Jira Installation On Linux
Dies ist eine rudimentäre Beschreibung. Lauffähig aber vor einem produktiven Betrieb mit mir Kontakt aufnehmen und eine Beratung anfragen.
Table of contents
sudo User erzeugen
$ adduser atlassian
$ usermod -aG sudo atlassian
Künftig mit diesem User arbeiten und root sperren.
SSH
$ vi /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
Automatische Aktualisierung
$ dpkg-reconfigure unattended-upgrades
$ vi /etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Remove-Unused-Dependencies "true";
Unattended-Upgrade::Automatic-Reboot "true";
$ vi /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
$ sudo systemctl stop unattended-upgrades
$ sudo systemctl enable unattended-upgrades
$ sudo systemctl start unattended-upgrades
PostgreSQL
$ sudo apt install postgresql
$ sudo su postgres
$ psql
create user atlassian with password '<password>';
create database jira WITH ENCODING 'UNICODE' LC_COLLATE 'C' LC_CTYPE 'C' TEMPLATE template0 owner atlassian;
Apache Installation
$ sudo apt install apache2
Letsencrypt
$ sudo systemctl stop apache2.service
$ sudo apt install certbot
$ certbot certonly --standalone --rsa-key-size 4096 -d jira.<domain> --register-unsafely-without-email
$ sudo systemctl start apache2.service
Port 80
Dies ist eine rudimentäre Beschreibung. Lauffähig aber vor einem produktiven Betrieb mit mir Kontakt aufnehmen und eine Beratung anfragen.
$ vi /etc/apache2/sites-available/000.conf
<VirtualHost *:80>
ServerAdmin webmaster@example.com
ServerName jira.example.com
ProxyRequests Off
ProxyPreserveHost On
RewriteEngine on
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
$ sudo a2dissite 000-default.conf
$ sudo a2ensite 000.conf
Port 443
Dies ist eine rudimentäre Beschreibung. Lauffähig aber vor einem produktiven Betrieb mit mir Kontakt aufnehmen und eine Beratung anfragen.
$ vi /etc/apache2/sites-available/jira.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
ServerAdmin webmaster@example.com
ServerName jira.example.com
ProxyPreserveHost On
ProxyRequests Off
<Proxy *>
Require all granted
</Proxy>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCipherSuite "EECDH+AESGCM:EDH+AESGCM"
SSLHonorCipherOrder on
SSLProtocol TLSv1.2
# Letsencrypt Zertifikate einfügen
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
ProxyPass /jira http://127.0.0.1:8080/jira
ProxyPassReverse /jira http://127.0.0.1:8080/jira
</VirtualHost>
</IfModule>
$ sudo a2ensite jira.conf
Apache2 Module
$ sudo a2enmod proxy_http proxy rewrite ssl headers
Jira Software
https://www.atlassian.com/software/jira/download
Produktiv immer die LTS Version wählen und “Linux 64 Bit”.
$ sudo ./<Paket>
systemd
Das Installationsskript verwendet init.d Hier wird die Verwendung von systemd beschrieben.
$ vi /etc/systemd/system/jira.service
[Unit]
Description=Jira
After=network.target
[Service]
Type=forking
User=atlassian
PIDFile=<Pfad zu Jira>/jira/current/work/catalina.pid
ExecStart=<Pfad zu Jira>/jira/current/bin/start-jira.sh
ExecStop=<Pfad zu Jira>/jira/current/bin/stop-jira.sh
TimeoutSec=200
LimitNOFILE=4096
LimitNPROC=4096
[Install]
WantedBy=multi-user.target
$ sudo systemctl daemon-reload
$ sudo systemctl enable jira.service
$ sudo systemctl start jira.service
Connector in server.xml
$ sudo vi /opt/atlassian/jira/conf/server.xml
Den Standard Connector deaktivieren und den Proxy https Connector aktivieren und dort den proxyName anpassen, wie bspw. proxyName=”jira.example.com”.
Jira Backup
Optional.
$ vi sudo /var/local/bin/jira_backup.sh
#!/bin/bash
SCRIPT="jira_backup.sh"
JIRAHOME=/opt/atlassian/application-data/jira/
JIRADB="jira"
BACKUPPATH=/tmp/
BACKUPFILENAME=$(date +"%Y%m%dT%H%M")
function log {
echo "$(date +""%Y-%m-%dT%H:%M:%S"") - $1"
}
# Main
log "${SCRIPT}"
log "Shutting down Jira…"
JIRASTATE=$(ps -o pid,cmd -C java | grep -i jira | wc -l)
log "JIRASTATE: ${JIRASTATE}"
COMMAND="systemctl stop jira.service"
log "${COMMAND}"
${COMMAND}
JIRASTATE=$(ps -o pid,cmd -C java | grep -i jira | wc -l)
log "JIRASTATE: ${JIRASTATE}"
if [ ${JIRASTATE} -ne 0 ]
then
log "ERROR while stopping Jira."
log "Exit from script now."
exit 10
else
log "Jira is down."
fi
log "Starting PostgreSQL backup..."
COMMAND="sudo -u postgres pg_dump -d ${JIRADB} -f ${BACKUPPATH}${BACKUPFILENAME}.sql"
log "${COMMAND}"
${COMMAND}
log "The command finshed."
log "Checking if the backup file exits..."
if [ -f "${BACKUPPATH}${BACKUPFILENAME}.sql" ]
then
log "${BACKUPPATH}${BACKUPFILENAME}.sql exists."
else
log "ERROR ${BACKUPPATH}${BACKUPFILENAME}.sql does not exists."
log "Exit from script now."
exit 20
fi
log "Starting Jira home backup..."
COMMAND="tar czf ${BACKUPPATH}${BACKUPFILENAME}.tar.gz -C ${JIRAHOME} data"
log "${COMMAND}"
${COMMAND}
log "The command finshed."
log "Checking if the backup file exits..."
if [ -f "${BACKUPPATH}${BACKUPFILENAME}.tar.gz" ]
then
log "${BACKUPPATH}${BACKUPFILENAME}.sql exists."
else
log "ERROR ${BACKUPPATH}${BACKUPFILENAME}.sql does not exists."
log "Exit from script now."
exit 30
fi
log "Starting Jira..."
COMMAND="systemctl start jira.service"
log "${COMMAND}"
${COMMAND}
log "Finishing backup script ${SCRIPT}"
exit 0
$vi /etc/crontab
35 1 * * 2-6 root /var/local/bin/jira_backup.sh >> /var/local/log/atlassian_backup.log
Reach out to me for professional support!