The script is not working anymore at the stage of CURL:
[common.sh:52 -> lock_bitbucket][bitbucket] DEBUG: Running curl -L -s -f -u ******:****** http://localhost:7990/mvc/maintenance/lock[common.sh:52 -> lock_bitbucket][bitbucket] ERROR: Unable to lock Bitbucket for maintenance. POST to 'http://localhost:7990/mvc/maintenance/lock' returned ''Stack trace:[/home/debian/atlassian-servers-tools/bitbucket/atlassian-bitbucket-diy-backup/common.sh:52 -> lock_bitbucket][/home/debian/atlassian-servers-tools/bitbucket/atlassian-bitbucket-diy-backup/bitbucket.diy-backup.sh:0 -> main]
It was working previously. I tried changing the variable in the appropriate file to https://localhost:8443 but it is the same. I suspect the problem is that now my instance is using HTTPS and somehow it broke the maintenance mode lock via CURL.
Can anyone help ? Thanks
See last code block for answer.
The problem is linked to HTTPS and curl. I get an error 503 with CURL.
I was able to see the problems with the verbose option of CURL:
* Rebuilt URL to: https://localhost:8443/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=SUB.DOMAIN.COM
* start date: Oct 18 12:09:52 2019 GMT
* expire date: Jan 16 12:09:52 2020 GMT
* subjectAltName does not match localhost
* SSL: no alternative certificate subject name matches target host name 'localhost'
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
Obviously the certificate will only work for https://sub.domain.com ...
And because of bitbucket.properties:
server.require-ssl=true
You cannot use http://localhost:7990. And I don't want http connection to go through so I need this setting.
Also, moving this setting to an additional connector doesn't work, like so:
server.port=7991
server.additional-connector.1.port=7990
server.additional-connector.1.require-ssl=true
server.additional-connector.1.redirect-port=8443
server.additional-connector.2.port=8443
...
With this config, HTTP 7990 is not redirected to 8443 HTTPS, as it is in my current config. I was planning then to use 7991 for the backup script in localhost.
ANSWER:
So I simply changed bitbucket.properties to:
BITBUCKET_URL=https://SUB.DOMAIN.COM:8443
I had the same issue, DIY backup script stopped working after using https,
Error Message: lock_bitbucket][Bitbucket] ERROR: Unable to lock Bitbucket for maintenance. POST to 'https://BitbucketURL/mvc/maintenance/lock' returned ''
Solution: Try Changing Bitbucket_URL to http://localhost:7990 into bitbucket.diy-backup.vars.sh
It worked for me.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Just to confirm, when you say that you changed the URL to https://localhost:8443, did you do this in the bitbucket.diy-backup.vars.sh file by updating the BITBUCKET_URL?
What happens if you manually run the curl command (replacing the ******:****** with your username and password)?
curl -L -s -f -u ******:****** http://localhost:7990/mvc/maintenance/lock
Could you provide your $BITBUCKET_HOME/shared/bitbucket.properties (with any sensitive data removed)? Also, if you turn on Debug logging (Bitbucket Server Administration > Logging and profiling) and try again, you should see some entries in the logs ($BITBUCKET_HOME/log) which will help narrow down the problem. Searching for "POST /mvc/maintenance/lock" should lead you to the right entries. What do those logs say?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.