain.pem; ssl_certificate_key /etc/ssl/certs/yourdomain.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location /confluence { client_max_body_size 100m; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://localhost:8090/confluence; } location /synchrony { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://localhost:8091/synchrony; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; } }
Setup confluence db in postgresql server
1 2 3 4 5 6 7 8 9 sudo yum install postgresql96-server sudo su postgres psql \l CREATE ROLE confluenceuser LOGIN ENCRYPTED PASSWORD 'secret' NOINHERIT VALID UNTIL 'infinity' ; CREATE DATABASE confluencedb WITH ENCODING 'UNICODE' LC_COLLATE 'C' LC_CTYPE 'C' TEMPLATE template0 OWNER=confluenceuser; GRANT ALL PRIVILEGES ON DATABASE confluencedb TO confluenceuser; \l
Setup confluence email notification
JNDI Email Sending
Setting Up a Mail Session for the Confluence Distribution
Finish
Open http://yourdomain/ to finish confluence setup in web browser
