Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to use the DIY backup script maintenance mode with HTTPS Bitbucket ? Edited

The script is not working anymore at the stage of CURL:

[common.sh:52 -> lock_bitbucket][bitbucket] DEBUG: Running curl -L -s -f -u ******:****** http://localhost:7990/mvc/maintenance/lock[common.sh:52 -> lock_bitbucket][bitbucket] ERROR: Unable to lock Bitbucket for maintenance. POST to 'http://localhost:7990/mvc/maintenance/lock' returned ''Stack trace:[/home/debian/atlassian-servers-tools/bitbucket/atlassian-bitbucket-diy-backup/common.sh:52 -> lock_bitbucket][/home/debian/atlassian-servers-tools/bitbucket/atlassian-bitbucket-diy-backup/bitbucket.diy-backup.sh:0 -> main]

It was working previously. I tried changing the variable in the appropriate file to https://localhost:8443 but it is the same. I suspect the problem is that now my instance is using HTTPS and somehow it broke the maintenance mode lock via CURL.

Can anyone help ? Thanks

4 answers

1 accepted

0 votes
Answer accepted

See last code block for answer.

The problem is linked to HTTPS and curl. I get an error 503 with CURL.

I was able to see the problems with the verbose option of CURL:

* Rebuilt URL to: https://localhost:8443/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=SUB.DOMAIN.COM
* start date: Oct 18 12:09:52 2019 GMT
* expire date: Jan 16 12:09:52 2020 GMT
* subjectAltName does not match localhost
* SSL: no alternative certificate subject name matches target host name 'localhost'
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):

Obviously the certificate will only work for https://sub.domain.com ...

And because of bitbucket.properties:

 server.require-ssl=true

You cannot use http://localhost:7990. And I don't want http connection to go through so I need this setting.

Also, moving this setting to an additional connector doesn't work, like so:

server.port=7991

server.additional-connector.1.port=7990

server.additional-connector.1.require-ssl=true

server.additional-connector.1.redirect-port=8443

server.additional-connector.2.port=8443

...

With this config, HTTP 7990 is not redirected to 8443 HTTPS, as it is in my current config. I was planning then to use 7991 for the backup script in localhost.

ANSWER:

So I simply changed bitbucket.properties to:

BITBUCKET_URL=https://SUB.DOMAIN.COM:8443

 

0 votes
Jeff Thomas Atlassian Team Jan 06, 2020

Just to confirm, when you say that you changed the URL to https://localhost:8443, did you do this in the bitbucket.diy-backup.vars.sh file by updating the BITBUCKET_URL?

What happens if you manually run the curl command (replacing the ******:****** with your username and password)?

curl -L -s -f -u ******:****** http://localhost:7990/mvc/maintenance/lock

Could you provide your $BITBUCKET_HOME/shared/bitbucket.properties (with any sensitive data removed)? Also, if you turn on Debug logging (Bitbucket Server Administration > Logging and profiling) and try again, you should see some entries in the logs ($BITBUCKET_HOME/log) which will help narrow down the problem. Searching for "POST /mvc/maintenance/lock" should lead you to the right entries. What do those logs say?

0 votes

I had the same issue, DIY backup script stopped working after using https,

Error Message:  lock_bitbucket][Bitbucket] ERROR: Unable to lock Bitbucket for maintenance. POST to 'https://BitbucketURL/mvc/maintenance/lock' returned ''

Solution: Try Changing Bitbucket_URL to http://localhost:7990 into  bitbucket.diy-backup.vars.sh

It worked for me. 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Bitbucket

Share your use cases: How do you use the Bitbucket-Jira integration? How does it help your team?

Hey everyone, over the past year, we've added several new features to how you can use Bitbucket and Jira together. We'd love to know how you'll are using the integration and how it's helping your tea...

45 views 0 1
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you