How to configure Apache for caching and HTTP/2
Platform Notice: Data Center Only - This article only applies to Atlassian products on the data center platform.
Purpose
This knowledge base article describes a workaround for Data Center customers who want to use the CDN feature, but can't use a third-party CDN vendor, such as CloudFront, CloudFlare, Akamai, etc.
Learn more about CDN support in Jira applications and Configure your CDN for Confluence Data Center.
Solution
If using a third-party CDN is not an option for your organisation, you can deploy your own caching proxies close to where your teams are located, for example in each of your satellite offices. Your proxies should all share the same DNS address. This is the URL you'll provide in the CDN setup screen in your Data Center application.
Here are the basic requirements:
You will need to enable HTTP/1.1 on backend, and disable the experimental HTTP/2 client component as follows:
a2enmod proxy_http headers; a2dismod proxy_http2
Enable SSL, disk cache, and HTTP/2 protocol on the user-facing side as follows:
a2enmod ssl cache_disk http2
Create the disk location for your cache:
mkdir /var/cache/apache-web-cache
chown www-data.www-data /var/cache/apache-web-cache
chmod 755 /var/cache/apache-web-cache
Configure your Apache site. Here's an example configuration. The important points are HTTP/2 protocol, SSL, and cache.
Protocols h2
<VirtualHost webcache:443>
ServerAdmin admin@localhost
LogLevel info
ServerName cdn
SSLEngine On
SSLProxyEngine On
SSLCertificateFile "/etc/ssl/webcache.crt"
SSLCertificateKeyFile "/etc/ssl/webcache.key"
SSLProxyCACertificateFile "/etc/ssl/myrootCA.pem"
RequestHeader unset Cookie
Header unset Set-Cookie
ProxyPass / https://172.19.0.20/
ProxyPassReverse / https://172.19.0.20/
CacheRoot "/var/cache/apache-web-cache/"
CacheEnable disk /
CacheDirLevels 2
CacheDirLength 1
</VirtualHost>
If you need more assistance, consult the Apache documentation about caching: https://httpd.apache.org/docs/2.4/caching.html and about setting up high availability configurations for reverse proxies: https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html