Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

data-center: how to enable collaborative editing with internal synchrony-proxy?

Christian Schneider
Christian Schneider October 10, 2017

Hello

I want to enable collaborative editing in Confluence with internal synchrony-proxy behind a reverse proxy.

What I did:

in setenv.sh:

CATALINA_OPTS="-Dsynchrony.enable.xhr.fallback=true ${CATALINA_OPTS}"
CATALINA_OPTS="-Dsynchrony.host=<internal ip> ${CATALINA_OPTS}"
CATALINA_OPTS="-Dsynchrony.service.url=http://<internal ip>:8091/synchrony/v1 ${CATALINA_OPTS}"
CATALINA_OPTS="-Dsynchrony.proxy.enabled=true ${CATALINA_OPTS}"

 

in confluence.cfg.xml:

<property name="synchrony.proxy.enabled">true</property>

 

I'm not sure wich one is the right place because of https://jira.atlassian.com/browse/CONFSERVER-45728

It says, that it is already fixed, but i'm not sure, if it is really working.
Although, http://<internal ip>:8090/synchrony-proxy/healthcheck gives me a output.

 

synchrony is started with these options (only the relevant as far as I understand, if I'm missing some relevant, just tell me):

-Dsynchrony.bind=<internal ip> -Dsynchrony.service.url=https://<external name>/synchrony-proxy

 

What I'm unsure about is the context path in the synchrony.service.url that is given to synchrony. should it be /synchrony or /synchrony-proxy?

 

It's not working in both cases.
In the latter case, the collaborative editing page in confluence takes very long to load, and also for switching CE on. but editing at all is not working, there is this spinner icon forever. In synchrony log, nothing appears.

When using /synchrony, I see this message in synchrony log as soon as i switch on CE: synchrony.http [warn] Secret request made from outside IP whitelist

I'm not sure what this means, and if it is relevant at all, cause it's only a warning. Editing at all is not possible in this case. Also spinner forever

I've checked already https://confluence.atlassian.com/doc/troubleshooting-collaborative-editing-858772087.html, and all that is mentioned there is fine.
I guess I have just some misconfiguration, I can't see. Can anyone help me with that?

Answer
Watch
Like Be the first to like this
1073 views

1 answer

0 votes
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 10, 2017

It`s not clear what reverse proxy you are using. Apache, Nginx?

Have a look at https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-apache-http-server-mod_proxy_http-806032611.html

 

There is no need for changes to CATALINA_OPTS or confluence.cfg.xml. 

To my understanding when not using the reverse proxy (like apache or nginx) the Atlassian /synchrony-proxy is what kicks in an proxies synchrony for you.

View More Comments
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 10, 2017

Oh, and you`ll need to scroll down to:

"If you're using Confluence 6.0 or..."

Like
Christian Schneider
Christian Schneider October 11, 2017

Thx for your answer, Lars.

The problem is not about setting up reverse proxy, as this is already done and working. What I want is to set up synchrony with synchrony-proxy in confluence behind a reverse proxy as shown here: https://confluence.atlassian.com/doc/administering-collaborative-editing-858772086.html#AdministeringCollaborativeEditing-ProxyandSSLconsiderationsproxy in section 'With a reverse proxy'

What i'm unsure about is the synchrony service url passed on synchrony startup. The rest of the settings are fine, I think, as confluence itself reports, that it is able to talk to synchrony.

Like
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 11, 2017

If you are using a reverse proxy, why don´t you want that proxy to also handle the upgrade the upgrade of the connection to websocket?

It`s only a few lines in your apache or nxinx config.

Here is mine for apache:

<Location /synchrony>
Require all granted
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule .* ws://localhost:8091%{REQUEST_URI} [P]
</Location>

Like
Christian Schneider
Christian Schneider October 12, 2017

I had the wrong idea, that this would require me to open another pport on firewall. But after reading again I don't need this, as far as I understand. I will give it a try.

Like
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 12, 2017

No, you will not have to make any changes to the firewall.

You simply make your existing reverse proxy also a proxy to the synchrony service.

If you were able to figure it out, please mark the question as solved.

 

-Lars

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events