Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,295,867
Community Members
 
Community Events
165
Community Groups

How to set up Bitbucket server securely on AWS

Hi,

I'm trying to set up a trial version of Bitbucket Server on AWS behind an ELB with certs. The setup works correctly when accessing Bitbucket using just the instance IP and even when using the DNS mapping over http. There are two problems I'm facing with https configuration though

# ISSUE 1: not able to set up Bitbucket server(v5.12.0) instance to serve on secure port

-  Instance configuration:
  - aws vpc with public subnet.
  - aws `t2.large`(ubuntu 16.04) instance. Security group allows incoming on ports:
    - 22: instance ssh
    - 7990: bitbucket server UI
    - 7999: bitbucket server SSH
- Bibucket server network setup is based on instructions [HERE](https://confluence.atlassian.com/bitbucketserverkb/how-to-setup-aws-elb-to-proxy-requests-for-bitbucket-server-797412135.html)
  - aws `elb`security group that allows incoming on ports:
    - 80
    - 22
    - 443
  - aws `elb` with mapping
    - 443 -> 7990
    - 22 -> 7999
  - the `elb` allows all traffic to-and-from the instance security group
  - certificates have been set up correctly on port 443 and DNS mapping updated
- accessing the instance using `https` doesn't connect to the running instance. The loadbalancer correctly directs the traffic to the instance which is not able to serve the traffic
- if a new mapping is added to elb `80 -> 7990`, it works as expected and I'm able to access the server and login.

- Am I missing any configuration steps here?


# ISSUE 2: not able to use to clone repo from Bitbucket server


- after adding a user and the respective ssh key, tried to clone a repo
- the clone command over http works correctly

git clone http://my.bbs.com/scm/proj/testing.git

but it does not work with ssh url

git clone ssh://git@my.bbs.com/proj/testing.git
Cloning into 'testing'...
ssh: connect to host my.bbs.com port 22: Network is unreachable
fatal: Could not read from remote repository.


- the `SSH Base URL` setting in `Server settings` is set to `ssh://my.bbs.com` and `SSH Port` is set to 7999

- Not sure which settings need to be configured to make this work.

 

Thanks a lot in advance !

1 answer

1 accepted

0 votes
Answer accepted

I managed to fix this.

Issue 1: used the instructions in https://confluence.atlassian.com/bitbucketserverkb/redirect-http-requests-to-https-779171736.html to update bitbucket.properties file. This set up the ssl correctly and i was able to access BBS using https url

 

Issue 2: this was a networking issue at our end wrt loadbalancer settings. once fixed, we were able to clone the repos using ssh urls.

what was the issue 2, How did you manage to fix Issue 2:

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Git push size limits are coming to Bitbucket Cloud starting April 4th, 2022

Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...

2,170 views 2 9
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you