一、部署confluence
《一、企业级知识管理系统:Centos7一键部署Confluence6.15.7》
二、配置confluence
说明:Confluence服务是在Tomcat容器中运行的,而Tomcat的HTTP连接器必须经过配置才能支持前置Nginx的HTTPS协议。
1、配置模板文件
#由于server.xml.j2文件已经映射到宿主机上,进入部署包的conf目录下
vim conf/server.xml.j2
#a、找到"protocol"参数,将其默认值改为"org.apache.coyote.http11.Http11NioProtocol";
#b、找到"secure"参数,将其默认值改为"true";
#c、找到"scheme"参数,将其默认值改为"https";
#d、找到"proxyName"参数,将其默认值改为"confluence.xxx.com"; #根据实际域名填写
#e、找到"proxyPort"参数,将其默认值改为"443"。
如下图所示:
注意:请用实际的域名来替换。不要直接修改/opt/atlassian/confluence/conf/server.xml配置文件,因为每当confluence容器重启时,都会根据上述的配置模板文件自动还原配置文件,因此修改的配置永远不会生效!
修改后的配置模板文件,如下图所示:
2、重新启动Confluence
docker restart confluence
三、部署Nginx服务
yum install nginx -y && systemctl start nginx
四、配置Nginx代理
#编辑nginx.conf文件
vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 10240;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 443 ssl;
server_name confluence.xxx.com;
ssl_certificate /etc/nginx/4983683__lolaage.com.pem;
ssl_certificate_key /etc/nginx/4983683__lolaage.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
location / {
client_max_body_size 100m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://172.18.1.110:8090;
}
location /synchrony {
client_max_body_size 100m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://172.18.1.110:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name confluence.xxx.com;
rewrite ^ https://$http_host$request_uri? permanent;
}
}
#重新加载配置文件
nginx -s reload
五、配置服务器基本url
浏览器登录:https://confluence.xxx.com—>管理员账号登录—>一般配置
总结:整理不易,如果对你有帮助,可否点赞关注一下?
更多详细内容请参考:《三、企业级知识管理系统:Confluence配置邮箱服务》