How to configure Apache for caching and HTTP/2
Platform Notice: Data Center Only - This article only applies to Atlassian products on the data center platform.
Atlassian products interface with a variety of technologies. Front-end solutions like Web Servers (eg Apache HTTP Server), load balancers, single sign-on solutions (SSO), SSL certificates, and LDAP repositories add functionality that is often critical to functioning of our products. Atlassian will endeavor to provide documentation for integration with these 3rd party applications (such as this) but does not provide support for 3rd party applications. We are unable to provide support when a failure in a 3rd party application occurs. From: Atlassian Support Offering.
This knowledge base article describes a workaround for Data Center customers who want to use the CDN feature, but can't use a third-party CDN vendor, such as CloudFront, CloudFlare, Akamai, etc.
If using a third-party CDN is not an option for your organisation, you can deploy your own caching proxies close to where your teams are located, for example in each of your satellite offices. Your proxies should all share the same DNS address. This is the URL you'll provide in the CDN setup screen in your Data Center application.
Here are the basic requirements:
You will need to enable HTTP/1.1 on backend, and disable the experimental HTTP/2 client component as follows:
a2enmod proxy_http headers; a2dismod proxy_http2
Enable SSL, disk cache, and HTTP/2 protocol on the user-facing side as follows:
a2enmod ssl cache_disk http2
Create the disk location for your cache:
mkdir /var/cache/apache-web-cache chown www-data.www-data /var/cache/apache-web-cache chmod 755 /var/cache/apache-web-cache
Configure your Apache site. Here's an example configuration. The important points are HTTP/2 protocol, SSL, and cache.
Protocols h2 <VirtualHost webcache:443> ServerAdmin admin@localhost LogLevel info ServerName cdn SSLEngine On SSLProxyEngine On SSLCertificateFile "/etc/ssl/webcache.crt" SSLCertificateKeyFile "/etc/ssl/webcache.key" SSLProxyCACertificateFile "/etc/ssl/myrootCA.pem" RequestHeader unset Cookie Header unset Set-Cookie ProxyPass / https://172.19.0.20/ ProxyPassReverse / https://172.19.0.20/ CacheRoot "/var/cache/apache-web-cache/" CacheEnable disk / CacheDirLevels 2 CacheDirLength 1 </VirtualHost>
If you need more assistance, consult the Apache documentation about caching: https://httpd.apache.org/docs/2.4/caching.html and about setting up high availability configurations for reverse proxies: https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html