jira全家桶安裝紀實
jira全家桶安裝紀實
轉載請注明 來源:http://www.eword.name/
Author:eword
Email:eword@eword.name
一、安裝準備
1.1、安裝包
1.2、服務器環境及網絡環境
| 序號 | 服務奇名稱 | ip | 程序名稱 | 備注 |
|---|---|---|---|---|
| 1 | 數據庫服務器(jira-db-svr) | 10.14.48.12 | MySQL5.7 | nano、lrzsz、 |
| 2 | 業務服務器(jira-apps-svr) | 10.14.48.13 | jira(V8.20.0) | nano、lrzsz、java1.8 |
1.2.1、修改服務器名稱
## 將10.14.48.13服務器名稱設置成jira-apps-svr
> hostnamectl set-hostname jira-apps-svr
## 將10.14.48.12服務器名稱設置成jira-db-svr
> hostnamectl set-hostname jira-db-svr
二、數據庫服務器安裝
2.1、基礎環境安裝
2.1.1、關閉防火墻和SELinux
重啟、關閉、開啟firewalld.service服務
## 重啟
systemctl restart firewalld
## 開啟
systemctl start firewalld
## 關閉
systemctl stop firewalld
## 開啟開機啟動
systemctl enable firewalld
## 關閉開機啟動
systemctl disable firewalld
## 查看防火墻狀態
systemctl status firewall
關閉 SELinux
## 查詢 SELinux 狀態
getenforce
## 設置 SELinux 狀態 (臨時生效)
setenforce [ Enforcing | Permissive | 1 | 0 ]
## 臨時關閉 SELinux
##設置SELinux 成為permissive模式
setenforce 0
如果要永久關閉 SELinux,需要修改/etc/selinux/config并重啟機器:
## /etc/selinux/config
## 將SELINUX=enforcing改為SELINUX=disabled
SELINUX=disabled
2.1.2、安裝 nano
> yum -y install nano
2.1.3、安裝 lrzsz
> yum -y install lrzsz
2.2、安裝 Mysql 數據庫
2.2.1、安裝yum源
2.2.1.1、下載mysql源安裝包
wget http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm
2.2.2、安裝mysql源
> yum localinstall mysql57-community-release-el7-8.noarch.rpm -y
2.2.3、檢查mysql源是否安裝成功
> yum repolist enabled | grep "mysql.*-community.*" -y
成功將返回
mysql-connectors-community/x86_64 MySQL Connectors Community 221
mysql-tools-community/x86_64 MySQL Tools Community 135
mysql57-community/x86_64 MySQL 5.7 Community Server 544
2.2.4、配置源
可選修改nano /etc/yum.repos.d/mysql-community.repo源
改變默認安裝的mysql版本。比如要安裝5.6版本,將5.7源的enabled=1改成enabled=0。然后再將5.6源的enabled=0改成enabled=1即可。改完之后的效果如下所示:
[mysql-connectors-community]
name=MySQL Connectors Community
baseurl=http://repo.mysql.com/yum/mysql-connectors-community/el/7/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
[mysql-tools-community]
name=MySQL Tools Community
baseurl=http://repo.mysql.com/yum/mysql-tools-community/el/7/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
# Enable to use MySQL 5.5
[mysql55-community]
name=MySQL 5.5 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.5-community/el/7/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
# Enable to use MySQL 5.6
[mysql56-community]
name=MySQL 5.6 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.6-community/el/7/$basearch/
enabled=0 ## 注意這里這里
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
[mysql57-community]
name=MySQL 5.7 Community Server
baseurl=http://repo.mysql.com/yum/mysql-5.7-community/el/7/$basearch/
enabled=1 ## 注意這里這里
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
[mysql-tools-preview]
name=MySQL Tools Preview
baseurl=http://repo.mysql.com/yum/mysql-tools-preview/el/7/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
2.2.5、安裝mysql
> yum install mysql-community-server -y
等待安裝完成
2.3、配置mysql
2.3.1、啟動mysql
> systemctl start mysqld
2.3.2、查看MySQL的啟動狀態
> systemctl status mysqld
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; disabled; vendor preset: disabled)
Active: active (running) since 五 2016-06-24 04:37:37 CST; 35min ago
Main PID: 2888 (mysqld)
CGroup: /system.slice/mysqld.service
└─2888 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
6月 24 04:37:36 localhost.localdomain systemd[1]: Starting MySQL Server...
6月 24 04:37:37 localhost.localdomain systemd[1]: Started MySQL Server.
2.3.3、設置開機啟動
> systemctl enable mysqld
> systemctl daemon-reload
2.3.4、修改root本地登錄密碼
2.3.4.1、查詢初始密碼
mysql安裝完成之后,在/var/log/mysqld.log文件中給root生成了一個默認密碼。通過下面的方式找到root默認密碼,然后登錄mysql進行修改:
## /etc/my.cnf 配置文件已經將日志目錄配置到 /opt/data/logs/mysql/mysqld.log
> grep 'temporary password' /opt/data/logs/mysql/mysqld.log
2021-10-27T12:44:48.643548Z 1 [Note] A temporary password is generated for root@localhost: :)hmags2ed0X
2.3.4.2、修改密碼
> mysql -uroot -p mysql
>:)hmags2ed0X
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'Abc@12345678';
或者
mysql> set password for 'root'@'localhost'=password('Abc@12345678');
2.3.4.3、創建遠程登入帳號
GRANT ALL PRIVILEGES ON *.* TO 'application'@'%' IDENTIFIED BY 'aBc!@#123' WITH GRANT OPTION;
**注意:**mysql5.7默認安裝了密碼安全檢查插件(validate_password),默認密碼檢查策略要求密碼必須包含:大小寫字母、數字和特殊符號,并且長度不能少于8位。否則會提示ERROR 1819 (HY000): Your password does not satisfy the current policy requirements錯誤,如下所示:s
mysql> set password for 'root'@'localhost'=password('12345678');
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
2.3.4.4、修改密碼策略
通過msyql環境變量可以查看密碼策略的相關信息:
> show variables like '%password%';
+----------------------------------------+-----------------+
| Variable_name | Value |
+----------------------------------------+-----------------+
| default_password_lifetime | 0 |
| disconnect_on_expired_password | ON |
| log_builtin_as_identified_by_password | OFF |
| mysql_native_password_proxy_users | OFF |
| old_passwords | 0 |
| report_password | |
| sha256_password_auto_generate_rsa_keys | ON |
| sha256_password_private_key_path | private_key.pem |
| sha256_password_proxy_users | OFF |
| sha256_password_public_key_path | public_key.pem |
| validate_password_check_user_name | OFF |
| validate_password_dictionary_file | | <--密碼策略文件,策略為STRONG才需要
| validate_password_length | 8 | <--密碼最少長度
| validate_password_mixed_case_count | 1 | <--大小寫字符長度,至少1個
| validate_password_number_count | 1 | <--數字至少1個
| validate_password_policy | MEDIUM | <--密碼策略,默認為MEDIUM策略
| validate_password_special_char_count | 1 | <--特殊字符至少1個
+----------------------------------------+-----------------+
17 rows in set (0.01 sec)
上述參數是默認策略MEDIUM的密碼檢查規則。
共有以下幾種密碼策略:
| 策略 | 檢查規則 |
|---|---|
| 0 or LOW | Length |
| 1 or MEDIUM | Length; numeric, lowercase/uppercase, and special characters |
| 2 or STRONG | Length; numeric, lowercase/uppercase, and special characters; dictionary file |
修改密碼策略
在/etc/my.cnf文件添加validate_password_policy配置,指定密碼策略
# 選擇0(LOW),1(MEDIUM),2(STRONG)其中一種,選擇2需要提供密碼字典文件
validate_password_policy=0
如果不需要密碼策略,添加my.cnf文件中添加如下配置禁用即可:
validate_password = off
重新啟動mysql服務使配置生效:
>systemctl restart mysqld
2.3.4.5、配置默認編碼為utf8mb4
修改/etc/my.cnf配置文件,在[mysqld]下添加編碼配置,如下所示:
[mysqld]
character_set_server=utf8mb4
init_connect='SET NAMES utf8mb4'
重新啟動mysql服務,查看數據庫默認編碼如下所示:
mysql> show variables like '%character%';
+--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | utf8 |
| character_set_connection | utf8 |
| character_set_database | utf8mb4 |
| character_set_filesystem | binary |
| character_set_results | utf8 |
| character_set_server | utf8mb4 |
| character_set_system | utf8 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.00 sec)
2.3.4.6、修改默認配置
## 默認配置文件路徑:
## 配置文件:/etc/my.cnf
## 日志文件:/var/log/mysqld.log 修改為
log-error = /opt/data/logs/mysql/mysqld.log
## 服務啟動腳本:/usr/lib/systemd/system/mysqld.service
## socket文件:/var/run/mysqld/mysqld.pid 修改為
pid-file = /opt/data/var/run/mysqld/mysqld.pid
## 默認端口 3306 修改為
port = 13306
## 不綁定 ip
bind-address = 0.0.0.0
2.3.4.6.1、修改后的最終配置文件如下:
[mysqld]
bind-address = 0.0.0.0
port = 13306
datadir = /opt/data/mysql
socket = /opt/data/mysql/mysql.sock
skip-external-locking
#忘記密碼
#skip-grant-tables
# 關閉 SSL
skip-ssl
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links = 0
log-error = /opt/data/logs/mysql/mysqld.log
pid-file = /opt/data/var/run/mysqld/mysqld.pid
# jira需要的配置
default-storage-engine = INNODB
character_set_server = utf8mb4
collation-server = utf8mb4_bin
innodb_default_row_format = DYNAMIC
innodb_large_prefix = ON
innodb_file_format = Barracuda
innodb_log_file_size = 2G
max_allowed_packet = 256M
innodb_log_file_size = 512M
transaction-isolation = READ-COMMITTED
# remove this if it exists
# sql_mode = NO_AUTO_VALUE_ON_ZERO
optimizer_switch = derived_merge=off
binlog_format=row
log-bin-trust-function-creators = 1
[client]
port = 13306
socket = /opt/data/mysql/mysql.sock
注意:datadir 和 log 路徑,需要創建相應的文件夾 并 變更文件夾權限
> mkdir /opt/data
> mkdir /opt/data/mysql
> mkdir /opt/data/logs
> mkdir /opt/data/var
> mkdir /opt/data/logs/mysql
> mkdir /opt/data/var/run
> chmod -R 777 /opt/data/
安裝 tree 工具查看目錄結構
## 安裝 tree 工具
> yum -y inistall tree
> tree
## 最終目錄結構
.
└── data
├── logs
│ └── mysql
├── mysql
└── var
└── run
重新啟動mysql服務使配置生效:
> systemctl restart mysqld
三、應用服務器環境安裝
3.1、安裝 java
下載 java tar.gz 壓縮包解壓到/opt/java,修改 /etc/profile文件,加入系統環境配置,本文已安裝 java(V1.8.151)為例
>nano /etc/profile
## 末端加入一下內容
export JAVA_HOME=/opt/java/jdk1.8.0_151
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
export PATH=$PATH:$JAVA_HOME:$JAVA_HOME/bin:$JRE_HOME/bin:$CLASSPATH
## 重新加載使配置生效
> source /etc/profile
查看安裝情況
> java -version
java version "1.8.0_151"
Java(TM) SE Runtime Environment (build 1.8.0_151-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.151-b12, mixed mode)
3.2、安裝 tomcat所需基礎環境
yum -y install gcc gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel
四、部署破解程序
破解程序使用的是
atlassian-agent-v1.3.1.zip可以在百度中找到
將破解程序解壓到/opt/atlassian-agent目錄下
## 修改權限
> chmod -R 777 /opt/atlassian-agent/
修改環境變量 /etc/profile,末端加入
## jira 破解文件
export JAVA_OPTS="-javaagent:/opt/atlassian-agent/atlassian-agent.jar ${JAVA_OPTS}"
五、安裝 jira
本文已安裝
atlassian-jira-software-8.20.0-x64.bin為例
5.1、準備安裝包
## 通過斷點續傳下載安裝包
> wget -c https://product-downloads.atlassian.com/software/jira/downloads/atlassian-jira-software-8.20.0-x64.bin
## 添加執行權限
> chmod +x ./atlassian-jira-software-8.20.0-x64.bin
5.2、開始安裝 jira
./atlassian-jira-software-8.20.0-x64.bin
Starting Installer ...
This will install Jira Software 8.20.0 on your computer.
OK [o, Enter], Cancel [c]
o <<--此處選 o 或 直接回車
Click Next to continue, or Cancel to exit Setup.
Choose the appropriate installation or upgrade option.
Please choose one of the following:
Express Install (use default settings) [1], Custom Install (recommended for advanced users) [2, Enter], Upgrade an existing Jira installation [3]
1 <<--此處選 1 回車
Details on where Jira Software will be installed and the settings that will be used.
Installation Directory: /opt/atlassian/jira
Home Directory: /var/atlassian/application-data/jira
HTTP Port: 8080
RMI Port: 8005
Install as service: Yes
Install [i, Enter], Exit [e]
i <<--此處選 i或 直接回車
Extracting files ...
Please wait a few moments while Jira Software is configured.
Installation of Jira Software 8.20.0 is complete
Start Jira Software 8.20.0 now?
Yes [y, Enter], No [n]
y <<--此處選 y或 直接回車
Please wait a few moments while Jira Software starts up.
Launching Jira Software ...
Installation of Jira Software 8.20.0 is complete
Your installation of Jira Software 8.20.0 is now ready and can be accessed
via your browser.
Jira Software 8.20.0 can be accessed at http://localhost:8080
Finishing installation ...
默認安裝路徑為/opt/atlassian/jira,默認端口為8080
5.3、修改服務端口
將默認端口8080修改為16661
## 修改配置文件
> nano /opt/atlassian/jira/conf/server.xml
查找到8080修改為16661
重啟生效
> /etc/init.d/jira stop
> /etc/init.d/jira start
5.4、修改jira 的 Home 目錄(數據存儲目錄)
## 修改配置文件
> nano /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/jira-application.properties
## jira.home = /var/atlassian/application-data/jira
jira.home = /opt/data/var/atlassian/application-data/jira
5.5、添加 MySQL 數據庫驅動
這里使用的是mysql-connector-java-5.1.46.jar
## 將數據庫驅動jar包復制到 jira 安裝目錄
> cp ./mysql-connector-java-5.1.46/* /opt/atlassian/jira/atlassian-jira/WEB-INF/lib
5.6、創建數據庫
登入10.14.48.12 MySQL數據庫
> mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
創建 jira 數據庫
## 創建數據庫
mysql> create database jira character set utf8mb4 collate utf8mb4_bin;
Query OK, 1 row affected (0.00 sec)
mysql>
數據庫授權(之前已經授權了一個全局賬號 application)
GRANT ALL PRIVILEGES ON *.* TO 'application'@'%' IDENTIFIED BY 'aBc!@#123' WITH GRANT OPTION;
5.7、配置 jira
5.7.1、破解 jira
得到服務器 id B9DJ-MHER-ETA1-54FO 后通過破解程序atlassian-agent.jar獲取許可證信息
## 查看一下 破解程序 命令說明
> java -jar /opt/atlassian-agent/atlassian-agent.jar
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
KeyGen usage: java -jar /opt/atlassian-agent/atlassian-agent.jar [-d] [-h] -m
<arg> [-n <arg>] -o <arg> -p <arg> -s <arg>
-d,--datacenter Data center license[default: false]
-h,--help Print help message
-m,--mail <arg> License email
-n,--name <arg> License name[default: <license email>]
-o,--organisation <arg> License organisation
-p,--product <arg> License product, support:
[crowd: Crowd]
[jsm: JIRA Service Management]
[questions: Questions plugin for Confluence]
[crucible: Crucible]
[capture: Capture plugin for JIRA]
[conf: Confluence]
[training: Training plugin for JIRA]
[*: Third party plugin key, looks like:
com.foo.bar]
[bitbucket: Bitbucket]
[tc: Team Calendars plugin for Confluence]
[bamboo: Bamboo]
[fisheye: FishEye]
[portfolio: Portfolio plugin for JIRA]
[jc: JIRA Core]
[jsd: JIRA Service Desk]
[jira: JIRA Software(common jira)]
-s,--serverid <arg> License server ID
================================================================================
# Crack agent usage: append -javaagent arg to system environment: JAVA_OPTS.
# Example(execute this command or append it to setenv.sh/setenv.bat file):
export JAVA_OPTS="-javaagent:/opt/atlassian-agent/atlassian-agent.jar ${JAVA_OPTS}"
# Then start your confluence/jira server.
開始破解獲取許可證信息
java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p jc -o http://10.14.48.13:16661 -s B9DJ-MHER-ETA1-54FO
得到如下信息
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABvA0ODAoPeJx1kl+PojAUxd/7KUj2GaQg4Jg0WQeYFQP+H+e5wnWoYjFtccb99FuFSWZ3NelLe
9tzTn/3/niDwpjlynACw3GHDh56jhGu1oZjOxiFAqhiNY+oAnI9MbFtOgFKWQ5cwvpygik9AglnW
RYvw2SUovhMq+b2iOxoJQFFIHPBTreTV16xI1PasmoVjO3FKJU6yWGv97tkFVisRjPxTjmTrci1q
ovYtnDf6g8s7A6x7/s6W80VzVWcUVYRWhwZ/7mtK8rfmbJyjvZMUGvaHLcgZrtXCUISE6POdkxlS
bLwI3wZRwdvP+n9etsVHzs3SpZzGZZpKjebxahc7J7nfllV08M4lBM8mO8L4DTIq/NyQUhroSOwM
xAlGkA6Clf6Bs8h/jwxcem4DZ5MO9CrfXESddHkyrpuzLwW8JdGhzaJSJpEq3hqpth3Pbc/wNjxs
NdKdJfigrVYp2mSJes4emSwUlQoEF1Hvkvca+EKxBmETvD8FE3MbBwvzXg9wqbXf5mhA1w2GubVF
vu2HdgD18XoP9BfCe9imDciL6mEf8fqQfpHXfzK4SDNidxh1Y3I7X/fZuMPJ7H4PDAsAhQ/bL0Kp
/mOjB+cdzQtWyeGxLMElwIUaQc0DwBN4MddoXzE83lzW6N5YWU=X02l9
5.7.2、驗證破解情況
配置完后在頁面右上角找到配置圖標進入應用程序配置頁面
我們會發現 Jira Core 已經破解成功可以使用,Jira Software 還需繼續破解獲取許可證
5.7.3、破解 jira software
> java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p jira -o http://10.14.48.13:16661 -s B9DJ-MHER-ETA1-54FO
注意 -c 后面的參數 從 jc 改成 jira
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAAB3g0ODAoPeJx9UlGPojAYfOdXkNzjBqSAiCZN1oNu5CKyu6Cb9a3ip3QPC2mLd+6vP1wxcU9j0
pc2nflm5psfb7DWk1zp9kC3nZHTH/WRHqSZbls20rYCgBdVXYMwpywHLiE71DCjO8BBEsfkNYjGU
y0QQBWreEgV4CPQQJZhD7Q7kBBkLlh9ROE5L9mOqVZIeQLoq4NeKFXLUa/3WbASTFZpMWVcAac8B
/K3ZuLQTfOHhjVoj/bBBD2rJGt2op5NozjKSKjNmt0KRLKZSxASG+gs7g5XLap1kyvzeDFktVF/q
ADziujOX5ortgesRAPfsrx87zwvWrajYlsje1o2X3niDS0laInYUs7k6emYSxsLskzkmq5vImeEP
M9DWlBx1fKSNqcS0/WO8cdVVVK+ZcrM+UnllfZu+ITKAseBFTy9BHEZLhdzmb43no+K3nudZItmu
XnbP4+jebp4iBIUb3uEbFL342VZB2uRVp+TbIxPIy6t3UkmVVQoEJ3DbhdRiKdRmJKZMUWe03dcf
9hHQ9f/ttpbbUpB7EG08J/D8JcRT8irQbIxMvruU6L9hsM5XORZ1sDyHedmta9L89yIvKAS/i/2J
RjaVopaMNmZbuXjGxa69Xwpv9jLP9MbLKYwLQIVAIV4+d0NAe0BvUntF02vzFTU7J6fAhQFp1wHW
1myVERVkk0j+JIJ9RBDFg==X02mq
點擊頁面上的“粘貼許可證”,更新許可證信息
5.7.4、插件破解
破解插件的要點在于點【立即購買】進行安裝而不是【免費使用】
5.7.4.1、獲取應用密鑰
在應用管理頁面獲取【應用密鑰】com.fulstech.jira-gherkin-custom-field
5.7.4.2、獲取許可證信息
> java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p com.fulstech.jira-gherkin-custom-field -o http://10.14.48.13:16661 -s B9DJ-MHER-ETA1-54FO
注意-p 后面的參數改成了應用密鑰
com.fulstech.jira-gherkin-custom-field
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABrA0ODAoPeJyNUlFv2jAYfPeviLTHyWkcQwJIlgYhrHSQdISWvRrzhZgmTmY7dOzXL1CQqmoPl
ewXn7677+78ZQM7JxXW8UPHp6N+MKJDJ8rWju/5BIm6cvO2NBZE4R6k5nhfgH6RCovW2LrCuYRy5
3Jh5RGY1S2gSAO3slZTboGdSTDxsB+ihRSgDKxPDSS8Ahaly2W8iubjBYqPvGwvQyznpQE0BSO0b
C4vT6qUlbTdluUbg7M9OYW1jRnd3f0tZAmurFGq91xJ80ZyRjuQeC7pub2BS+iIBEHwaTugLOhGS
3OzVCvbWYyXXJaM7yqpvm3rkqu9tK5Q6LrXPTcFW0av0Wy2mezzr99ttmpFEj6LkwgbSX9PiBHjY
vVI4kOZ04Ov282v5AF+2AnN5unY1j8ZQ51Gp664EhD/aaQ+XXMcDLEXdgdloI+g51M2GU4f8PI+X
uF4PSa435ul6AVOz6DNOQQSeF7oDSglKGmrLeg0fzIdxjC5dfF/gcdWi4Ib+Fjg1eaN3/9smpnlu
svzWm0WJ6y7eEEC2qd9jwyHdODdIr78jHfZ/gOi2t+qMCwCFHNg++lzyV1dph8ARHOTUhyU/or+A
hRME7aipUt+bYz2lQxfq87UhYKtnw==X02kk
更新插件許可證信息
完美破解
六、安裝Confluence
本文已安裝
atlassian-confluence-7.13.1-x64.bin為例
6.1、準備安裝包
## 通過斷點續傳下載安裝包
> wget -c https://product-downloads.atlassian.com/software/confluence/downloads/atlassian-confluence-7.13.1-x64.bin
## 添加執行權限
> chmod +x ./atlassian-confluence-7.13.1-x64.bin
6.2、開始安裝Confluence
> ./atlassian-confluence-7.13.1-x64.bin
Starting Installer ...
This will install Confluence 7.13.1 on your computer.
OK [o, Enter], Cancel [c]
o <<--此處選 o 或 直接回車
Click Next to continue, or Cancel to exit Setup.
Choose the appropriate installation or upgrade option.
Please choose one of the following:
Express Install (uses default settings) [1],
Custom Install (recommended for advanced users) [2, Enter],
Upgrade an existing Confluence installation [3]
1 <<--此處選 1 回車
See where Confluence will be installed and the settings that will be used.
Installation Directory: /opt/atlassian/confluence
Home Directory: /var/atlassian/application-data/confluence
HTTP Port: 8090
RMI Port: 8000
Install as service: Yes
Install [i, Enter], Exit [e]
i <<--此處選 i 或 直接回車
Extracting files ...
Please wait a few moments while we configure Confluence.
Installation of Confluence 7.13.1 is complete
Start Confluence now?
Yes [y, Enter], No [n]
y <<--此處選 y 或 直接回車
Please wait a few moments while Confluence starts up.
Launching Confluence ...
Installation of Confluence 7.13.1 is complete
Your installation of Confluence 7.13.1 is now ready and can be accessed via
your browser.
Confluence 7.13.1 can be accessed at http://localhost:8090
Finishing installation ...
默認安裝路徑為/opt/atlassian/confluence,默認端口為8090
6.3、修改服務端口
將默認端口8090修改為16662
## 修配置文件
> nano /opt/atlassian/confluence/conf/server.xml
查找到8090修改為16662
重啟生效
> /etc/init.d/confluence restart
###6.4、修改confluence的 Home 目錄(數據存儲目錄)
## 修改配置文件
> nano /opt/atlassian/confluence/confluence/WEB-INF/classes/confluence-init.properties
## confluence.home = /var/atlassian/application-data/confluence
confluence.home = /opt/data/var/atlassian/application-data/confluence
6.5、添加 MySQL 數據庫驅動
這里使用的是mysql-connector-java-5.1.46.jar
## 將數據庫驅動jar包復制到 confluence 安裝目錄
> cp ./mysql-connector-java-5.1.46/* /opt/atlassian/confluence/confluence/WEB-INF/lib/
6.6、創建數據庫
登入10.14.48.12 MySQL數據庫
> mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3943
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
創建 confluence數據庫
## 創建數據庫
mysql> create database confluence character set utf8mb4 collate utf8mb4_bin;
Query OK, 1 row affected (0.00 sec)
mysql>
數據庫授權(之前已經授權了一個全局賬號 application)
GRANT ALL PRIVILEGES ON *.* TO 'application'@'%' IDENTIFIED BY 'aBc!@#123' WITH GRANT OPTION;
6.7、配置 confluence
、
6.7.1、破解 confluence
得到服務器 id B6PZ-EF8I-81RS-6B8E 后通過破解程序atlassian-agent.jar獲取許可證信息
開始破解獲取許可證信息
> java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p conf -o http://10.14.48.13:16662 -s B6PZ-EF8I-81RS-6B8E
得到如下信息
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABkw0ODAoPeJxtUcFuozAUvPsrkPZYQWxgHRLJUlugu6kCZEvSVfZm6EtwSwyyTVr69SUJlVZVJ
V88ozczb96PpJFW2hwtTCzizj089z0rzNeWi12CQgXciEZG3AA7ITYhNiYoPvK6OzNsx2sNKAJdK
tGekY2sxUEYeLJqUYLUYBW9VRnT6vlk8l6JGhzRoEztuRT6InJiB5Jgh/iOHzjEmxNKqYvKRu4cX
hpxBGZUByhspBn+ccJFzfjTQcjroqm53AvjlBKNjr+5rlgSvoZ38Ta8h/tu+zfPRDWrn9/cKnZJ2
/wqVzfVn1ZHu9nELzawfoyu+ncabTdXOEsLuWfsYp4brgyocc8ztLyYrPsWUn4AFmZJEj+Ei5slG
mJJA5LLEuK3Vqh+bC6Y2Xg6PDTOLiK2XER5nNpLQr2fU59g36MzinJQR1ADfUtX/+z4LljYAXnIb
XobxOgF+kdQ+tQYoRhPceB55FPye79Vp8qKa/h6wbGoT7mx6bQ7FKCy3UYPOLMJGhKyb1KOVzhv/
1/9H/8TvBwwLAIUf1SW7NFe4miwhiNj3TpOFB23geACFCBapLdrBl7VLbLIu740EAqQCYXqX02jf
6.7.2、驗證破解情況
路徑:右上角-設置-一般配置-管理-授權細節
6.7.3、插件破解
插件破解方式參見5.7.4,主要要注意一下 -p 參數、-o 參數和- s 參數,要和插件、confluence的服務地址以及服務器 ID 相匹配。
七、安裝Bitbucket
本文已安裝
atlassian-bitbucket-7.17.0-x64.bin為例
7.1、準備安裝包
## 通過斷點續傳下載安裝包
> wget -c https://product-downloads.atlassian.com/software/stash/downloads/atlassian-bitbucket-7.17.0-x64.bin
## 添加執行權限
> chmod +x ./atlassian-bitbucket-7.17.0-x64.bin
7.2、開始安裝 Bitbucket
> ./atlassian-bitbucket-7.17.0-x64.bin
Starting Installer ...
Unsatisfied requirement: git
Unable to find Git! Please install Git before installing Bitbucket.
For more information please visit: https://go.atlassian.com/installgit
NOTE: If you proceed without a working Git, Bitbucket won't be able to start
after installation until a working Git is found.
If you proceed without a working Git, Bitbucket won't be able to start after installation.
Are you sure you want to continue?
Yes [y, Enter], No [n]
y <<--此處選 y 或 直接回車
Bitbucket 7.17.0 installation wizard
Would you like to install or upgrade an instance?
Install a new instance [1, Enter], Upgrade an existing instance [2]
1 <<--此處選 1 或 直接回車
Install Bitbucket 7.17.0
What type of instance are you looking to install?
Install a Server instance [1, Enter], Install a Data Center instance [2], Install a Smart Mirroring instance [3]
1 <<--此處選 1 或 直接回車
Where should Bitbucket be installed?
Select the folder where you would like Bitbucket 7.17.0 to be installed,
then click Next.
[/opt/atlassian/bitbucket/7.17.0] <<--此處直接回車
Default location for Bitbucket home directory
The location for Bitbucket data.
This will be the default location for repositories, plugins, and other data.
Ensure that this location is not used by another Bitbucket installation.
[/var/atlassian/application-data/bitbucket] <<--此處直接回車
Configure which ports Bitbucket will use.
Configure TCP Ports
Bitbucket requires a TCP port that isn't being used by other applications.
The HTTP port is where users access Bitbucket through their browsers.
Bitbucket also requires ports 7992 and 7993 are available to run an embedded
Elasticsearch instance that provides search functionality to Bitbucket.
HTTP Port Number
[7990] <<--此處直接回車
Run as a service
For a production server we recommend that you run Bitbucket as a
Windows/Linux service because Bitbucket will restart automatically when the
computer restarts.
Install Bitbucket as a service?
Yes [y, Enter], No [n]
y <<--此處選 y 或 直接回車
Please review your Bitbucket installation settings
Installation Summary
Installation Directory: /opt/atlassian/bitbucket/7.17.0
Home Directory: /var/atlassian/application-data/bitbucket
HTTP Port: 7990
Install as a service: Yes
Install [i, Enter], Exit [e]
i <<--此處選 i 或 直接回車
Git is missing. If you proceed Bitbucket won't be able to start after installation.
Are you sure you want to continue?
Yes [y, Enter], No [n]
y <<--此處選 y 或 直接回車
Extracting files ...
Installation of Bitbucket is complete
Would you like to launch Bitbucket?
Yes [y, Enter], No [n]
y <<--此處選 y 或 直接回車
Please wait a few moments while Bitbucket starts up.
Launching Bitbucket ...
Installation of Bitbucket 7.17.0 is complete
Your installation of Bitbucket 7.17.0 is now ready and can be accessed via
your browser.
Bitbucket 7.17.0 can be accessed at http://localhost:7990
Launch Bitbucket 7.17.0 in browser?
Yes [y, Enter], No [n]
y <<--此處選 y 或 直接回車
Finishing installation ...
7.3、安裝 git環境
## 查看是否已經安裝了 git
> git --version
-bash: git: command not found
## yum 安裝 git
> yum -y install git-core
## 驗證 git 安裝情況
> git --version
git version 1.8.3.1
7.3.1、升級 git
Bitbucket 7.17.0 只支持 2.11.0+以上版本的 git,所以需要對git進行升級。
7.3.1.1、配置存儲庫
## 添加 /etc/yum.repos.d/wandisco-git.repo 文件
> nano /etc/yum.repos.d/wandisco-git.repo
## 添加如下信息
[wandisco-git]
name=Wandisco GIT Repository
baseurl=http://opensource.wandisco.com/centos/7/git/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://opensource.wandisco.com/RPM-GPG-KEY-WANdisco
7.3.1.2、導入存儲庫GPG密鑰
> sudo rpm --import http://opensource.wandisco.com/RPM-GPG-KEY-WANdisco
7.3.1.3、更新 git
> yum install git -y
7.3.1.4、驗證 git 版本
> git --version
git version 2.31.1
7.4、添加 MySQL 數據庫驅動
這里使用的是mysql-connector-java-5.1.46.jar
## 將數據庫驅動jar包復制到 bitbucket 安裝目錄
> cp ./mysql-connector-java-5.1.46/* /opt/atlassian/bitbucket/7.17.0/app/WEB-INF/lib/
7.5、修改 Bitbucket 的 Home 目錄(數據存儲目錄)
## 修改配置文件
> nano /opt/atlassian/bitbucket/7.17.0/bin/set-bitbucket-home.sh
## BITBUCKET_HOME="/var/atlassian/application-data/bitbucket"
if [ -z "$BITBUCKET_HOME" ]; then
BITBUCKET_HOME="/opt/data/var/atlassian/application-data/bitbucket"
fi
7.6、修改服務端口
## 在配置文件 /opt/data/var/atlassian/application-data/bitbucket/shared/bitbucket.properties 末端插入端口配置
> echo "server.port=16663" >> /opt/data/var/atlassian/application-data/bitbucket/shared/bitbucket.properties
重啟生效
> /etc/init.d/atlbitbucket restart
7.7、創建數據
登入10.14.48.12 MySQL數據庫
> mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3943
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
創建 bitbucket數據庫
## 創建數據庫 bitbucket 需要支持 UTF-8 的數據庫
mysql> create database bitbucket character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)
mysql>
數據庫授權(之前已經授權了一個全局賬號 application)
GRANT ALL PRIVILEGES ON *.* TO 'application'@'%' IDENTIFIED BY 'aBc!@#123' WITH GRANT OPTION;
7.8、配置 bitbucket
瀏覽器訪問:http://10.14.48.13:7990/
7.8.1、破解 Bitbucket
得到服務器 id BLCU-4GTY-1H2C-IG7I 后通過破解程序atlassian-agent.jar獲取許可證信息
開始破解獲取許可證信息
> java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p bitbucket -o http://10.14.48.13:16663 -s BLCU-4GTY-1H2C-IG7I
得到如下信息
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABlA0ODAoPeJxtUcFuozAUvPsrkPYMtYEAiYS0rEMSKki6S1Ipe3PoS7DWmKxt6KZfvyShUlVV9
unN08y8mW9FK61121s4skg4c6czPLFoubVc7BJEFTDDWzlnBuLrxCbExhFKeya6GxIfmdCA5qArx
c+3yU4K3nADL5bgFUgN1uFi1cac9ezh4a3mAhzeoo06Mcn1neSKDiDBDvEdP3KINyNBEHiIttKwy
qQF4yJmLw2X3w+tYPLEjVNJNAqsmK7jgvp08ZOu5GPnd4nwf9ev28fJUrSvTbdISr1PsuckE960X
RxD/+lE9qtT8tZH9K/A9Y5wpM1A46y75gBqc9xpUDq2CRqkpQHJZAXpvzNXlzGMaGrjcPgov5vI5
nGezct0beck8K4v9CehG4y849b2coY1ayCmm6JIf9EsyceF0jBlQI2BlqB6UAPnj5zubH+53dtk5
VI7W4YZ+gOX58HdNTkSYBziyPPIu4+vTd41hih5D7FRHaCnTlU10/C52zHTdwEXDSfFX5w1VnM75
kMn/wHB9L5pMCwCFHRoGlraUB+z+6t+HvzYznh0dgZUAhQikalqJ73FnXx2utQFaeeyidp6yA==X
02jj
7.6.2、驗證破解情況
7.9.3、(破解插件)安裝中文語言包
插件破解方式參見5.7.4,主要要注意一下 -p 參數、-o 參數和- s 參數,要和插件、confluence的服務地址以及服務器 ID 相匹配。
7.9.3.1、獲取應用密鑰
在應用管理頁面獲取【應用密鑰】csdn.bitbucket.languagepack.zh_CN
7.9.3.2、獲取許可證信息
> java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p csdn.bitbucket.languagepack.zh_CN -o http://10.14.48.13:16663 -s BLCU-4GTY-1H2C-IG7I
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABqg0ODAoPeJyNUl1vmzAUffevQNozFAcCJBJSV4elTHykJWm0vUyG3IITYpBtUOmvH0mJNE2TO
vnjwUfn3HvO9Ze44VrS9JrpadhdzudLy9FIttVm5gyjQh64kTOVd8UJlFFTXna0hJYWJ+O9+kUSg
xaK9eAr0QEiAqhiDV9RBf6Fr2Osmx6KWAFcwnZoIaFn8Ekax8EzCb9GKOhp3V1J/iutJaAVyEKw9
vqy4zU7MwUHrf5Q0PJBq5Rq5fLu7r1iNRisQakoKWfyQ+SCjiA2DWwbtmdga4kdx7H+wwlwBaIVT
E5uPmdkioqRM3VOGq7GNIKYstqnhzPj93lzYTFlFBxNFh6prPyYmOTbE9nswze7747R/CeIdaAWW
Rgfj3Grnstwt/m+f3qITqvUy+qhbEUUkoX3kgb23vTRWGPsllNeQPDWMjFMkXsL3XTHjTIQPYhw5
T9EZKfb6+0PHT/OiB6u3RCdYHgBIS95Ycc0XdOzLIyS7pyDSF93csR8Hd/G9u8Cm04UFZXw96wnm
zf9GcqCxB+PHmHHGtfcGm/s3tK6/oc/YvoNuxzZQTAuAhUAgEyIWWhFLAQ1mtdgOvphE3/rMMICF
QCLHU+cW2CLtZhkwxK0d1a6p402Aw==X02kk
注意-p 后面的參數改成了應用密鑰
csdn.bitbucket.languagepack.zh_CN
完美破解
7.9.3.4、設置使用中文語言
配置路徑:右上角-管理賬號-賬號設置
八、安裝Bamboo
本文已安裝
atlassian-bamboo-8.0.4.tar.gz為例
8.1、準備安裝包
## 通過斷點續傳下載安裝包
> wget -c https://product-downloads.atlassian.com/software/bamboo/downloads/atlassian-bamboo-8.0.4.tar.gz
## 解壓安裝包
> tar -zxvf atlassian-bamboo-8.0.4.tar.gz
> mv atlassian-bamboo-8.0.4/ /opt/atlassian/bamboo
# 創建獨立安裝賬號
> useradd bamboo
> passwd bamboo
## 密碼:968856.Xx
> su - bamboo
## 修改所有者為 bamboo 賬號,并修改賬號權限為775
> chown -R bamboo:root /opt/atlassian/bamboo/
> chmod -R 775 /opt/atlassian/bamboo/
8.2、修改服務端口
將默認端口8085修改為16664
## 修改配置文件
> nano /opt/atlassian/bamboo/conf/server.xml
查找到8085修改為16664
重啟生效
## 關閉 bamboo 服務
su bamboo /opt/atlassian/bamboo/bin/stop-bamboo.sh
## 啟動 bamboo 服務
su bamboo /opt/atlassian/bamboo/bin/start-bamboo.sh
8.3、修改 Bamboo 的 Home 目錄(數據存儲目錄)
## 修改配置文件
> nano /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/bamboo-init.properties
## 添加如下信息
bamboo.home=/opt/data/var/atlassian/application-data/bamboo
重啟生效
8.4、添加 MySQL 數據庫驅動
這里使用的是mysql-connector-java-5.1.46.jar
## 將數據庫驅動jar包復制到 bamboo 安裝目錄
> cp ./mysql-connector-java-5.1.46/* /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/lib/
8.5、創建數據庫
登入10.14.48.12 MySQL數據庫
> mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3943
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
創建 bamboo數據庫
## 創建數據庫
mysql> create database bamboo character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)
mysql>
數據庫授權(之前已經授權了一個全局賬號 application)
GRANT ALL PRIVILEGES ON *.* TO 'application'@'%' IDENTIFIED BY 'aBc!@#123' WITH GRANT OPTION;
8.6、配置 Bamboo
8.6.1、破解 Bamboo
得到服務器 id BL07-UU4H-R9P4-SN65 后通過破解程序atlassian-agent.jar獲取許可證信息
開始破解獲取許可證信息
> java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p bamboo -o http://10.14.48.14:16664 -s BL07-UU4H-R9P4-SN65
得到如下信息
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABvg0ODAoPeJx1UtuOmzAUfPdXIPUZFgMLJJKlclslFZA0l626b4acBLdgsrZz269fQojUVqlkW
fIceeacOfPlB2y0vD1qlqNhPMbPY9vXouVKs0wLo0gAVazlMVVAroiOsW45qKBN0bZGykrgElaXP
eS0ARLNsixZRNMgRcmR1of+L9nSWgKKQZaC7XtkzWvWMNUp1zcGrbholVJ7OX56+qhYDQZr0UzsK
GfyRnKtdkVsGtgxHL+7x9h1XQdFLVe0VElGWU3opmH8a9HWlO+YMkqOBoEJlRXJolP0EhZbmeFos
z2fv9XsTb2F8mUiAjdkWVB9P717H5zHr+tDwmZJ/uvnzvXfT9CWZkAI6jS4Ak55Ccl5z8Rl8MUf6
abXHTQYMo1JOo2XSa6n2LU9z7I927e80d23paJCgRicGcD80BQgZtuwf867ESTR8b3ajciOQJQ4A
FqCOILoRMK0k12vnYm+GM0dfZm7z+g3XF5ByKtn2DVNz/RtGz/WSNuS1sEOuOqVhuYfTzY/iLKiE
v6ThL+JF9C0CgZmbJrmP4FJNuyWgzydZtNVEt/XdO/cQp155IGBw7b7tP2x5k9tyOjeMCwCFCYFL
RnQx9jBHO+bLCm+MGEZpnOUAhRTk4JCi2+6KoVlY9cJPMN1jX9J4A==X02ld
8.6.2、驗證破解情況
九、安裝 Fisheye
本文已安裝
fisheye-4.8.8.zip為例
9.1、準備安裝包
## 通過斷點續傳下載安裝包
> wget -c https://product-downloads.atlassian.com/software/fisheye/downloads/fisheye-4.8.8.zip
## 解壓安裝包
> unzip fisheye-4.8.8.zip
## 默認解壓成fecru目錄
> mv fecru-4.8.8/ /opt/atlassian/fecru
# 創建獨立安裝賬號
> useradd fecru
> passwd fecru
## 密碼:968856.Xx
> su - fecru
## 修改所有者為 bamboo 賬號,并修改賬號權限為775
> chown -R fecru:root /opt/atlassian/fecru/
> chmod -R 775 /opt/atlassian/fecru/
9.2、修改服務端口
將默認端口8060修改為16665
## 修改配置文件
> nano /opt/atlassian/fecru/config.xml
查找到8060修改為16665
重啟生效
## 關閉 fecru 服務
su fecru /opt/atlassian/fecru/bin/stop.sh
## 啟動 fecru 服務
su fecru /opt/atlassian/fecru/bin/start.sh
9.3、修改 Fisheye的 Home 目錄(數據存儲目錄)
## 修改配置文件
> nano /etc/profile
## 添加如下信息
# fisheye 數據目錄配置
export FISHEYE_INST="/opt/data/var/atlassian/application-data/fecru"
export FISHEYE_HOME="/opt/atlassian/fecru"
## 重新加載環境變量
> source /etc/profile
## 重啟生效
## 關閉 fecru 服務
su fecru /opt/atlassian/fecru/bin/stop.sh
## 啟動 fecru 服務
su fecru /opt/atlassian/fecru/bin/start.sh
8.4、添加 MySQL 數據庫驅動
這里使用的是mysql-connector-java-5.1.46.jar
## 將數據庫驅動jar包復制到 bamboo 安裝目錄
> cp ./mysql-connector-java-5.1.46/* /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/lib/
8.5、創建數據庫
登入10.14.48.12 MySQL數據庫
> mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3943
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
創建 bamboo數據庫
## 創建數據庫
mysql> create database bamboo character set utf8 collate utf8_bin;
Query OK, 1 row affected (0.00 sec)
mysql>
數據庫授權(之前已經授權了一個全局賬號 application)
GRANT ALL PRIVILEGES ON *.* TO 'application'@'%' IDENTIFIED BY 'aBc!@#123' WITH GRANT OPTION;
9.6、配置 Fisheye
9.6.1、破解Fisheye
得到服務器 id BZXM-JPIU-QR10-UNW2 后通過破解程序atlassian-agent.jar獲取許可證信息
開始破解獲取許可證信息
> java -jar /opt/atlassian-agent/atlassian-agent.jar -m admin@bolangit.cn -n bolangit.cn -p fisheye -o http://10.14.48.14:16665 -s BZXM-JPIU-QR10-UNW2
得到如下信息
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABmw0ODAoPeJxtUdFumzAUffdXIO2xgtiEOhDJ0lLCurRA0tC03d4cchO8EpPaho5+/UhKummqZ
PnhnnvvueecL0klrbRqLDewMB67wdijVpjdWy52CQoVcCMqOeUG2LFiE2K7AYoaXtYnhG15qQFNQ
edKHE6VlSzFXhjYWKXIQWqw1q1VGHPQ48HgrRAlOKJCc7XjUuj3JUe0Awl2iOd4fvePCaX0EoWVN
Dw3UcJFyfhmL+TXdVVyuRPGySXqCb5zXbAkfA2/TdybzW5h/Ovm+qXKcfLk3T7o7O1HZIJJsRyOd
rcXixf41Tz6KY3b+JI/54PauxJ3jKGOQxqQXOYQ/T4I1faq/cDGo+6h+J1tNmXxbJpFqR0TOvQJo
YFPPZ+grdAFtOBkhisDqrfmXO2n79sDpHwPLJwnSbQMZ5P4o6VTKhpgRtV/x9J6vwY13640KM1sg
jJQDajuiKufT4l9s5it7LslwfYqfXTRM7QPXd/RU0IxHmF/OCTnwz9XtahVXnAN/2fce3te56JOM
ftEdR/RSdM/2fwBptzB1jAtAhUAix2kQdAHYg78fFXccLEjszOXvNACFCmExYQ4EpO4AYs3bFtaL
PxJTu/EX02jr
九、安裝 Crowd
本文已安裝
atlassian-crowd-4.3.5.tar.gz為例
9.1、準備安裝包
## 通過斷點續傳下載安裝包
> wget -c https://product-downloads.atlassian.com/software/crowd/downloads/atlassian-crowd-4.3.5.tar.gz
## 解壓安裝包
> tar -zxvf atlassian-crowd-4.3.5.tar.gz
> mv atlassian-crowd-4.3.5/ /opt/atlassian/crowd
# 創建獨立安裝賬號
> useradd crowd
> passwd crowd
## 密碼:968856.Xx
> su - crowd
## 修改所有者為 crowd 賬號,并修改賬號權限為775
> chown -R crowd:root /opt/atlassian/crowd/
> chmod -R 775 /opt/atlassian/crowd/
9.2、修改服務端口
將默認端口8095修改為16660
## 修改配置文件
> nano /opt/atlassian/crowd/apache-tomcat/conf/server.xml
查找到8095修改為16660
重啟生效
## 關閉 Crowd 服務
> su crowd /opt/atlassian/crowd/stop_crowd.sh
## 啟動 Crowd 服務
> su crowd /opt/atlassian/crowd/start_crowd.sh
9.3、修改 Crowd 的 Home 目錄(數據存儲目錄)
## 修改配置文件
> nano /opt/atlassian/crowd/crowd-webapp/WEB-INF/classes/crowd-init.properties
## crowd.home=/opt/data/var/atlassian/application-data/crowd
crowd.home=/opt/data/var/atlassian/application-data/crowd
9.4、添加 MySQL 數據庫驅動
這里使用的是mysql-connector-java-5.1.46.jar
## 將數據庫驅動jar包復制到 crowd 安裝目錄
> cp ./mysql-connector-java-5.1.46/* /opt/atlassian/crowd/apache-tomcat/lib/
9.5、創建數據庫
登入10.14.48.12 MySQL數據庫
> mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3943
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
創建 crowd數據庫
## 創建數據庫
mysql> create database crowd character set utf8mb4 collate utf8mb4_bin;
Query OK, 1 row affected (0.00 sec)
mysql>
數據庫授權(之前已經授權了一個全局賬號 application)
GRANT ALL PRIVILEGES ON *.* TO 'application'@'%' IDENTIFIED BY 'aBc!@#123' WITH GRANT OPTION;
9.6、配置 Crowd
9.6.1、破解 Crowd
得到服務器 id BFL7-376C-FNF2-PY66 后通過破解程序atlassian-agent.jar獲取許可證信息
開始破解獲取許可證信息
> java -jar /opt/atlassian-agent/atlassian-agent.jar -d -m admin@bolangit.cn -n bolangit.cn -p crowd -o http://10.14.48.13:16660 -s BFL7-376C-FNF2-PY66
注意:加上參數-d這注冊的才是數據中心版本,才能啟用單點登入。
得到如下信息
====================================================
======= Atlassian Crack Agent v1.3.1 =======
======= https://zhile.io =======
======= QQ Group: 30347511 =======
====================================================
Your license code(Don't copy this line!!!):
AAABlg0ODAoPeJxtkV+PojAUxd/7KUj2cQK2dATGpMmOgNEsoDvo/nurcJVmsTClwjCfflExmWwm6
dM97Tm/nvslrqSRVK2BiUG8GfZmU2r46dawsU2Qr4BrUcmAa2CXiUmIiQkKW16erwo78LIBFECTK
VFfJztZipPQkBulyEA2YOx7o9C6bmaTyXshSrBEhdbqyKVobiYXdRAJtsij9ehZhM6I4zgYZarqc
iu6+Wz7GhJ+Auav4zh88VfP0Xgh1VxpUCOMX0nNMx3GXJSM5ychv+6rksuj0FYm0Ui15E3BYr/zF
0v6Z4snwUM3sb9t+p1bdmT7s8ibcN4/F9+7w4FX6VuaL19kvZznr7uH119Zmx/nR8bQkCE1SC4zC
N9qofqxKu/JxO5w0Mi+Cli0CtIwMSPi0KnrEErpdErHDwy4ogWm1RlQCqoFNTyYLyLXpK7jm4tkY
Zub346D/kL/A1RzKY04GLvYo5TcQz4n2JxVVvAG/l/iLTk5n/ag1oddM9gyk9zruafYaIBmn4CPL
V8X8qHef8FyvpMwLAIUcNGPCSP4BLMqpQIPHtRfiyBA0EMCFHitC3q8ShP1Iqvlur35Wg4ac4BUX
02jj
安裝完 Crowd 就可以依次在里面創建 用戶目錄、用戶組、用戶賬號和應用程序,并與 atlassian 家族產品進行單點(SSO)登入集成。
更多Crowd配置參見第11.2.1章節
十、安裝 Nginx
本文已在 10.14.48.13 服務器上安裝 Nginx V1.19.8 版本為例
10.1、準備安裝包
## 下載nginx-1.19.8.tar.gz
> wget -c http://nginx.org/download/nginx-1.19.8.tar.gz
## 解壓到/tmp 目錄
> tar -zxvf ./nginx-1.19.8.tar.gz -C /tmp/
## 修改執行權限
> chmod +x /tmp/nginx-1.19.8/
10.2、安裝 nginx
## 安裝環境依賴
> yum install -y gcc pcre pcre-devel openssl openssl-devel gd gd-devel
## 編譯安裝nginx 安裝路徑設置成/usr/local/nginx,啟用 SSL 模塊
> ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
> make
> make install
## 創建并設置nginx運行賬號
> groupadd nginx
> useradd -M -g nginx -s /sbin/nologin nginx
## 修改配置加入運行賬號
> nano /usr/local/nginx/conf/nginx.conf
## /usr/local/nginx/conf/nginx.conf 添加 user nginx nginx;
# user nobody;
user nginx nginx;
## 添加開機起啟動
## 添加啟動服務文件 nano /usr/lib/systemd/system/nginx.service
> nano /usr/lib/systemd/system/nginx.service
## /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target
## 設置開機啟動
> systemctl enable nginx.service
10.3、nginx 常用命令
## 啟動
> systemctl start nginx
# 或
> /usr/local/nginx/sbin/nginx
## 停止
> systemctl stop nginx
# 或
> /usr/local/nginx/sbin/nginx -s stop
## 重啟
> systemctl restart nginx.service
# 或
> /usr/local/nginx/sbin/nginx -s reload
## 查看運行狀態
> systemctl status nginx
10.4、添加模塊
這里已添加 SSL 為例,如果一開始忘了安裝 ssl 可以參照如下形式安裝。
## 進入 Nginx 安裝包目錄配置 ssl模塊
> ./configure --with-http_stub_status_module --with-http_ssl_module
## 編譯(注意不要執行 make install 否著會覆蓋安裝)
> make
## 備份 nginx 執行程序
> cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak
## 復制 模塊 覆蓋原有版本
> cp -rfp objs/nginx /usr/local/nginx/sbin/nginx
## 驗證 配置
> /usr/local/nginx/sbin/nginx -t
## 重啟
> /usr/local/nginx/sbin/nginx -s reload
10.4、配置 SSL 證書
可以通過阿里云等第三方平臺申請免費域名證書,免費證書有效期為1年,到期需要再次手動申請替換。
server {
listen 80;
#需要將dev.eulei.vip替換成證書綁定的域名。
server_name dev.eulei.vip;
#將所有HTTP請求通過rewrite指令重定向到HTTPS。
rewrite ^(.*)$ https://$host$1;
location / {
index index.html index.htm;
}
}
server {
listen 443;
server_name dev.eulei.vip;
ssl on;
#配置HTTPS的默認訪問端口為443。
#如果未在此處配置HTTPS的默認訪問端口,可能會造成Nginx無法啟動。
#如果您使用Nginx 1.15.0及以上版本,請使用listen 443 ssl代替listen 443和ssl on。
#需要將cert-file-name.pem替換成已上傳的證書文件的名稱。
ssl_certificate /usr/local/nginx/conf/cert/6670613_dev.eulei.vip.pem;
#需要將cert-file-name.key替換成已上傳的證書私鑰文件的名稱。
ssl_certificate_key /usr/local/nginx/conf/cert/6670613_dev.eulei.vip.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
#表示使用的加密套件的類型。
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #表示使用的TLS協議的類型。
ssl_prefer_server_ciphers on;
#charset koi8-r;
#access_log logs/host.access.log main;
# jira 的 nginx 設置,其他類似
location ^~ /crowd {
proxy_pass http://10.14.48.13:16660/crowd;
sendfile off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
# This is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_temp_file_write_size 64k;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off;
# Required for HTTP-based CLI to work over SSL
}
location ^~ /crowd/*.*\.(js|css)$ {
proxy_pass http://10.14.48.13:16660/crowd;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
十一、Crowd 與Jira、Confluence、Bitbucket、Bamboo 集成
11.1、配置 context-path統一根域名
默認安裝好的 Atlassian 各應用是這樣的:
- Crowd:http://ip:8095/crowd
- JIRA:http://ip:8080
- Confluence:http://ip:8090
- Bitbucket:http://ip:7990
- Bamboo:http://ip:8085
本文修改過各個端口
- Crowd:http://ip:16660/crowd
- JIRA:http://ip:16661
- Confluence:http://ip:16662
- Bitbucket:http://ip:16663
- Bamboo:http://ip:16664
為了快捷訪問,需要設置 Atlassian 各應用的訪問地址為統一規范,如下:
域名dev.eulei,vip是本文作者自己的測試域名,用來解析替代 Ip+端口
- Crowd:http://dev.eulei.vip/crowd
- JIRA:http://dev.eulei.vip/jira
- Confluence:http://dev.eulei.vip/confluence
- Bitbucket:http://dev.eulei.vip/bitbucket
- Bamboo:http://dev.eulei.vip/bamboo
方案
- 設置各應用的 context-path 為 "/"+"應用名"
- 使用 nginx 代理,使 www.xxx.com/xxx 分別指向 http://ip:port/xxx
配置 Nginx
> nano /usr/local/nginx/conf/nginx.conf
#user nobody;
user nginx nginx;
worker_processes 8;
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
#Just for Test,if it doesn't work
#受到/proc/sys/fs/file-max這個影響,通過ulimit -n查看,或直接使用ulimit -n 65535修改
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
#根據系統執行getconf PAGESIZE的值來設置
client_header_buffer_size 4k;
open_file_cache max=65535 inactive=60s;
open_file_cache_min_uses 1;
open_file_cache_valid 60s;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#等到數據包最大一次性的傳輸出去,這樣有助于解決網絡堵塞
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
#keepalive_timeout 0;
#這個時間根據你們測試結果設置,如果過大會導致許多無效的http連接占據著nginx的連接數引起崩潰
keepalive_timeout 60;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 9;
gzip_types text/css text/xml application/javascript;
gzip_vary off;
include vhost/atlassian.conf;
}
mkdir /usr/local/nginx/conf/vhost
chmod -R 775 /usr/local/nginx/conf/vhost
nano /usr/local/nginx/conf/vhost/atlassian.config
server {
listen 80;
server_name dev.eulei.vip;
#root /opt/gwc/vue_manager;
#charset koi8-r;
#access_log logs/host.access.log main;
# jira 的 nginx 設置,其他類似
location ^~ /jira {
proxy_pass http://10.14.48.13:16662/jira;
sendfile off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
# This is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_temp_file_write_size 64k;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off;
# Required for HTTP-based CLI to work over SSL
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
11.1.1、配置 Jira context-path
## 編輯/opt/atlassian/jira/conf/server.xml配置文件
> nano /opt/atlassian/jira/conf/server.xml
## 找到如下內容,將 path="" 改為path="/jira"
<Context path="/jira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">
<Resource name="UserTransaction" auth="Container" type="javax.transaction.UserTransaction"
factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60"/>
<Manager pathname=""/>
<JarScanner scanManifest="false"/>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="120" />
</Context>
## 重啟生效
>/etc/init.d/jira stop
>/etc/init.d/jira start
11.1.1.1、通過Nginx ssl反向代理 Jira
## 打開以下配置,原有配置修改port端口,用來調試使用,等調試正常后再關閉
<Connector port="16661"
relaxedPathChars="[]|"
relaxedQueryChars="[]|{}^\`"<>"
maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"
enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="8443"
acceptCount="100"
disableUploadTimeout="true"
bindOnInit="false"
secure="true" <-- 通過 Nginx ssl 反向代理多出來的配置項
scheme="https" <-- 通過 Nginx ssl 反向代理多出來的配置項
proxyName="dev.eulei.vip" <-- 通過 Nginx ssl 反向代理多出來的配置項
proxyPort="443" <-- 通過 Nginx ssl 反向代理多出來的配置項
/>
11.1.2、配置 Confluence context-path
## 編輯/opt/atlassian/confluence/conf/server.xml配置文件
> nano /opt/atlassian/confluence/conf/server.xml
## 找到如下內容,將 path="" 改為path="/confluence"
<Context path="/confluence" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
<!-- Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname=""/>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/>
<!-- http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Access_Log_Valve -->
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
maxDays="30"
pattern="%t %{X-AUSERNAME}o %I %h %r %s %Dms %b %{Referer}i %{User-Agent}i"
prefix="conf_access_log"
requestAttributesEnabled="true"
rotatable="true"
suffix=".log"
/>
<!-- http://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Remote_IP_Valve -->
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
</Context>
## 重啟生效
>/etc/init.d/confluence restart
11.1.2.1、通過 Nginx ssl反向代理Confluence
如果使用了 nginx 做了反向代理,還需調整 /opt/atlassian/confluence/conf/server.xml 文件
## /opt/atlassian/confluence/conf/server.xml
## 關閉原有連接器,使用如下連接器,取消如下注釋,注意proxyName配置要和 nginx 上的域名配置一致
<Connector port="16662"
connectionTimeout="20000"
redirectPort="8443"
maxThreads="48"
minSpareThreads="10"
enableLookups="false"
acceptCount="10" debug="0"
URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="https" <-- 通過 Nginx ssl 反向代理需要添加的配置項
secure="true" <-- 通過 Nginx ssl 反向代理需要添加的配置項
proxyName="dev.eulei.vip" <-- 通過 Nginx ssl 反向代理需要添加的配置項
proxyPort="443" <-- 通過 Nginx ssl 反向代理需要添加的配置項
/>
## 可以將原有配置復制一份,修改port端口,用來調試使用,等調試正常后再關閉
11.1.3、配置 Bitbucket context-path
# bitbucket.properties
> echo "server.context-path=/bitbucket" >> /opt/data/var/atlassian/application-data/bitbucket/shared/bitbucket.properties
# 重啟生效
> /etc/init.d/atlbitbucket restart
11.1.3.1、通過 Nginx ssl反向代理Bitbucket
bitbucket 反向代理還需要對 Nginx 進行重定向配置
## nano /usr/local/nginx/conf/vhost/atlassian.conf
location ^~ /bitbucket {
proxy_pass http://10.14.48.13:16663/bitbucket;
sendfile off;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
## nginx https 代理 springboot 的 http 需額外配置以下3行
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_redirect off
proxy_max_temp_file_size 0;
# This is the maximum upload size
client_max_body_size 50m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_temp_file_write_size 64k;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off;
# Required for HTTP-based CLI to work over SSL
}
## 編輯 /opt/data/var/atlassian/application-data/bitbucket/shared/bitbucket.properties 配置代理信息
> nano /opt/data/var/atlassian/application-data/bitbucket/shared/bitbucket.properties
## /opt/data/var/atlassian/application-data/bitbucket/shared/bitbucket.properties
## 末端添加如下信息
server.secure=true
server.scheme=https
server.proxy-port=443
## 域名要和 nginx 設置的域名一致
server.proxy-name=dev.eulei.vip
11.1.4、配置 Bamboo context-path
# server.xml,在 Context 標簽中添加 path="/bamboo"
> nano /opt/atlassian/bamboo/conf/server.xml
## 找到如下內容,將 path="" 改為path="/bamboo"
<Context path="/bamboo" docBase="${catalina.home}/atlassian-bamboo" reloadable="false" useHttpOnly="true">
<!--<Resource name="UserTransaction" auth="Container" type="javax.transaction.UserTransaction"-->
<!--factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60"/>-->
<Manager pathname=""/>
</Context>
## 重啟生效
## 關閉 bamboo 服務
su bamboo /opt/atlassian/bamboo/bin/stop-bamboo.sh
## 啟動 bamboo 服務
su bamboo /opt/atlassian/bamboo/bin/start-bamboo.sh
11.1.4.1、通過 Nginx ssl反向代理Bamboo
如果使用了 nginx 做了反向代理,還需調整 /opt/atlassian/bamboo/conf/server.xml 文件
# server.xml,取消包含有scheme="https"的Connector配置的注釋
> nano /opt/atlassian/bamboo/conf/server.xml
## 取消以下內容的注釋,修改 proxyName 值為"dev.bolangit.cn" 與 nginx 配置的域名一致
<Connector
port="16664"
protocol="HTTP/1.1"
maxThreads="150" minSpareThreads="25"
connectionTimeout="20000"
disableUploadTimeout="true"
acceptCount="100"
enableLookups="false"
maxHttpHeaderSize="8192"
useBodyEncodingForURI="true"
URIEncoding="UTF-8"
proxyName="dev.bolangit.cn" <-- 通過 Nginx ssl 反向代理需要添加的配置項
proxyPort="443" <-- 通過 Nginx ssl 反向代理需要添加的配置項
scheme="https" <-- 通過 Nginx ssl 反向代理需要添加的配置項
redirectPort="8443">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
</Connector>
## 可以修改原有配置port端口,用來調試使用,等調試正常后再關閉
11.1.5、配置 Crowd context-path
Crowd 默認已經配置了 context-path,無需修改
11.1.5.1、通過 Nginx ssl反向代理Crowd
## 修改配置文件
> nano /opt/atlassian/crowd/apache-tomcat/conf/server.xml
## nano /opt/atlassian/crowd/apache-tomcat/conf/server.xml
## 打開一下配置的注釋
<Connector acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25"
port="16660"
redirectPort="8443"
useBodyEncodingForURI="true"
URIEncoding="UTF-8"
proxyName="dev.eulei.vip"
proxyPort="443" <-- 通過 Nginx ssl 反向代理需要添加的配置項
scheme="https" <-- 通過 Nginx ssl 反向代理需要添加的配置項
compression="on" <-- 通過 Nginx ssl 反向代理需要添加的配置項
sendReasonPhrase="true" compressableMimeType="text/html,text/xml,application/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript" />
## 復制原有配置,并將端口設置成26660等其他端口,用來調試異常的時候使用,測試成功后可關閉。
<Connector acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25"
port="26660"
redirectPort="8443"
useBodyEncodingForURI="true"
URIEncoding="UTF-8"
compression="on"
sendReasonPhrase="true" compressableMimeType="text/html,text/xml,application/xml,text/plain,text/css,application/json,application/javascript,application/x-javascript" />
## 重啟生效
## 關閉 Crowd 服務
> su crowd /opt/atlassian/crowd/stop_crowd.sh
## 啟動 Crowd 服務
> su crowd /opt/atlassian/crowd/start_crowd.sh
11.1.6、配置 Fisheye context-path
# config.xml,在 web-server 標簽中添加 context="fisheye" site-url="http://localhost:16665/fisheye"
> nano /opt/atlassian/fecru/config.xml
## 找到如下內容,在 web-server 標簽中添加 context="fisheye" site-url="http://localhost:16665/fisheye"
<web-server context="fisheye" site-url="http://localhost:16665/fisheye">
<http bind=":16665"/>
</web-server>
## 重啟生效
## 關閉 fecru 服務
su fecru /opt/atlassian/fecru/bin/stop.sh
## 啟動 fecru 服務
su fecru /opt/atlassian/fecru/bin/start.sh
11.2、單點登入(SSO)配置
單點登錄(SSO)最好有域名支持,也就是說,在配置sso之前,各應用系統已配置好相應的域名。
11.2.1、Crowd 設置
11.2.1.1、配置目錄(Directorise)
11.2.1.2、配置用戶組
11.2.1.3、配置創建用戶賬號
11.2.1.4、創建應用程序
需要為每一個atlassian 家族的產品創建一個應用程序,并引用同一個用戶目錄。
這里要注意,這里的配置要和 內置的crowd應用配置一致,才可以正常使用單點登入功能(SSO)。
11.2.1.5、取消 IP 限制
11.2.1、Jira 配置單點登入(SSO)
配置單點登入前請確認已經通過 nginx SSL方向代理配置, 可以成功通過 https://訪問 Jira 和 crowd。
11.2.1.1、設置用戶目錄同步
#####11.2.1.2、配置 SSO 配置文件
## 編輯 /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/seraph-config.xml 文件
> nano /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/seraph-config.xml
## /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/seraph-config.xml
## 用 <!-- xxx --> 注釋掉,注意一旦改完配置,原有本地賬號密碼為不可用狀態
<!--
<authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/>
-->
## 取消以下釋掉
<authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/>
## 編輯 /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/crowd.properties 文件
## JIRA 的安裝目錄里沒有 crowd.properties 文件,可以從 Confluence 或者 Crowd 拷貝一份,然后修改配置的內容即可
> nano /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/crowd.properties
## /opt/atlassian/jira/atlassian-jira/WEB-INF/classes/crowd.properties
## 配置 crowd 里該 Application 的名稱
application.name jira
## 配置 crowd 里該 Application 的密碼
application.password 123456
## 配置 crowd 的地址
application.login.url https://dev.eulei.vip/crowd/console/
## 配置 crowd 的 services 地址
crowd.server.url https://dev.eulei.vip/crowd/services/
## 配置 crowd 的 baseurl 地址
crowd.base.url https://dev.eulei.vip/crowd/
session.isauthenticated session.isauthenticated
## 與 crowd 管理頁面的SSO cookie name保持一致
session.tokenkey session.tokenkey
session.validationinterval 2
session.lastvalidation session.lastvalidation
11.2.1.3、配置 認證方式
11.2.1.3.1、crowd中配置 SSO
11.2.1.3.2、jira中配置 SSO
重啟生效
11.2.2、Confluence 配置單點登入(SSO)
crowd 上的 application(應用)配置、confluence目錄同步和 SSO 驗證方式配置,參見 “Jira 配置單點登入(SSO)章節“。
## 編輯 /opt/atlassian/confluence/confluence/WEB-INF/classes/seraph-config.xml 文件
> nano /opt/atlassian/confluence/confluence/WEB-INF/classes/seraph-config.xml
## /opt/atlassian/confluence/confluence/WEB-INF/classes/seraph-config.xml
## 用 <!-- xxx --> 注釋掉,注意一旦改完配置,原有本地賬號密碼為不可用狀態
<!--
<authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/>
-->
## 取消以下釋掉
<authenticator class="com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator"/>
## 編輯 /opt/atlassian/confluence/confluence/WEB-INF/classes/crowd.properties 文件
> nano /opt/atlassian/confluence/confluence/WEB-INF/classes/crowd.properties
## /opt/atlassian/confluence/confluence/WEB-INF/classes/crowd.properties
## 配置 crowd 里該 Application 的名稱
application.name confluence
## 配置 crowd 里該 Application 的密碼
application.password 123456
## 配置 crowd 的地址
application.login.url https://dev.eulei.vip/crowd/console/
## 配置 crowd 的 services 地址
crowd.server.url https://dev.eulei.vip/crowd/services/
## 配置 crowd 的 baseurl 地址
crowd.base.url https://dev.eulei.vip/crowd/
session.isauthenticated session.isauthenticated
## 與 crowd 管理頁面的SSO cookie name保持一致
session.tokenkey session.tokenkey
session.validationinterval 2
session.lastvalidation session.lastvalidation
11.2.2.1、配置認證方式
重啟生效
11.2.3、Bitbucket 配置單點登入(SSO)
crowd 上的 application(應用)配置和 bitbucket目錄同步,參見 “Jira 配置單點登入(SSO)章節“。
注意:記得調整用戶目錄順序和用戶組權限
# 編輯 bitbucket.properties
> nano /opt/data/var/atlassian/application-data/bitbucket/shared/bitbucket.properties
# 添加下面的屬性
plugin.auth-crowd.sso.enabled=true
# 重啟 Bitbucket 生效
> /etc/init.d/atlbitbucket restart
11.2.3.1、配置驗證方式
重啟生效
11.2.4、Bamboo 配置單點登入(SSO)
crowd 上的 application(應用)配置和 bamboo 目錄同步,參見 “Jira 配置單點登入(SSO)章節“。
注意:記得調整用戶目錄順序和用戶組權限
## 編輯 nano /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/seraph-config.xml 文件
> nano /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/seraph-config.xml
## /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/seraph-config.xml
## 用 <!-- xxx --> 注釋掉,注意一旦改完配置,原有本地賬號密碼為不可用狀態
<!--
<authenticator class="com.atlassian.bamboo.user.authentication.BambooAuthenticator"/>
-->
## 取消以下釋掉
<authenticator class="com.atlassian.crowd.integration.seraph.v25.BambooAuthenticator"/>
## 編輯 /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/crowd.properties 文件
> nano /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/crowd.properties
## /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/crowd.properties
## 配置 crowd 里該 Application 的名稱
application.name bamboo
## 配置 crowd 里該 Application 的密碼
application.password 123456
## 配置 crowd 的地址
application.login.url http://dev.eulei.vip/crowd/console/
## 配置 crowd 的 services 地址
crowd.server.url http://dev.eulei.vip/crowd/services/
## 配置 crowd 的 baseurl 地址
crowd.base.url http://dev.eulei.vip/crowd/
session.isauthenticated session.isauthenticated
## 與 crowd 管理頁面的SSO cookie name保持一致
session.tokenkey session.tokenkey
session.validationinterval 2
session.lastvalidation session.lastvalidation
## 修改 nano /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/atlassian-user.xml 配置
> nano /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/atlassian-user.xml
## nano /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/classes/atlassian-user.xml
## 使得文件內容如下
atlassian-user>
<repositories>
<crowd key="crowd" name="Crowd Repository"/>
</repositories>
</atlassian-user>
## 重啟生效
## 關閉 bamboo 服務
su bamboo /opt/atlassian/bamboo/bin/stop-bamboo.sh
## 啟動 bamboo 服務
su bamboo /opt/atlassian/bamboo/bin/start-bamboo.sh
附件:生產環境關鍵信息
| 序號 | 服務奇名稱 | ip | 程序名稱 | 備注 | |
|---|---|---|---|---|---|
| 1 | 數據庫服務器(jira-db-svr) | 10.14.48.14 | MySQL5.7 | nano、lrzsz、 | |
| 2 | 業務服務器(jira-apps-svr) | 10.14.48.15 | jira(V8.20.0) | nano、lrzsz、java1.8 | |
浙公網安備 33010602011771號