wavedocs
9/22/2017 - 8:34 PM

Atlassian JIRA behind nginx + SSL

Atlassian JIRA behind nginx + SSL

# force HTTP to HTTPS - /etc/nginx/conf.d/nonssl.conf
server {
    listen       80;
    server_name  jira.example.com;
    access_log  off;
    return 301 https://$server_name$request_uri;
}

# /etc/nginx/conf.d/jira.conf
server {
    listen       443 default ssl;

    server_name  jira.example.com;

    access_log  off;
    ssl on;
    ssl_certificate /etc/nginx/certs/example.com.crt;
    ssl_certificate_key /etc/nginx/certs/example.com.key;

    location / {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Proto https;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:8080/;
    }
}

# server.xml config file from $JIRA/conf/
# add/modify this line from <Service name="Catalina"> directive

 <Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8080" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" scheme="https" proxyName="jira.example.com" proxyPort="443"/>