A site for solving at least some of your technical problems...
A site for solving at least some of your technical problems...
I have to install Jira on two new VPSes so I wanted to have notes about the various tools that I need to install to make it all work.
The list should also work on your other Linux systems, such as Debian, Fedora, RedHat, etc.
This is not a replacement for the installation instructions found on the Atlassians website. It is complimentary so you can quickly get it installed on your servers. The problem being that usually you just do apt-get install <something> (on Debian/Ubuntu) and all dependencies get installed automatically. With Jira, since they only offer a "tarball" type of file (it's a shell script for Linux), it's not going to automatically install the dependencies for you.
The minimum amount of memory you should setup for Jira is 4Gb. However, if you can get at least 16Gb, you'll be better off. It is likely to use that much in caches between your Jira instance and the database.
Even if you're by yourself, I strongly suggest that you setup a computer with at least 2 CPUs. That allows Jira and your database to run concurrently. However, Jira uses many threads (around 70) so having more CPUs will help greatly. I now have an instance with 8 CPUs and it runs nicely.
I had an instance at DigitalOcean with 50Gb and it was enough. However, when you do backups of your data, that space goes really fast. Be very careful. We are a small shop at the moment and our data is already 5Gb compressed (one instance). So trying to keep 10 backups and you'd get Disk Full errors quickly.
My new instance, I setup 100Gb just to be sure. With Jira installed and one backup of everything I use 36% of that 100Gb.
With a system such as DigitalOcean you can also create a new separate Disk Drive and copy the files there and then mount the new drive to the correct mount point. WIth your own VPS on your computer, you can also add a new drive or just enlarge your existing drive.
On my end I use Apache v2.x. Other servers most certainly work. I'm used to Apache, though, and it's the easiest for me.
sudo apt-get install apache2
You'll need to setup a Proxy so here are the entries I use to get that to work:
<Proxy *> Require all granted </Proxy> ProxyRequests Off ProxyPass / ajp://127.0.0.1:8009/ ProxyPassReverse / ajp://127.0.0.1:8009/
For that to work, you'll have to enable the AJP in the Jira server.xml configuration file. This is what I use to make Jira listen on port 8009.
<Connector port="8009" redirectPort="8443" enableLookups="false" protocol="AJP/1.3" URIEncoding="UTF-8"/>
It may get fixed one day, but I have had many problems with Jira which tries to access itself using port 80 and there is no correcting that port to 443 (if you try that it breaks everything).
For that to work, I also have a proxy on port 80, as shown above. However, I require the IP address of the client to be my server using the following entry:
<Proxy *> Require ip 10.0.0.1 </Proxy>
Since the data will travel directly your eth0 or equivalent card, you won't be leaking any data to the Internet. So at least this is secure enough on a private server.
Now a day, you probably don't need to run your own name server. But if you want to do that for your Jira installation, you'll have to install BIND9 and set it up as required. On my end, I use my existing BIND9 so I don't have to do this step. My BIND9 is very similar to using a name server from your domain name supplier such as namecheap.com
sudo apt-get install bind9
Jira is written in Java and runs with either Oracle or the OpenJDK versions. There isn't anything to do if you use the OpenJDK and it will automatically get updated. With the Oracle version, it will be more complicated. So now I always use the open source version.
sudo apt-get install default-jdk
Newer versions of Jira make use of the fontconfig project.
sudo apt-get install fontconfig
The configuration is required to allow for some special fonts to be used on your websites.
Jira works with either MySQL or PostgreSQL. So you can install either.
I personally prefer to use PostgreSQL:
sudo apt-get install postgresql-server sudo apt-get install postgresql
Here is how you can get MySQL instead:
sudo apt-get install mysql-server
If you already had Jira installed on a server and you wanted to move it, you'll have to move the database. You can find some instructions to move your PostgreSQL data on this size.
To creat the database, you'll want to set it up with the correct collation. This is not the default in PostgreSQL so here is the command:
CREATE DATABASE jiradb ENCODING='UTF-8' LC_COLLATE='C.UTF-8' LC_CTYPE='C.UTF-8' TEMPLATE='template0';
That way the collation (and ctype) are set to C.UTF-8 instead of your language UTF-8 (such as en_us.UTF-8).
When moving the database, it won't copy the user. Make sure to create the user prior to dumping the database. As far as I know, you have a similar issue with MySQL.
For example:
CREATE USER jiradb WITH PASSWORD 'password1';
You should not have to assign anything more than a password.
The settings for the database have moved around a bit over time.
In newer version (7.x and later) they are found in the data folder:
/var/atlassian/application-data/jira/dbconfig.xml
In older versions (5.x and 6.x) it is still found in the root jira directory:
/opt/atlassian/jira/dbconfig.xml
In really old versions (4.x and earlier) it's somewhere else... Search for the dbconfig.xml file.
This file will include your database login name and password in case you forgot about it.
To automatically backup the database, I use CRON and a small script.
To setup CRON, I create a text file jira.crontab and put this in it:
0 4 * * * /home/alexis/bin/backup-jira
Then I run this command:
crontab jira.crontab
WARNING: If you have other cron entries, either use the edit command or edit your crontab file and add the line above then setup crontab. Don't just use my file here it would overwrite your existing entries. On my end I prefer to setup Jira on its own standalone VPS so I would really only have one entry.
crontab -e
If you have doubts, read the docs first.
The script is just going to dump the database to a file which I then compress as much as possible using xz. This can be very slow and use one of your CPUs 100% for a while, but at least it works as expected.
#!/bin/sh # # Create a backup of the Jira database # (one backup per day) DAY=`date +%d` BACKUPDIR=/home/alexis/jira-backups OUTPUT=$BACKUPDIR/jira-${DAY}.pgsql # Extract data from database # pg_dump --format=custom --file=${OUTPUT} --no-password jira # Compress results to a .xz file # xz -f9 ${OUTPUT} # Mark that file as the latest # rm -f ${BACKUPDIR}/latest.pgsql.xz ln -s ${OUTPUT}.xz ${BACKUPDIR}/latest.pgsql.xz
Save that script in a file, such as bin/backup-jira (which is what I used in my crontab file) and test it to make sure it works.
IMPORTANT: I save the output in a directory named /home/alexis/jira-backups which has to exist.
The script also creates a softlink named latest.pgsql.xz which you can use to copy the latest file to other computers. On another computer you could have a line like this:
scp jira-server:/home/alexis/jira-backup/latest.pgsql.xz jira-backup/latest.pgsql.xz
This is a bit beyond this talk, but you should of course use a different name and keep 30 or so backups or whatever works for you.
Note that the application data should also be backed up. That directory is way bigger, though, and you may want to consider backing it up only once in a while or use rsync between 2 or 3 computers.
Whenever I setup a new VPS, I prefer to have a static IP address. With Ubuntu 18.04, this has changed. You have to edit the netplan settings file.
It is quite important for you to make it secure as in make sure that the pages are not going to leak any information. Especially if you want to run a private Jira.
If you already have an SSL certificate for your domain, then feel free to use that.
Otherwise, you can use letsencrypt. Note that letsencrypt also supports wildcards certificates now.
The computer may need to run a time server to make sure that the time doesn't drift. It's probably not required, just useful.
For the purpose you can just install NTP and the default setup is generally enough on its own.
sudo apt-get install ntp