How to configure a basic Apache reverse proxy for Hipchat Data Center

Still need help?

The Atlassian Community is here for you.

Ask the community

Reference configuration only

This article provides an example configuration to help you set up your Hipchat Data Center deployment, however third-party software might require extra configuration work to function in your environment. Atlassian provides best-effort to assist you with your deployment, but does not directly support these components.

Purpose

This article provides guidance on how to configure a basic Apache reverse proxy for use in a Small-Scale Hipchat Data Center environment.

Prepare

  1. Make sure the system on which Apache will be installed meets the Hardware Requirements for the Load Balancer Node
  2. Install Apache2 via the commands compatible with your operating system
  3. Setup your firewall on your reverse proxy server to accept traffic on port 443. Optionally, you can accept traffic on port 80, the reverse proxy will redirect it to 443 anyways. 
  4. Make sure a DNS record exists for the load balancer node and obtain an SSL certificate per the Reverse Proxy Configuration Requirements.  

    The process of obtaining an SSL certificate falls outside of the scope of this guide. There are plenty of resources on the Internet that can guide you through the process. For example: "How to Install an SSL Certificate from a Commercial CA"

Configure

  1. As the root user, create /etc/apache2/sites-available/hipchat.conf and add the sample configuration below:

    <VirtualHost *:443>
    	ServerName hipchat.example.com
    	KeepAlive On
    	KeepAliveTimeout 120
    	MaxKeepAliveRequests 100
    	SSLEngine On
    	CustomLog /var/log/apache2/hipchat.log combined
    	ProxyPreserveHost On
        SSLCertificateFile /etc/apache2/ssl/ca.crt
        SSLCertificateKeyFile /etc/apache2/ssl/ca.key
    	ProxyPass / http://hipchat01.example.com:80/
    	ProxyPassReverse / http://hipchat01.example.com:80/
    </VirtualHost>
    <VirtualHost *:80>
    	RewriteEngine on
    	RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
    </VirtualHost>
  2. hipchat01.example.com is the DNS name of your node.
  3. SSLCertificateFile  and SSLCertificateKeyFile indicate the location of your SSL certificate and key respectively. 
  4. The <VirtualHost *:80> section handles the redirection from HTTP to HTTPS

  5. Save the changes to the file.

  6. Create a symbolic link to the config file under /etc/apache2/sites-available/ to enable the new config:

    ln -s /etc/apache2/sites-available/hipchat.conf /etc/apache2/sites-enabled/hipchat.conf
  7. Restart the Apache service, the command to run depends on your environment.


Last modified on Nov 2, 2018

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.