Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Cannot Get nginx working with Bitbucket Server 5.15

James Griffin
James Griffin November 11, 2018

Hi,

I am using CentOS 7 and attempting to install Bitbucket Server 5.15 behind nginx, however I cannot get this working correctly.

I have followed the official guide : https://confluence.atlassian.com/bitbucketserver/securing-bitbucket-server-behind-nginx-using-ssl-776640112.html but am still having issues.

I want to use the url 'bitbucket.intranet.com' and http to redirect to https. I used port 8060 on installation, not port 7990.

If I type 'https://bitbucket.intranet.com' into my browser, it directs to localhost:8060 and 'ERR_CONNECTION_REFUSED'. If I type 'https://bitbucket.intranet.com/dashboard' then in takes me to the dashboard, but I am getting a 'Base URL mismatch error', I have set the base URL to 'https://bitbucket.intranet.com'.

Any pointers as to where I am going wrong?

Thanks in advance.

My bitbucket.properites file

server.port=8060
server.secure=true
server.scheme=https
server.proxy-port=443
server.redirect-port=443
server.proxy-name=bitbucket.intranet.com
server.context-path=/

 My /etc/nginx/nginx.conf file

# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
 worker_connections 1024;
}

http {
 log_format main '$remote_addr - $remote_user [$time_local] "$request" '
 '$status $body_bytes_sent "$http_referer" '
 '"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;
 tcp_nopush on;
 tcp_nodelay on;
 keepalive_timeout 65;
 types_hash_max_size 2048;
 client_max_body_size 0;

include /etc/nginx/mime.types;
 default_type application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
 # See http://nginx.org/en/docs/ngx_core_module.html#include
 # for more information.
 include /etc/nginx/conf.d/*.conf;

server {
 listen 80 default_server;
 listen [::]:80 default_server;
 server_name _;
 root /usr/share/nginx/html;

# Load configuration files for the default server block.
 include /etc/nginx/default.d/*.conf;

location / {
 }

error_page 404 /404.html;
 location = /40x.html {
 }

error_page 500 502 503 504 /50x.html;
 location = /50x.html {
 }
 }

server {
 listen 443;
 server_name bitbucket.intranet.com;

ssl on;
 ssl_certificate /etc/ssl/certs/bitbucket-selfsigned.crt;
 ssl_certificate_key /etc/ssl/private/bitbucket-selfsigned.key;
 ssl_session_timeout 5m;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ssl_ciphers HIGH:!aNULL:!MD5;
 ssl_prefer_server_ciphers on;

# Optional optimisation - please refer to 
 # http://nginx.org/en/docs/http/configuring_https_servers.html
 # ssl_session_cache shared:SSL:10m;
 location / {
 proxy_pass http://localhost:8060;
 proxy_set_header X-Forwarded-Host $host;
 proxy_set_header X-Forwarded-Server $host;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_redirect off;
 }
}

}

 I also have these firewall rules configured (which may be wrong)

public (active)
 target: default
 icmp-block-inversion: no
 interfaces: enp0s3
 sources: 
 services: ssh dhcpv6-client https http
 ports: 80/tcp
 protocols: 
 masquerade: no
 forward-ports: port=80:proto=tcp:toport=8060:toaddr=
 source-ports: 
 icmp-blocks: 
 rich rules:

 

Answer
Watch
Like Be the first to like this
888 views

1 answer

0 votes
Gonchik Tsymzhitov
Gonchik Tsymzhitov
Community Champion
November 11, 2018

Hi! 

 

Have you defined a base url in the admin panel?

https://confluence.atlassian.com/bitbucketserver/specifying-the-base-url-for-bitbucket-server-776640392.html

 

Cheers,

Gonchik Tsymzhitov

View More Comments
James Griffin
James Griffin November 12, 2018

Hi,

 

Yes. As I stated in my original post, I set the Base URL to 'https://bitbucket.intranet.com'.

 

Thanks.

Like
Gonchik Tsymzhitov
Gonchik Tsymzhitov
Community Champion
November 12, 2018

Hi! 

Waht about error logs?

/var/log/nginx/error.log

 

Cheers,

Gonchik Tsymzhitov

Like
James Griffin
James Griffin November 12, 2018

Hi,

My log has only 2 entries :

 

2018/11/12 17:29:55 [notice] 2219#0: signal process started

2018/11/12 17:29:56 [notice] 2222#0: signal process started
Like
James Griffin
James Griffin November 12, 2018

I have tried doing some more troubleshooting, but I am inexperienced in this area.

 

I have disabled the firewall, and run the following commands. I dont know if this gives any useful information, but it shows the https is returning 302.

curl --head http://bitbucket.intranet.com -k
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Mon, 12 Nov 2018 19:04:37 GMT
Content-Type: text/html
Content-Length: 3700
Last-Modified: Tue, 06 Mar 2018 09:26:21 GMT
Connection: keep-alive
ETag: "5a9e5ebd-e74"
Accept-Ranges: bytes
curl --head https://bitbucket.intranet.com -k
HTTP/1.1 302 
Server: nginx/1.12.2
Date: Mon, 12 Nov 2018 19:05:10 GMT
Connection: keep-alive
X-AREQUESTID: @44Y138x1145x462x0
X-ASEN: SEN-L12519630
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Location: http://localhost:8060/dashboard
Content-Language: en-GB

 

Like
James Griffin
James Griffin November 12, 2018

I have modified (by searching the web) /etc/nginx/nginx.conf file to the following

 

# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/


user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;


# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
 worker_connections 1024;
}

http {

 log_format main '$remote_addr - $remote_user [$time_local] "$request" '
 '$status $body_bytes_sent "$http_referer" '
 '"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 0;

include /etc/nginx/mime.types;

default_type application/octet-stream;

# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.

include /etc/nginx/conf.d/*.conf;

server {
    listen 80;
    server_name  bitbucket.intranet.com;
    access_log  off;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 default ssl;
    server_name  bitbucket.intranet.com;
    access_log  off;
    ssl on;
    ssl_certificate /etc/ssl/certs/bitbucket-selfsigned.crt;
    ssl_certificate_key /etc/ssl/private/bitbucket-selfsigned.key;

    location / {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Proto https;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_pass http://127.0.0.1:8060/;
    }
}

}

 

This resolves my localhost:8060/dashboard error. The commands below return these results.

curl --head http://bitbucket.intranet.com -k
HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Mon, 12 Nov 2018 19:26:34 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://bitbucket.intranet.com/
curl --head https://bitbucket.intranet.com -k
HTTP/1.1 302 
Server: nginx/1.12.2
Date: Mon, 12 Nov 2018 19:27:10 GMT
Connection: keep-alive
X-AREQUESTID: @44Y138x1167x541x0
X-ASEN: SEN-L12519630
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Location: http://bitbucket.intranet.com/dashboard
Content-Language: en-GB

I notice the above command returns location: http://.... and not https ? I am still getting a base url mismatch error, maybe because of this?

Also, not sure why the nginx.conf configuration as documented by Atlassian does not work 'as-is', but the modified version above, does at least get around the localhost:8060 issue I was getting.

Like
James Griffin
James Griffin November 12, 2018

So... after more tinkering about it appears I have been using the wrong location for my bitbucket.properties file! :( I have been placing the file in

/opt/atlassian/bitbucket/5.15.0/shared/bitbucket.properties

Should be

/var/atlassian/application-data/bitbucket/shared/bitbucket.properties

Modified accordingly, and stop / started bitbucket

service atlbitbucket stop
service atlbitbucket stop

First impressions show things working correctly now, although do not have time to fully test now. Will research more tomorrow.

Hope this helps someone else.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security