Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to set up Bitbucket server securely on AWS

Devashish Meena
Devashish Meena July 16, 2018

Hi,

I'm trying to set up a trial version of Bitbucket Server on AWS behind an ELB with certs. The setup works correctly when accessing Bitbucket using just the instance IP and even when using the DNS mapping over http. There are two problems I'm facing with https configuration though

# ISSUE 1: not able to set up Bitbucket server(v5.12.0) instance to serve on secure port

-  Instance configuration:
  - aws vpc with public subnet.
  - aws `t2.large`(ubuntu 16.04) instance. Security group allows incoming on ports:
    - 22: instance ssh
    - 7990: bitbucket server UI
    - 7999: bitbucket server SSH
- Bibucket server network setup is based on instructions [HERE](https://confluence.atlassian.com/bitbucketserverkb/how-to-setup-aws-elb-to-proxy-requests-for-bitbucket-server-797412135.html)
  - aws `elb`security group that allows incoming on ports:
    - 80
    - 22
    - 443
  - aws `elb` with mapping
    - 443 -> 7990
    - 22 -> 7999
  - the `elb` allows all traffic to-and-from the instance security group
  - certificates have been set up correctly on port 443 and DNS mapping updated
- accessing the instance using `https` doesn't connect to the running instance. The loadbalancer correctly directs the traffic to the instance which is not able to serve the traffic
- if a new mapping is added to elb `80 -> 7990`, it works as expected and I'm able to access the server and login.

- Am I missing any configuration steps here?


# ISSUE 2: not able to use to clone repo from Bitbucket server


- after adding a user and the respective ssh key, tried to clone a repo
- the clone command over http works correctly

git clone http://my.bbs.com/scm/proj/testing.git

but it does not work with ssh url

git clone ssh://git@my.bbs.com/proj/testing.git
Cloning into 'testing'...
ssh: connect to host my.bbs.com port 22: Network is unreachable
fatal: Could not read from remote repository.


- the `SSH Base URL` setting in `Server settings` is set to `ssh://my.bbs.com` and `SSH Port` is set to 7999

- Not sure which settings need to be configured to make this work.

 

Thanks a lot in advance !

Answer
Watch
Like Be the first to like this
1062 views

1 answer

1 accepted

0 votes
Answer accepted
Devashish Meena
Devashish Meena July 17, 2018

I managed to fix this.

Issue 1: used the instructions in https://confluence.atlassian.com/bitbucketserverkb/redirect-http-requests-to-https-779171736.html to update bitbucket.properties file. This set up the ssl correctly and i was able to access BBS using https url

 

Issue 2: this was a networking issue at our end wrt loadbalancer settings. once fixed, we were able to clone the repos using ssh urls.

View More Comments
DOTS Team
DOTS Team August 4, 2021

what was the issue 2, How did you manage to fix Issue 2:

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events