data-center: how to enable collaborative editing with internal synchrony-proxy?

Hello

I want to enable collaborative editing in Confluence with internal synchrony-proxy behind a reverse proxy.

What I did:

in setenv.sh:

CATALINA_OPTS="-Dsynchrony.enable.xhr.fallback=true ${CATALINA_OPTS}"
CATALINA_OPTS="-Dsynchrony.host=<internal ip> ${CATALINA_OPTS}"
CATALINA_OPTS="-Dsynchrony.service.url=http://<internal ip>:8091/synchrony/v1 ${CATALINA_OPTS}"
CATALINA_OPTS="-Dsynchrony.proxy.enabled=true ${CATALINA_OPTS}"

 

in confluence.cfg.xml:

<property name="synchrony.proxy.enabled">true</property>

 

I'm not sure wich one is the right place because of https://jira.atlassian.com/browse/CONFSERVER-45728

It says, that it is already fixed, but i'm not sure, if it is really working.
Although, http://<internal ip>:8090/synchrony-proxy/healthcheck gives me a output.

 

synchrony is started with these options (only the relevant as far as I understand, if I'm missing some relevant, just tell me):

-Dsynchrony.bind=<internal ip> -Dsynchrony.service.url=https://<external name>/synchrony-proxy

 

What I'm unsure about is the context path in the synchrony.service.url that is given to synchrony. should it be /synchrony or /synchrony-proxy?

 

It's not working in both cases.
In the latter case, the collaborative editing page in confluence takes very long to load, and also for switching CE on. but editing at all is not working, there is this spinner icon forever. In synchrony log, nothing appears.

When using /synchrony, I see this message in synchrony log as soon as i switch on CE: synchrony.http [warn] Secret request made from outside IP whitelist

I'm not sure what this means, and if it is relevant at all, cause it's only a warning. Editing at all is not possible in this case. Also spinner forever

I've checked already https://confluence.atlassian.com/doc/troubleshooting-collaborative-editing-858772087.html, and all that is mentioned there is fine.
I guess I have just some misconfiguration, I can't see. Can anyone help me with that?

1 answer

It`s not clear what reverse proxy you are using. Apache, Nginx?

Have a look at https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-apache-http-server-mod_proxy_http-806032611.html

 

There is no need for changes to CATALINA_OPTS or confluence.cfg.xml. 

To my understanding when not using the reverse proxy (like apache or nginx) the Atlassian /synchrony-proxy is what kicks in an proxies synchrony for you.

Oh, and you`ll need to scroll down to:

"If you're using Confluence 6.0 or..."

Thx for your answer, Lars.

The problem is not about setting up reverse proxy, as this is already done and working. What I want is to set up synchrony with synchrony-proxy in confluence behind a reverse proxy as shown here: https://confluence.atlassian.com/doc/administering-collaborative-editing-858772086.html#AdministeringCollaborativeEditing-ProxyandSSLconsiderationsproxy in section 'With a reverse proxy'

What i'm unsure about is the synchrony service url passed on synchrony startup. The rest of the settings are fine, I think, as confluence itself reports, that it is able to talk to synchrony.

If you are using a reverse proxy, why don´t you want that proxy to also handle the upgrade the upgrade of the connection to websocket?

It`s only a few lines in your apache or nxinx config.

Here is mine for apache:

<Location /synchrony>
Require all granted
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule .* ws://localhost:8091%{REQUEST_URI} [P]
</Location>

I had the wrong idea, that this would require me to open another pport on firewall. But after reading again I don't need this, as far as I understand. I will give it a try.

No, you will not have to make any changes to the firewall.

You simply make your existing reverse proxy also a proxy to the synchrony service.

If you were able to figure it out, please mark the question as solved.

 

-Lars

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Kesha Thillainayagam
Posted Apr 13, 2018 in Confluence

We want to hear how your non-technical teams are using Confluence!

Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...

355 views 20 10
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you